Sign In with your
Trend Micro Account
Need Help?
Need More Help?

Create a technical support case if you need further support.

"Failed to complete this operation" appears when remotely installing the ServerProtect Normal Server

    • Updated:
    • 21 Sep 2016
    • Product/Version:
    • ServerProtect for Microsoft Windows/Novell Netware 5.8
    • ServerProtect for Storage 6.0
    • Platform:
    • Windows 2003 Enterprise
    • Windows 2003 Standard
    • Windows 2008 Enterprise
    • Windows 2008 Standard
Summary

When trying to remotely install the ServerProtect Normal Server to a Windows host, the following error message may appear:

"Error: Failed to complete this operation.
Target server: <servername> (538051622)"

Failed to complete this operation

Here are the additional information for this scenario:

  • The ServerProtect Information Server (IS) is on Windows 2008 R2 x64 and is a member of a domain.
  • The target ServerProtect Normal Server (NS) is on Windows 2003 x64 and is not a member of a domain.
  • The target ServerProtect NS is located in a DMZ.
  • The necessary ports have been confirmed to be set in the firewall. The ports are stated in this Knowledge Base article:

    Things to check when the ServerProtect for NT (SPNT) 5.x Information Server (IS) is unable to update the remote Normal Servers (NS)

  • The ServerProtect NS is successfully installed, but cannot be added from the management console. The error message, "No response from the server [servername]", appears.
  • Running a packet capture trace indicates a binding for NTLMSSP_AUTH from IS to NS with the value domain\servername$.
Details
Public

This issue happens due to the changes in Windows 2008 R2, which affect the RPC binding between the SPNT Normal Server and Information Server. These are the changes in the NTLM Authentication regarding session security and the NTLM fallback for System Services.

Since this issue has been isolated to happen only on Windows 2008 R2, this will not occur when the Information Server is hosted on a Windows 2003 or 2008 server.

You can refer to this article for additional information about this topic:

Changes for Identity and Authentication in Windows Server 2008 R2

To resolve this issue, please do the following:

  1. Go to Control Panel > Administrative Tools > Local Security Policy .
  2. Under Local Policies, go to Security Options .
  3. Change the following settings:
    • Network Security: Allow "Local system" to use "Computer identity" for NTLM. Set this value to "DISABLED".
    • Network Security: LAN Manager authentication level - Set this value to "Send LM & NTLM". Use NTLMv2 session if needed.
    • Network Security: Minimum session security for NTLM SSP-based (including secure RPC) clients. Disable "Require 128-bit encryption" if it is enabled. If the configuration is "No minimum", then do not change this setting.
    • Network Security: Minimum session security for NTLM SSP based (including secure RPC) servers. Disable "Require 128-bit encryption" if it is enabled. If the configuration is "No minimum", then do not change this setting.
    • Network access: Let the "Everyone" permission apply to "anonymous users". Set this value to "ENABLED".

After completing the changes on the ServerProtect IS hosted on a Windows 2008 R2 server, the following functionalities will work:

  • Installation for a new ServerProtect Normal Server from the management console
  • Addition of an existing ServerProtect Normal Server from the management console
  • Deployment of product update/upgrades from the management console

If the above steps did not resolve the issue, then do the following:

  1. Download and run the CDT utility on the Information Server.
  2. Collect the following logs:
    • CDT logs
    • ServerProtect Basic Log
    • Communication Issue
  3. Send the logs to Trend Micro Technical Support or contact your Technical Account Manager (TAM) for further analysis.
Premium
Internal
Rating:
Category:
Troubleshoot; Deploy; Install
Solution Id:
1059245
Feedback
Did this article help you?

Thank you for your feedback!

To help us improve the quality of this article, please leave your email here so we can clarify further your feedback, if neccessary:
We will not send you spam or share your email address.

*This form is automated system. General questions, technical, sales, and product-related issues submitted through this form will not be answered.

If you need additional help, you may try to contact the support team. Contact Support


To help us improve the quality of this article, please leave your email here so we can clarify further your feedback, if neccessary:
We will not send you spam or share your email address.

*This form is automated system. General questions, technical, sales, and product-related issues submitted through this form will not be answered.


Need More Help?

Create a technical support case if you need further support.