Jump to content

Mathieu Lacoste

Members
 View Profile  See their activity

  • Posts

    4

  • Joined

  • Last visited

 Content Type 

Posts posted by Mathieu Lacoste

    ESET Sharepoint 6.5.15014.0 - Unable to access some of the SharePoint web site objects

    in ESET Products for Windows Servers

    Posted

    After contacting support, the issue had to do with the way the tool enumerates the sites in SharePoint.

    Even if the ESET antivirus for SharePoint Account is a farm Administrator on the SharePoint Farm (and theorically has all the rights to the farm and the central administration), it also needs to be in the Central Administration Site collection Administrators Group for the enumeration to be successful (again, the account has access to the Central Administration).

    Placing the Eset Account as a secondary Admin on the Central Administration did the trick.

    Thanks

    ESET Sharepoint 6.5.15014.0 - Unable to access some of the SharePoint web site objects

    in ESET Products for Windows Servers

    Posted · Edited by Mathieu Lacoste
    Pasted the wrong information, thanks to Internet Explorer

    Hello Marcos

    Here are the output.

    C:\Windows\system32>SHPIO13.exe displaystructure
    Web service: Application web de Microsoft SharePoint Foundation, ,
    Web application count: 1
    Web App: SharePoint, Online, ,
      Sites count: 2
      Site: [hxxp://SHAREPOINTHOST]
        Webs count: 1
        Web: Portail SharePoint, [hxxp://SHAREPOINTHOST]
      Site: [hxxp://SHAREPOINTHOST/mysites]
        Webs count: 1
        Web: mysites, [hxxp://SHAREPOINTHOST/mysites]
    Web service: Administration centrale, WSS_Administration, WSS_Administration
    Web application count: 1
    Web App: , Online, ,
      Sites count: 2
      Site: [hxxp://SHAREPOINTHOST:800]
        UNAUTHORIZED
      Site: [hxxp://SHAREPOINTHOST:800/sites/Help]
        UNAUTHORIZED
    Processed sites: 2, webs: 2
    Unauthorized sites: 2, webs: 0

    C:\Windows\system32>Shpio13.exe usercount /print /withnames /diag
    Getting all sites...
    Done. Num sites: 4

    Site: hxxp://SHAREPOINTHOST
    Web: hxxp://SHAREPOINTHOST, user count: 7
    +User: SHAREPOINT\system; sid is empty: 0; no sid but unique SysID: 0; is group: 0; has unique sid: 1
    +User: i:0#.w|LAB\eset_account; sid is empty: 1; no sid but unique SysID: 1; is group: 0; has unique sid: 0
    +User: i:0#.w|LAB\SPFarm; sid is empty: 1; no sid but unique SysID: 1; is group: 0; has unique sid: 0
    +User: i:0#.w|LAB\SPSearch; sid is empty: 1; no sid but unique SysID: 1; is group: 0; has unique sid: 0
    +User: LAB\testuser; sid is empty: 0; no sid but unique SysID: 0; is group: 0; has unique sid: 1
    +User: i:0#.w|LAB\testuser; sid is empty: 1; no sid but unique SysID: 1; is group: 0; has unique sid: 0
    +User: LAB\testuser2; sid is empty: 0; no sid but unique SysID: 0; is group: 0; has unique sid: 1
    Site: hxxp://SHAREPOINTHOST/mysites
    Web: hxxp://SHAREPOINTHOST/mysites, user count: 6
    +User: i:0#.w|autorite nt\système; sid is empty: 1; no sid but unique SysID: 1;is group: 0; has unique sid: 0
    +User: AUTORITE NT\Système; sid is empty: 0; no sid but unique SysID: 0; is group: 0; has unique sid: 1
    -User: SHAREPOINT\system; sid is empty: 0; no sid but unique SysID: 0; is group: 0; has unique sid: 0
    -User: i:0#.w|LAB\eset_account; sid is empty: 1; no sid but unique SysID: 0; is group: 0; has unique sid: 0
    -User: i:0#.w|LAB\SPSearch; sid is empty: 1; no sid but unique SysID: 0; is group: 0; has unique sid: 0
    -User: LAB\testuser2; sid is empty: 0; no sid but unique SysID: 0; is group: 0; has unique sid: 0
    Site: hxxp://SHAREPOINTHOST:800
    Web: hxxp://SHAREPOINTHOST:800, user count: 7
    -User: AUTORITE NT\Système; sid is empty: 0; no sid but unique SysID: 0; is group: 0; has unique sid: 0
    +User: LAB\eset_account; sid is empty: 0; no sid but unique SysID: 0; is group: 0; has unique sid: 1
    +User: LAB\SPFarm; sid is empty: 0; no sid but unique SysID: 0; is group: 0; has unique sid: 1
    +User: LAB\SPAppPool; sid is empty: 0; no sid but unique SysID: 0; isgroup: 0; has unique sid: 1
    -User: LAB\testuser; sid is empty: 0; no sid but unique SysID: 0; is group: 0; has unique sid: 0
    -User: LAB\testuser2; sid is empty: 0; no sid but unique SysID: 0; is group: 0; has unique sid: 0
    -User: SHAREPOINT\system; sid is empty: 0; no sid but unique SysID: 0; is group: 0; has unique sid: 0
    Site: hxxp://SHAREPOINTHOST:800/sites/Help
    OBJECT: hxxp://SHAREPOINTHOST:800/sites/Help
    ERROR: Accès refusé. (Exception de HRESULT : 0x80070005 (E_ACCESSDENIED))
    OBJECT: hxxp://SHAREPOINTHOST:800/sites/Help
    ERROR: Accès refusé. (Exception de HRESULT : 0x80070005 (E_ACCESSDENIED))


    Users verification...
    -User: SHAREPOINT\system; sid empty: 0; SysID empty: 0; has unique sid: 1; has unique SysID: 1, verified in AD: 0, accUniq: 0, parsedSAM: , verifWithSAM: 0
    -User: i:0#.w|LAB\testuser; sid empty: 1; SysID empty: 0; has unique sid: 0; has unique SysID: 1, verified in AD: 0, accUniq: 0, parsedSAM: , verifWithSAM: 0
    -User: i:0#.w|autorite nt\système; sid empty: 1; SysID empty: 0; has unique sid: 0; has unique SysID: 1, verified in AD: 0, accUniq: 1, parsedSAM: système, verifWithSAM: 0
    -User: AUTORITE NT\Système; sid empty: 0; SysID empty: 0; has unique sid: 1; has unique SysID: 1, verified in AD: 0, accUniq: 0, parsedSAM: , verifWithSAM: 0
    -User: LAB\eset_account; sid empty: 0; SysID empty: 0; has unique sid: 1; has unique SysID: 1, verified in AD: 1, accUniq: 0, parsedSAM: , verifWithSAM: 0
    -User: LAB\SPFarm; sid empty: 0; SysID empty: 0; has unique sid: 1; has unique SysID: 1, verified in AD: 1, accUniq: 0, parsedSAM: , verifWithSAM: 0
    Users verification done in 00:00:00.4314404.

    AD users: 3
    Other users: 3
    ======== AD users ===========
    LAB\SPAppPool
    LAB\testuser
    LAB\testuser2
    ======== Other users ========
    i:0#.w|LAB\eset_account
    i:0#.w|LAB\SPFarm
    i:0#.w|LAB\SPSearch
    =============================

    User count duration: 00:00:02.3593007

    Thanks

    ESET Sharepoint 6.5.15014.0 - Unable to access some of the SharePoint web site objects

    in ESET Products for Windows Servers

    Posted · Edited by Mathieu Lacoste

    Hello

    I have setup ESET Security for SharePoint Server 6.5.15014 on one of our servers using SharePoint 2010 Enterprise. Due to internal policies, we need to use a different account for the ESET SharePoint Administrator Account than the Farm Admininistrator Account of SharePoint.

    I have setup an account for ESET with the following rights:

    • Farm Admininistrator
    • Local Server Administrator (after some tests)
    • SYSADMIN on the SQL Server
    • Full Control on all Web Applications User policies

    Even with all these rights, I have the following warning: "Unable to access some of the SharePoint web site objects".

    When I open the SharePoint Database Scan window, and I select "Custom Targets", I am able to see all site collections and subsites, except for the Central Admininistration site collection (I cannot launch a scan on it).

    But, If I log on to the server, I can access the Central Admininistration just fine with the browser, and I have full rights inside it.

    I did a test of using the actual SharePoint Farm Administrator Account as the ESET account, and everything works fine with it. I have no warning and I can browse the central Admin in the Database Scan Window, and launch a scan of the Central Admin.

    Any idea about what could be wrong or missing with our custom account?

    Thanks

    Mathieu

×
×
  • Create New...