Error: 'VSS timeout' received in reports run against the Windows agent. Reports take hours to comple (NETIQKB42540)

  • 7742540
  • 02-Feb-2007
  • 08-Dec-2007


NetIQ Vulnerability Manager Agent for Windows 5.0

NetIQ Vulnerability Manager 5.0

Error: 'VSS timeout' 

 Reports take hours to complete or never appear to complete at all. 

Upgraded to version 5.0 of the NetIQ Vulnerability Manager Agent for Windows. 


The 5.0 Version of the Windows Agent uses a new Caching feature that affects domain user accounts in a group.  When a report is run against a Windows Machine endpoint and there are domain user accounts within the local group that is queried, the Windows Agent will perform the following actions:

  • Query the Domain Controller for domain user information
  • Register with the Domain Controller to get updates on user accounts.

This causes performance issues for workstation reports when multiple agents are queried, because each agent will have to contact the Domain Controller. 


The following reports will be affected by this Caching Feature:

  • Users who can shut down System
  • Users who can take ownership of a file
  • Powerful Users
  • Powerful Groups
  • Group Membership Summary
  • Users in a group Report
  • Groups User is a Member of
  • Group Rights Analysis
  • Users who are privileged Operators
  • Accounts that can manage audit and security logs
  • Accounts that can take ownership
  • Accounts that can shut down system
  • Accounts that can generate security audits
  • Accounts that can back up files and directories

This issue will be resolved in Service Pack 1 for Version 5.0 of NetIQ Vulnerability Manager.

Additional Information

Formerly known as NETIQKB42540