Version

Argent Advanced Technology 5.1A-1807-A and below

Date

Monday, 17 September 2018

Summary

When scanning Windows 2016 Cluster with Failover Cluster WMI Provider, user can get following error message:

New option ‘Require Encryption’ has been added to the scanning option

It is checked by default when method ‘Use Failover Cluster WMI Provider’ is used

When this option is used, Windows 2016 Cluster scanning would be successful

The issue has been addressed in Argent Advanced Technology 5.1A-1810-A

Technical Background

When Argent Advanced Technology Engine connects WMI service at Cluster nodes, it must negotiate an acceptable authentication level

Due to changes in Windows 2016 Cluster, this requires authentication level to be pktPrivacy

According to Microsoft document, it means Authenticates all previous impersonation levels and signs and encrypts each data packet

This ensures that all communication between the client and the server is confidential

As a result, Argent Advanced Technology Engine could not communicate with default authentication level

The new option ‘Require Encryption’ allows setting the security parameters appropriately

Resolution

Upgrade to Argent Advanced Technology 5.1A-1810-A or above