Forwarded Events and 2008 DCs

Discussion in 'Security Software' started by Don, May 7, 2009.

  1. Don

    Don Guest

    One of the steps involved in configuring a server to forward events is this:

    "4. Add the computer account of the collector computer to the local
    Administrators group on each of the source computers."

    However this is not possible on the DCs.

    I am not 100% sure if this is related but I am able to collect the events from
    any 2008 servers but the DC where I get the following error message:

    Error - Last retry time: 5/7/2009 5:00:51 PM.
    Code (0x3AED):
    <f:providerFault provider="Event collector plugin for Windows Remote
    Management "
    path="%systemroot%\system32\wevtfwd.dll"xmlns:f="http://schemas.microsoft.com/wbem/wsman/1/wsmanfault">

    <t:providerError
    xmlns:t="http://schemas.microsoft.com/wbem/wsman/1/windows/EventLog">

    Windows Event Forward Plugin failed to create subscription.

    </t:providerError>
    </f:providerFault>

    Next retry time: 5/7/2009 6:00:51 PM.

    How can I solve this?

    TIA,

    Don
     
    Don, May 7, 2009
    #1
    1. Advertisements

  2. Don

    JimmiG

    Joined:
    Mar 17, 2011
    Messages:
    1
    Likes Received:
    0
    Found this thread via Google. Trying to do the same thing and getting the same error. The actual error message doesn't even appear to be properly formatted...?
     
    JimmiG, Mar 17, 2011
    #2
    1. Advertisements

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments (here). After that, you can post your question and our members will help you out.