KBI 311949 Issue Addressed: Account Lockout Happens After Connectivity Test
Version
Argent Advanced Technology 5.1A-2107-C and Earlier
Date
Tuesday, 28 Sep 2021
Summary
When user does connectivity test for a licensed Windows machine in License Manager, the test result indicates failure to open event logs such as ‘System’, ‘Security’, ‘Application’, etc.
If there is account lockout policy in effect, user might find his account is locked out if test is done interactively; or service account is locked out if test is done through engine.
Technical Background
The issue only happened recently. It was caused Microsoft security only update KB5003694 rolled out at 8 June 2021.
Connectivity Test in Argent AT uses legacy Win32 API ‘OpenEventLog’ to test if event log is accessible.
It is a known issue that the API fails if only one side of engine and target machine has the KB applied.
For more detail see Microsoft document June 8, 2021?KB5003694 (Security-only update)
When KB updated engine tries to access the target machine that has not been updated, the legacy Win32 API would fail.
The effect is similar to a logon failure. When the failure count reaches the threshold, the used account gets locked out.
Argent AT 5.1A-2110-A has been enhanced to address the issue. Argent AT use modern Windows Event Log API to test the event log accessibility if target machine is Windows 2008 R2 or later.
Resolution
Upgrade to Argent AT 5.1A-2110-A or later.
Alternatively, customer can apply update KB5003694 to all licensed Windows machines so that legacy Event Logging API can continue to work.