-
Bug
-
Resolution: Won't Fix
-
Critical
-
None
-
jenkins controller: 2.319.2 on centos7, adoptium jdk-11.0.13+8, Windows Agents v1.8 plugin
jenkins build node: Windows 10 Enterprise, 10.0.19042 Build 19042, includes updates through 2022-01-13
- A connection attempt to windows build node generates the following EventViewer system log message on the build node:
- source: DistributedCOM
- Event ID: 10036
- Level: Error
The server-side authentication level policy does not allow the user ***** from address ***** to activate DCOM server. Please raise the activation authentication level at least to RPC_C_AUTHN_LEVEL_PKT_INTEGRITY in client application.
- The Troubleshooting WMI Windows Agents page at https://github.com/jenkinsci/windows-slaves-plugin/blob/master/docs/troubleshooting.adoc was reviewed for possible causes without success.
- The log message is described in the following security update: KB5004442—Manage changes for Windows DCOM Server Security Feature Bypass (CVE-2021-26414) (https://support.microsoft.com/en-us/topic/kb5004442-manage-changes-for-windows-dcom-server-security-feature-bypass-cve-2021-26414-f1400b52-c141-43d2-941e-37ed901c769c)
- Editing the registry setting as described in KB5004442 followed by a reboot of the build node had no effect. The system log message is still generated.
- NOTE that the Timeline section in KB5004442 show that the bypass will no longer be an option after March 2023:
June 8, 2021 Hardening changes disabled by default but with the ability to enable them using a registry key. June 14, 2022 Hardening changes enabled by default but with the ability to disable them using a registry key. March 14, 2023 Hardening changes enabled by default with no ability to disable them. By this point, you must resolve any compatibility issues with the hardening changes and applications in your environment.
- relates to
-
JENKINS-70301
Resolve implied dependencies on WMI Windows Agent plugin
-
- Closed
-