AssafMiron
commented
2 years ago Hello @tovd600 ,
Thanks for approaching with this issue :)
Regarding the first item, we have improved the logging and messages in the report to include also the access type In this specific case the hardening requirement is to Deny FullControl You can see the requirement here: https://docs.cyberark.com/Product-Doc/OnlineHelp/PAS/Latest/en/Content/Security/PSM-hardening-configuration.htm?TocPath=Security%7C_____3#:~:text=Adds%20an%20access%20rule%20for%20PSMConnect%2C%20PSMAdminConnect%20and%20PSMShadowUsers%20to%20Deny%20FullControl%20for%20the%20specified%20path
This is now solved and updated in #87
Regarding the second item, for issues like these the best is to review the logs to see more details on the error or run the script with verbose logging (just run the script with "-Debug -Verbose" switches at the Powershell command That would add more insights into the log files so you could better understand what happened
Hope this helps, Regards, Assaf
Hello team. We are facing some messages when running the health chech on PSMs. Can you please advise on below items?
1) Why do we need to grant FullControl rights as described here? Is it really necessary?
2) Errors during the execution, should we do something when it happens?
Many thanks