Share via

Effective Access check fails with error about Netlogon Service Authz

MD5Hash 161 Reputation points
2020-07-29T17:38:55.023+00:00

Background: from a file's properties menu, I'm on the Security -> advanced window, and on the "Effective Access" tab. I want to check to see if a user has any sort of existing access to this file. I'm doing the check while logged in as the domain admin, to a domain controller. I'm connecting to a network drive share on a different file server. Whatever use I try to run the check for, I get the following error - "The RPC Server is unavailable. Please enable the Netlogon Service Authz (RPC) firewall rule on the target server and try again."

14421-effective-access-error.png

I noted that on my domain controller GPO for firewalls, I had not enabled this rule inbound. So I turned it on, and refreshed GP on the domain controllers. The error continues when I try to check for effective access.

So, what is the "target server" that the message is telling me about? Do I need to make the change on the file server nodes that contain the file? A quick search finds almost no information on this.

Windows for business Windows Server Storage high availability Other

3 answers

Sort by: Most helpful
Most helpful Newest Oldest
  1. Anonymous
    2020-07-30T09:16:16.8+00:00

    Hi md5hash,

    Thank you for your question.

    As per my understanding, you tried to view effective access of a file shared on your remote file server from your domain controller as domain admin. Please correct me if there’s any misunderstanding.

    I did some tests on my servers and I could view effective access of a remote shared file as domain admin. Could you help to log on your file server and check if you could open the effective access locally?

    As the error message indicated, you could open Windows Firewall with Advanced Security on your remote server and enable the firewall rule “Netlogon Service Authz (RPC)” on your file server. You could also try to temporarily disable the firewall if the error is still the same.

    14566-2020-07-30-154606.png
    To fix the error RPC server is unavailable, you may refer to the article below
    https://social.technet.microsoft.com/wiki/contents/articles/4494.windows-server-troubleshooting-rpc-server-is-unavailable.aspx

    Best Regards,
    Ian

    ----------

    Please remember to "Accept Answer" if the reply is helpful.

    1 person found this answer helpful.
    0 comments
  2. MD5Hash 161 Reputation points
    2020-07-30T14:49:09.1+00:00

    Yes, opening that built-in firewall rule on our file server cluster nodes has definitely improved things. I can now see some Effective Access results. Get a new error, "The share security information is unavailable and was not evaluated for effective access" now when I browse via mapped drive letter, but I don't get that error when I go to the same location via UNC path. Similar to what's being described here.

    Any ideas as to what can cause that error?

  3. Anonymous
    2020-07-31T08:39:37.963+00:00

    Hi md5hash,

    I reproduced this issue via a mapped drive on my Windows Server 2019. This could be caused by the missing of the share security descriptor when a remote call is made to evaluate the effective access.

    But unfortunatelly there seems to be no software update solution to it yet. So, in order to avoid this problem, you need to make sure you access the server location through an UNC path.

    Best Regards,
    Ian

    Please remember to "Accept Answer" and upvote if the reply is helpful.

    0 comments

Your answer

Answers can be marked as Accepted Answers by the question author, which helps users to know the answer solved the author's problem.