Monitors the hosted cache server authentication.
When clients are offering unencrypted content, the hosted cache server must be authenticated by the clients before it can be used to cache and retrieve content. This is to ensure that only trusted servers can accept and cache crucial content from the headquarters or datacenters.
This monitor is triggered when the hosted cache server authentication failed. This will affect BranchCache performance because the clients will have to download contents from the content servers instead of from within the branch. This is caused by the certificate deployed on the hosted cache server:
The certificate is missing or is not bound
Wrong or bad (expired) certificate
The certificate is not trusted
Please contact the system or IT administrator regarding the hosted cache server certificate.
Certificates are not required for Windows 8 clients when the content server and hosted cache server are running Windows Server 2012 or later versions of the operating system.
Target | Microsoft.Windows.BranchCache.HostedCacheClientNode | ||
Parent Monitor | System.Health.SecurityState | ||
Category | SecurityHealth | ||
Enabled | True | ||
Alert Generate | True | ||
Alert Severity | Error | ||
Alert Priority | Normal | ||
Alert Auto Resolve | True | ||
Monitor Type | Microsoft.Windows.SingleEventLogManualReset2StateMonitorType | ||
Remotable | True | ||
Accessibility | Public | ||
Alert Message |
| ||
RunAs | Default |
<UnitMonitor ID="Microsoft.Windows.BranchCache.HostedCacheClient.Monitor.ServerNotAuthenticatedAuditFailure" Accessibility="Public" Enabled="onEssentialMonitoring" Target="Microsoft.Windows.BranchCache.HostedCacheClientNode" ParentMonitorID="Health!System.Health.SecurityState" Remotable="true" Priority="Normal" TypeID="Windows!Microsoft.Windows.SingleEventLogManualReset2StateMonitorType" ConfirmDelivery="true">
<Category>SecurityHealth</Category>
<AlertSettings AlertMessage="Microsoft.Windows.BranchCache.HostedCacheClient.Monitor.ServerNotAuthenticatedAuditFailure_AlertMessageResourceID">
<AlertOnState>Error</AlertOnState>
<AutoResolve>true</AutoResolve>
<AlertPriority>Normal</AlertPriority>
<AlertSeverity>Error</AlertSeverity>
</AlertSettings>
<OperationalStates>
<OperationalState ID="EventRaised" MonitorTypeStateID="EventRaised" HealthState="Error"/>
<OperationalState ID="ManualResetEventRaised" MonitorTypeStateID="ManualResetEventRaised" HealthState="Success"/>
</OperationalStates>
<Configuration>
<ComputerName>$Target/Property[Type="Microsoft.Windows.BranchCache.ClientSideServiceBase"]/NodeName$</ComputerName>
<LogName>Security</LogName>
<Expression>
<And>
<Expression>
<SimpleExpression>
<ValueExpression>
<XPathQuery Type="UnsignedInteger">EventDisplayNumber</XPathQuery>
</ValueExpression>
<Operator>Equal</Operator>
<ValueExpression>
<Value Type="UnsignedInteger">6404</Value>
</ValueExpression>
</SimpleExpression>
</Expression>
<Expression>
<SimpleExpression>
<ValueExpression>
<XPathQuery Type="String">PublisherName</XPathQuery>
</ValueExpression>
<Operator>Equal</Operator>
<ValueExpression>
<Value Type="String">Microsoft-Windows-Security-Auditing</Value>
</ValueExpression>
</SimpleExpression>
</Expression>
</And>
</Expression>
</Configuration>
</UnitMonitor>