12-19-2011 07:39 AM
Hello together,
our customer got this Error:
----
Event Type: Warning
Event Source: Enterprise Vault
Event Category: Auth Server
Event ID: 4223
Date: 15.12.2011
Time: 15:58:38
User: N/A
Computer: EV-Server
Description:
Authentication is currently being delayed due to a suspected brute-force attack.
Number of failures: 3
Delay period remaining: 60:0 (mins:secs)
During this period users will experience short delays when searching or accessing archived items
----
It's possible to deactivate this "feature" with an regkey or anything like this?
It's possible to reset the timer?
Thanks!
Kai
Solved! Go to Solution.
12-19-2011 07:51 AM
What version of EV? Is this for FSA and do you happen to be doing a bulk restore?
Article URL http://www.symantec.com/docs/TECH88133
The above article might help.
12-19-2011 07:51 AM
What version of EV? Is this for FSA and do you happen to be doing a bulk restore?
Article URL http://www.symantec.com/docs/TECH88133
The above article might help.
12-19-2011 08:31 AM
I've seen this a few times and it's normally resolved by a reboot. There is no way to disable it. It's a windows problem even though the events are logged as EV.
12-19-2011 08:58 AM
It's EV 9.0.2.
They use also MBX and FSA, but we have no Idea why the error occur. We have increase the value in Tech88133 but the customer need a fast way to reset the counter or deactivate it.
Percy, unfortunately the eventlog doesn't show a windows error. So do you have more detailled Information how the feature works. It should be very usefull when I try to explain the customer that this is a windows error.