Hi all,
After installing the MediaAgent Package on some Windows Servers (These just require the component and do not not act as a Data Mover or host a DR Share) I get the once a day 64:1142 Critical Code Event logged: Administrative share are enabled on the MediaAgent XXX which could lead to potential security exploits, please review and take necessary steps.
Having reviewed https://kb.commvault.com/article/72274 this article only really seems concerned with disk libraries and DR Shares that use an Admin share in its path.
I have 2 servers that this is being logged in event viewer for, yet they only have the default C$, Admin$ and IPC$. Should Commvault be flagging the C$ as something that should be removed? Indeed if I apply a reg key (AutoShareServer = 0) the alert is suppressed, but this also removes the Admin$ Share.
Are these alerts in the Event Viewer supposed to be triggered for these default Shares by design or is it being over zealous and picking up these in error? The Critical Warnings seem to indicate a misconfiguration, but as they are not being use for Mount Paths or DR Shares I wouldn’t think this is the case.
For context this is related to a 11.32 Install.
Any input on this would be appreciated.
Thanks,
G
