Patch Version 10.7.13850 Released

Bug Fixes and Miscellaneous Updates

Description Case # Escalation #
Netwrix Auditor for VMware: Failed to process certain objects during State in Time collection. 429223 367490
Netwrix Auditor for Azure AD: Fixed high memory consumption issue. 440700, 442895 380595
Netwrix Auditor for Access Reviews: Unexpected memory consumption during file server data processing. 441364 381831
Netwrix Auditor for Inactive Users: Access Denied error when attempting to save a plan. 443519 384657
Alerts do not adjust to Daylight Saving Time (DST) changes. 381815

Need help with this update?

There are many different ways to get help with our products!

Situation Action
If you feel the product is broken and not working as intended… Contact Support
If you have a question you’d like to ask other experts… Create a discussion in the community: Auditor > Discussions & Questions
If you have a feature request… Let our product team know directly: Auditor > Ideas
If you have something cool to show… Show everyone what you built: Auditor > Show & Tell

What are your thoughts?

We are always happy to hear from our users on what you like, and what you hope to see in the future. Please, share your thoughts below!

3 Likes

Thanks – we weill upgrade shortly

1 Like

Any update on release to resolve dependency on NTLM?

1 Like

If you are receiving failed logons due to Netwrix using NTLM to communicate to newer servers or domain controllers you can fix this. Here are the steps Netwrix support gave me.
This change only needs to be done on the Netwrix server

  1. Edit this GPO. Browse to → Computer Configuration\Windows Settings\Security Settings\Local Policies\Security Options
  2. Change this setting → Network Security: Restrict NTLM: Outgoing NTLM traffic to remote server → to → Deny All
    This fixed my issue. I have not seen any negative effects from making this change. Hope this helps.
1 Like

Thanks, I’ll give that a try

The GPO update did not work, thank you for the suggestion.
For us the issue is the database sits on different server. The reporting functionality in Netwrix still relies on NTLM. It still gathers data and logs, but we can’t view the reports.

I was looking at our settings. Keep in mind any of these changes require a machine reboot to take effect. We do store the Netwrix database on the same server as Netwrix, so some or all of this might not help, but it may make it at least more secure.
Computer configuration:
Network Security:

  1. Network security: LAN Manager authentication level ->Send NTLMv2 response only. Refuse LM & NTLM
  2. Network security: Minimum session security for NTLM SSP based (including secure RPC) clients Enabled
    Require NTLMv2 session security Enabled
    Require 128-bit encryption Enabled

Hope this helps.

1 Like

We have to disable NTLM in our industry. Thank you anyway.

Hello Daniel

Is there a special process for the upgrade?

Thank you

Hi John,

If I may, I’ll answer this one. My name is Nate, and I am one of the Tier 2 Engineers supporting Netwrix Auditor.

The process for upgrading is outlined here: Upgrade to the Latest Version
It covers a number of preliminary best-practice steps to back up Auditor’s data and its audit databases out of an abundance of caution. The actual upgrade process involves running the installer and following the Wizard.

If you would like assistance or have any problems, please feel free to open a ticket with Support. We would be happy to help you.

1 Like