This post is more than 5 years old
1 Rookie
•
89 Posts
0
817
April 15th, 2015 06:00
Microsoft Security Update MS15-027
So, i applied the 7.1.1.2 patch-145050 on our test cluster prior to installing the MS MS15-027 security update to our authentication servers.
I'm not that familiar with how NTLM works but i noticed that if I am on the same vlan as the isilon cluster access zone, i can access via dns name and fqdn of the smartconnect name. If I am on a different vlan, I receive an 'access denied' error.
I have read the article on this link Security Watch: The Most Misunderstood Windows Security Setting of All Time and this sentence gives some reasoning 'Routing and Remote Access Services will fail if the RRAS server or the domain controller is running with LMCompatibilityLevel 5.'
Should I expect this type of behavior, where only clients on the same vlan will be able to access but those that are routing to the smartconnect name will have 'access denied' behavior until we apply MS15-027?
thanks.
Jim
0 events found
Tom_Chapman
11 Posts
1
April 30th, 2015 07:00
That sounds like a reasonable expectation, Jim, though I’m not the best one to answer that question. I’d like to point out, however, that Patch-145050 is designed to be applied after you apply MS15-027. Otherwise, Patch-145050 may not work as intended.
And even better: A new patch that more fully addresses this issue for 7.1.1.2 was released on Tuesday: Patch-146974. Apply Patch-146974 instead, and compare your results. Note that Patch-146974 can be applied anytime, either before or after applying MS15-027, and to environments that don’t require MS15-027 at all.
For full details about this new patch, see article 196928 on the EMC Online Support site.
Let us know how it goes.
Regards,
tom