Submit a ticketCall us

Solarwinds & Cisco Live! Barcelona
Join us from the 29th of January to the 2nd of February at Cisco Live 2018 in Barcelona, where we will continue to show how monitoring the network with SolarWinds will keep you ahead of the game. At our booth (WEP 1A), we will demonstrate how SolarWinds network solutions can help. As a bonus, we are also hosting a pre-event webinar - Blame the Network, Hybrid IT Edition with our SolarWinds Head Geek™, Patrick Hubbard on January 24th - GMT (UTC+0): 10:00 a.m. to 11:00 a.m. There's still time to RSVP.

Home > Success Center > Patch Manager > Request for principal permission failed

Request for principal permission failed

Created by Leif Amland, last modified by Abdul.Aziz on Jan 09, 2018

Views: 1,241 Votes: 1 Revisions: 9

Overview

This article describes the issue when you receive the following error:

Unable to connect to the WSUS Server using the account: domain\admin. Request for principal permission failed.

 

 

Environment

Patch Manager version 2.x

Cause 

  • This issue occurs because the FQDN and Canonical Name are not filled out completely for the WSUS server.  
  • It can also occur if the service account for Patch Manager doesn't have sufficient access to the WSUS server.

Resolution

Solution 1:

  1. Select and highlight Update Services.
  2. Choose your WSUS server and select Configure WSUS Server.
  3. Fill in the Hostname/FQDN box as well as the Canonical Name. You can use an IP address for the Cannonical name just use the format \111.11.111.111.
  4. Test the connection.

 

Solution 2:  Elevate the service account (ewdgssvc-xxxx)

1. Go to Local Users and Groups

2. Go to ewdgssvc-xxxx and join in WSUS Administrator and Administrator Group

3. Save and Restart the EminentWare Data Grid Service

 

Solution 3:

If the above steps have not resolved the issue, check the logs on the WSUS server to verify connectivity:

  1. Open Event Viewer on the WSUS server.
  2. Expand Windows Logs.
  3. Select Application.
  4. Search the recent events for any Error events related to WSUS.
  5. The service account that Patch Manager is using may be getting a logon failure or access denied.
  6. Add the Patch Manager Service Account to the WSUS Administrators group on the WSUS server.

Note:  If this is an Automation Server you may also need to add the local account created during the installation of the Automation Server role.

 

Solution 4:

If all above fails, repair the Primary and Automation Server in Question.

 

 

Last modified

Tags

Classifications

Public