S
SteveS2019
Setting up SNMP traps to watch for members being added to Domain Admins, Enterprise Admins, and Administrators. When setting this up on Server 2008 R2\2012 R2 works fine but in Server 2016 and Server 2019 the SNMP Service(SNMP.exe) crashes.
Event log sample:
Faulting application name: snmp.exe, version: 10.0.14393.351, time stamp: 0x5801a923
Faulting module name: ntdll.dll, version: 10.0.14393.1715, time stamp: 0x59b0d03e
Exception code: 0xc0000005
Fault offset: 0x000000000009d969
Faulting process id: 0x1230
Faulting application start time: 0x01d5590dd09c7932
Faulting application path: C:\Windows\System32\snmp.exe
Faulting module path: C:\Windows\SYSTEM32\ntdll.dll
Report Id: d122d1fb-95ef-46b6-8af0-60f7b51bd03c
Faulting package full name:
Faulting package-relative application ID:
I've attempted to trigger traps off other events and they seem to work fine, it seems to only be crashing for events that can have both Warning and Success severities.I've tested this on multiple OSes with multiple configurations. Happens on a fresh installed ISO(Server 2016 DataCenter and Server 2019 DataCenter) from microsoft with just SNMP enabled and get the same result.
I believe this is some kind of bug in adtschema.dll, I've dropped in a version of adtschema.dll\adtschema.dll.mui from server 2012 onto server 2016 and SNMP event to trap works fine for the same event IDs that would previously crash.
Continue reading...
Event log sample:
Faulting application name: snmp.exe, version: 10.0.14393.351, time stamp: 0x5801a923
Faulting module name: ntdll.dll, version: 10.0.14393.1715, time stamp: 0x59b0d03e
Exception code: 0xc0000005
Fault offset: 0x000000000009d969
Faulting process id: 0x1230
Faulting application start time: 0x01d5590dd09c7932
Faulting application path: C:\Windows\System32\snmp.exe
Faulting module path: C:\Windows\SYSTEM32\ntdll.dll
Report Id: d122d1fb-95ef-46b6-8af0-60f7b51bd03c
Faulting package full name:
Faulting package-relative application ID:
I've attempted to trigger traps off other events and they seem to work fine, it seems to only be crashing for events that can have both Warning and Success severities.I've tested this on multiple OSes with multiple configurations. Happens on a fresh installed ISO(Server 2016 DataCenter and Server 2019 DataCenter) from microsoft with just SNMP enabled and get the same result.
I believe this is some kind of bug in adtschema.dll, I've dropped in a version of adtschema.dll\adtschema.dll.mui from server 2012 onto server 2016 and SNMP event to trap works fine for the same event IDs that would previously crash.
Continue reading...