Submit a ticketCall us

Looking to compare latest NPM features with previous versions of NPM?
The NPM new feature summary offers a comparison of new features and improvements offered with this release.


Home > Success Center > Patch Manager > Request for principal permission failed

Request for principal permission failed

Created by Leif Amland, last modified by Justin Rouviere on Apr 10, 2017

Views: 93 Votes: 1 Revisions: 8


This article describes the issue when you receive the following error:

Unable to connect to the WSUS Server using the account: domain\admin. Request for principal permission failed.




Patch Manager version



This issue occurs because the FQDN and Canonical Name are not filled out completely for the WSUS server.  It can also occur if the service account for Patch Manager doesn't have sufficient access to the WSUS server.



  1. Select and highlight Update Services.
  2. Choose your WSUS server and select Configure WSUS Server.
  3. Fill in the Hostname/FQDN box as well as the Canonical Name. You can use an IP address for the Cannonical name just use the format \
  4. Test the connection.


2nd Option: Elevate the service account (ewdgssvc-xxxx)

1. Go to Local Users and Groups

2. Go to ewdgssvc-xxxx and join in WSUS Administrator and Administrator Group

3. Save and Restart the EminentWare Data Grid Service


If the above steps have not resolved the issue, check the logs on the WSUS server to verify connectivity:

  1. Open Event Viewer on the WSUS server.
  2. Expand Windows Logs.
  3. Select Application.
  4. Search the recent events for any Error events related to WSUS.
  5. The service account that Patch Manager is using may be getting a logon failure or access denied.
  6. Add the Patch Manager Service Account to the WSUS Administrators group on the WSUS server.

Note:  If this is an Automation Server you may also need to add the local account created during the installation of the Automation Server role.



Last modified
14:27, 10 Apr 2017