On-Demand Assessment for AD feature is expired

[Max Coder]

I configured Active Directory Assessment last year, but now I tried configuring it again and I get an error like below.



[20250205_104930] [0001] SironaCore Information: 5 : [20250205_104930] [0001] Core Advisor(6e030d14-caf6-4cfb-b2e8-3f30b44d7566) Message: ActivityID=ed992413-3b45-0000-e80b-bbed453bdb01 Method=Main Message=Invoking the ConfigurationManager
[20250205_104930] [0001] SironaCore Information: 5 : [20250205_104930] [0001] Core Advisor(6e030d14-caf6-4cfb-b2e8-3f30b44d7566) Message: ActivityID=ed992413-3b45-0000-e80b-bbed453bdb01 Method=Main Message=Finished Invoking the ConfigurationManager
[20250205_104930] [0001] SironaCore Information: 5 : [20250205_104930] [0001] Core Advisor(6e030d14-caf6-4cfb-b2e8-3f30b44d7566) Message: ActivityID=ed992413-3b45-0000-e80b-bbed453bdb01 Method=Main Message=Feature is expired. FeatureName=CoreEngine
[20250205_104930] [0001] SironaCore Error: 4 : [20250205_104930] [0001] Core Advisor(6e030d14-caf6-4cfb-b2e8-3f30b44d7566) Error: ActivityID=ed992413-3b45-0000-e80b-bbed453bdb01 Method=Main Message=Feature is expired. FeatureName=CoreEngine
Type=Microsoft.Sirona.Licensing.LicenseException

   at Microsoft.Sirona.Licensing.LicenseManager.FeatureEnabled(String featureName, Boolean throwIfDisabled, Boolean passIfMissing)
   at Microsoft.Sirona.Workflow.SironaAutomation..ctor(String toolsetLicense, String executionPackagePath, String applicationDirectory, String workingDirectory, String workingDirectoryData, Action`1 output)
   at Microsoft.EnterpriseManagement.Mom.Modules.Assessments.Executable.AdvisorAutomationFile..ctor(String toolsetLicense, String executionPackagePath, String applicationDirectory, String workingDirectory, String workingDirectoryData, Guid assessmentId, Guid runId, Action`1 output, Func`4 getCustomData)
   at Microsoft.EnterpriseManagement.Mom.Modules.Assessments.Executable.Program.Main(String[] args)
   
   
 
 Licence :
 
 
 <CaveLicense>
  <Feature Name="CoreEngine" Expiration="2024-09-07T04:15:03.3091528Z" />
  <Feature Name="Dashboard" Expiration="2024-09-07T04:15:03.3091528Z" />
  <Feature Name="Discovery" Expiration="2024-09-07T04:15:03.3091528Z" />
  <Feature Name="Collection" Expiration="2024-09-07T04:15:03.3091528Z" />
  <Feature Name="Reporting" Expiration="2024-09-07T04:15:03.3091528Z" />
  <Feature Name="Analysis" Expiration="2024-09-07T04:15:03.3091528Z" />
  <Feature Name="Issues" Expiration="2024-09-07T04:15:03.3091528Z" />
  <Feature Name="Visualization" Expiration="2024-09-07T04:15:03.3091528Z" />
  <Feature Name="Designer" Expiration="2024-09-07T04:15:03.3091528Z" />
  <Feature Name="Help" Expiration="2024-09-07T04:15:03.3091528Z" />
  <Feature Name="RequirePackages" Expiration="2024-09-07T04:15:03.3091528Z" />
  <Feature Name="SubmissionAgreement" Expiration="2024-09-07T04:15:03.3091528Z" />
  <Feature Name="DiscoveryExclusions" Expiration="2024-09-07T04:15:03.3091528Z" />

[Michael B. Smith]

I have no idea what you are referring to. 😊 Give us some more information.

--
You received this message because you are subscribed to the Google Groups "ntsysadmin" group.
To unsubscribe from this group and stop receiving emails from it, send an email to ntsysadmin+...@googlegroups.com.
To view this discussion visit https://groups.google.com/d/msgid/ntsysadmin/840f02da-9473-4bac-82a3-210dd3cd1ca6n%40googlegroups.com.

[Wright, John M]

Are you still an Enterprise Administrator?  My understanding is that that’s required.  https://learn.microsoft.com/en-us/services-hub/unified/health/getting-started-ad

 

Also, is it an up-to-date download?  I’m asking because of this:

 

“The Active Directory On-Demand Assessment feature experienced issues starting from September 1, 2022, due to the signing certificate used to digitally sign the package expiring. This led to SSL certificate errors and prevented the assessment from running properly. However, Microsoft resolved the certificate issue on September 23, 2022, and the assessments should now be functioning correctly.”

 

--

John Wright

IT Support Specialist

1800 Old Bluegrass Avenue, Louisville, KY 40215

502.708.9953

Please submit IT requests to Hazelwoo...@bluegrass.org

24 Hour Helpline 1.800.928.8000

  

CONFIDENTIALITY NOTICE: This message contains confidential information and is intended only for the individual(s) addressed in the message. If you are not the named addressee, you should not disseminate, distribute, or copy this e-mail. If you are not the intended recipient, you are notified that disclosing, distributing, or copying this e-mail is strictly prohibited.

 

From: ntsys...@googlegroups.com <ntsys...@googlegroups.com> On Behalf Of Max Coder
Sent: Wednesday, February 5, 2025 1:42 PM
To: ntsysadmin <ntsys...@googlegroups.com>
Subject: [ntsysadmin] On-Demand Assessment for AD feature is expired

 

EXTERNAL EMAIL - This email was sent by a person from outside your organization. Exercise caution when clicking links, opening attachments or taking further action, before validating its authenticity.

Secured by Check Point

--

[Michael B. Smith]

Huh. Thanks for that link. I’m not familiar with this tool. I’m going to run it. 😊

To view this discussion visit https://groups.google.com/d/msgid/ntsysadmin/DM6PR12MB4372FC5E01C4D12E4B7CD8DE91F72%40DM6PR12MB4372.namprd12.prod.outlook.com.

[maxcoder1]

Yes I have Enterprise Admin authorization for root forest.
I am not using MMA agent. I downloaded a script with Azure Arc. I ran it on the server. I can see the server in Azure Arc. There are 4 extensions.  
MDE.Windows AssessmentPlatform  
ADAssessmentPlus ADSecurityAssessment

I am using a gMSA user. This user has Enterprise Admin privileges. He also has local admin privileges on the collector server.

Add-ADSecurityAssessmentTask -WorkingDirectory <Directory> -ScheduledTaskUsername <MSAname> -RunWithManagedServiceAccount $True

is it an up-to-date download? How exactly did I know it was up to date? 

To view this discussion visit https://groups.google.com/d/msgid/ntsysadmin/f1906c9a09624374ac4b03452e598a3b%40smithcons.com.

[Brian Illner]

 

OMS Gateway and data collection machine This scenario is the most secure and recommended option to help protect privileged account credentials which are used on the scheduled task configured on this machine needed to run the assessment. This scenario requires two computers. One will be designated as the data collection machine, and the second machine will be the OMS Gateway.

 

• The OMS Gateway enables customers send data to a central server which has internet access. It is a HTTP forward proxy that supports HTTP tunneling via the HTTP CONNECT command. The Gateway can handle up to 1000 OMS concurrent connected devices, if run on a 4 core CPU, 8 GB Windows Server with a 1Gbps network connection. In order to use the OMS Gateway, you need to install the OMS agent on the Gateway server.
• System Requirements

Supported Operating Systems

Windows 10, Windows 7, Windows 8.1, Windows Server 2008, Windows Server 2008 R2, Windows Server 2012, Windows Server 2012 R2

- Client SKU: Windows 7, Windows 8.1, Windows 10 - Server SKU: W2008, W2012, W2012R2

 

 

 

Typical Microsoft….

I wonder if they’ll remember to update this before the very last ‘Supported OS’ in their list for the OMS Gateway reaches end of life in a few months?

 

 

 

BRIAN ILLNER​​​​  |  Senior Systems Administrator 864.250.9227 Office 864.679.2537 Fax Canal Insurance Company 101 N. Main Street, Suite 400 Greenville, SC 29601 WARNING:  As the information in this transmittal (including attachments, if any) may contain confidential, proprietary, or business trade secret information, it should only be reviewed by those who are the intended recipients.  Unless you are an intended recipient, any review, use, disclosure, distribution or copying of this transmittal (or any attachments) is strictly prohibited.   If you have received this transmittal in error, please notify me immediately by reply email and destroy all copies of the transmittal.  While Canal believes this transmittal to be free of virus or other defect, it is the responsibility of the recipient to ensure that it is virus free and no responsibility is accepted by Canal (or its subsidiaries and affiliates) for any loss or damage arising therefrom.

 

From: ntsys...@googlegroups.com <ntsys...@googlegroups.com> On Behalf Of Michael B. Smith
Sent: Wednesday, February 5, 2025 2:20 PM
To: ntsys...@googlegroups.com
Subject: RE: [ntsysadmin] On-Demand Assessment for AD feature is expired

 

CAUTION: This message was sent from outside of Canal Insurance. Please do not click links or open attachments unless you recognize the source of this email and know the content is safe. Please report all suspicious emails to "inf...@canal-ins.com" as an attachment.

---

To view this discussion visit https://groups.google.com/d/msgid/ntsysadmin/f1906c9a09624374ac4b03452e598a3b%40smithcons.com.