Bug Fixes and Miscellaneous Updates
New builds of the Netwrix Threat Prevention agent (7.5.0.236 and 7.4.0.250) have been released to address an issue affecting DCSync blocking policies.
Summary
A bug affecting host filtering in DCSync blocking policies was introduced in agent builds released on or after August 13 (part of the August SUVP update). This issue could potentially interfere with Active Directory replication, especially in environments with blocking policies enabled. As a result, environments relying on these policies to prevent unauthorized replication attempts may experience Active Directory replication issues.
Recommended Action
- Update agents to version 7.5.0.236 or 7.4.0.250 as soon as possible.
- If updates cannot be applied immediately, we recommend disabling DCSync blocking policies temporarily to avoid replication disruption.
- DCSync monitoring policies are not impacted and can remain enabled.
Issues Resolved
- 401764: Multiple domain controllers experiencing replication issues after installing the September patch and latest DLL
- 401934: Active Directory replication shared memory IPC overflow alerts
Need help with this update?
There are many different ways to get help with our products!
| Situation | Action |
|---|---|
| If you feel the product is broken and not working as intended… | Contact Support |
| If you have a question you’d like to ask other experts… | Create a discussion in the community: Threat Prevention > Discussions & Questions |
| If you have a feature request… | Let our product team know directly: Threat Prevention > Ideas |
| If you have something cool to show… | Show everyone what you built: Threat Prevention > Show & Tell |
What are your thoughts?
We are always happy to hear from our users on what you like, and what you hope to see in the future. Please, share your thoughts below!