Submit a ticketCall us

Don’t fall victim to a ransomware attack
Backups are helpful, but sometimes that’s not enough to protect your business against ransomware. At our live webcast we will discuss how to protect against ransomware attacks with SolarWinds® Patch Manager and how to leverage log data to detect ransomware. Register now for our live webcast.

Home > Success Center > Patch Manager > Patch Manager 2.1.5 Administrator Guide > Installing Patch Manager > Failed to Send Partitioned task to management server after server hardening

Failed to Send Partitioned task to management server after server hardening

Updated

Overview

Failed to Send Partitioned task to management server

Environment

  • PM 1.5 +

 

Cause 

Customer has disabled schannel to harden the security on the server.

 

The registry settings are known to cause this and need to be set back to defualt

 

RegPath "HKLM:\System\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Protocols\TLS 1.2\Server" -RegType DWORD -RegName "Enabled" -RegValue "4294967295"

RegPath "HKLM:\System\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Protocols\TLS 1.2\Server" -RegType DWORD -RegName "DisabledByDefault" -RegValue "0"

RegPath "HKLM:\System\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Protocols\TLS 1.2\Client" -RegType DWORD -RegName "Enabled" -RegValue "4294967295"

RegPath "HKLM:\System\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Protocols\TLS 1.2\Client" -RegType DWORD -RegName "DisabledByDefault" -RegValue "0"

 

Resolution

  1. Set the following back to default

 

RegPath "HKLM:\System\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Protocols\TLS 1.2\Server" -RegType DWORD -RegName "Enabled" -RegValue "4294967295"

RegPath "HKLM:\System\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Protocols\TLS 1.2\Server" -RegType DWORD -RegName "DisabledByDefault" -RegValue "0"

RegPath "HKLM:\System\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Protocols\TLS 1.2\Client" -RegType DWORD -RegName "Enabled" -RegValue "4294967295"

RegPath "HKLM:\System\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Protocols\TLS 1.2\Client" -RegType DWORD -RegName "DisabledByDefault" -RegValue "0"

*note those are the hardened settings. It is entirely possible these keys do not exist on a default. Check it against a known working widows server.

 

 

 

 

 

Last modified
13:36, 9 Mar 2017

Tags

This page has no custom tags.

Classifications

Internal Use Only