Resolution
fact
NetIQ Vulnerability Manager Agent for Windows 5.0
fact
NetIQ Vulnerability Manager 5.0
symptom
Error: 'VSS timeout'
symptom
Reports take hours to complete or never appear to complete at all.
change
Upgraded to version 5.0 of the NetIQ Vulnerability Manager Agent for Windows.
cause
fix
NetIQ Vulnerability Manager Agent for Windows 5.0
fact
NetIQ Vulnerability Manager 5.0
symptom
Error: 'VSS timeout'
symptom
Reports take hours to complete or never appear to complete at all.
change
Upgraded to version 5.0 of the NetIQ Vulnerability Manager Agent for Windows.
cause
The 5.0 Version of the Windows Agent uses a new Caching feature that affects domain user accounts in a group. When a report is run against a Windows Machine endpoint and there are domain user accounts within the local group that is queried, the Windows Agent will perform the following actions:
- Query the Domain Controller for domain user information
- Register with the Domain Controller to get updates on user accounts.
This causes performance issues for workstation reports when multiple agents are queried, because each agent will have to contact the Domain Controller.
fix
The following reports will be affected by this Caching Feature:
- Users who can shut down System
- Users who can take ownership of a file
- Powerful Users
- Powerful Groups
- Group Membership Summary
- Users in a group Report
- Groups User is a Member of
- Group Rights Analysis
- Users who are privileged Operators
- Accounts that can manage audit and security logs
- Accounts that can take ownership
- Accounts that can shut down system
- Accounts that can generate security audits
- Accounts that can back up files and directories
This issue will be resolved in Service Pack 1 for Version 5.0 of NetIQ Vulnerability Manager.
Additional Information
Formerly known as NETIQKB42540