Tips for finding Knowledge Articles

  • - Enter just a few key words related to your question or problem
  • - Add Key words to refine your search as necessary
  • - Do not use punctuation
  • - Search is not case sensitive
  • - Avoid non-descriptive filler words like "how", "the", "what", etc.
  • - If you do not find what you are looking for the first time,reduce the number of key words you enter and try searching again.
  • - Minimum supported Internet Explorer version is IE9
Home  >
article

KB-1960: Unable to start Collector on Windows machine when User Access Control is on

Centrify DirectAudit ,  

12 April,16 at 11:45 AM

Applies to: Centrify DirectAudit 1.3.0 and above

 

Problem:

 

On a UNIX client, executing dainfo shows:  "Host: test.da.com Port 5063 - Error: error while sending wrapped data: Connection refused".

On Windows, running netstat -an shows:  port 5063 is not open or listening and telnet to port 5063 shows connection refused.

When choosing a database in the Collector Configuration the following error message is displayed:

Unable to stop service: Cannot open cda.collector.service service on computer '.'.


User-added image

 

Cause:

 

These problems are due to User Access Control (UAC) setting being on. This puts the Centrify DirectAudit Collector service in starting state. 

 

Resolution:

 

There are several ways to get around this:

 

1.  Run the Collector Configuration as Administrator.  Go to Centrify DirectAudit folder, Collector Configuration, do a right click and select Run As Administrator. Centrify DirectAudit Collector can now be configured. Then go to Services and restart the Centrify DirectAudit Collector.


Or
 

2.  Turn off User Access Control in Windows -> Control Panel -> User Accounts -> User Accounts. 

 

Or

 

3.  One can also use Group Policy to turn off UAC by following these steps:

 

• Run gpmc.msc to run Group Policy Management Console.

• Navigate to the following tree branch:  Computer Configuration -> Windows Settings -> Security Settings -> Local Policies -> Security Options

In GPMC, browse to the required GPO which is linked to the domain or OU where the policy wants to apply.

• Locate the following policy in the right pane: User Account Control: Behavior of the elevation prompt for administrators in Admin Approval Mode

Set its value to Elevate without prompt.

• Locate the following policy in the right pane:
User Account Control: Detect application installations and prompt for elevation
Set its value to Disabled.

• Locate the following policy in the right pane:
User Account Control: Run all administrators in Admin Approval Mode
Set its value to Disabled.

• Locate the following policy in the right pane:
User Account Control: Only elevate UIAccess applications that are installed in secure locations
Set its value to Disabled.

• Restart the computer when done.

Still have questions? Click here to log a technical support case, or collaborate with your peers in Centrify's Online Community.