Quantcast
Channel: Shavlik User Community : Document List - All Communities
Viewing all articles
Browse latest Browse all 1352

Scan Error 5, 451 or 452 When Scanning A Machine With a Local Account

$
0
0

Purpose

 

This document will walk you through on configuring your machine so that it can be scanned using local account credentials.

 

Symptoms

 

Although you have the correct local account credentials defined and assigned, scans on your machine fail. Errors include 451 The specified user account requires administrative rights to the target machine, 452 Unable to connect to the remote machine or 5: Access is Denied.

451Error.JPG

Error.PNG

 

Resolution

 

If you are not using the built-in Administrator account on the remote machines (and using that account is NOT recommended), you must disable User Account Control (UAC) remote restrictions on the machines with the following steps.

  • Run regedit and locate the following registry key:
    • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System
  • With that key highlighted, click Edit > New > DWORD (32-bit) Value
  • Type LocalAccountTokenFilterPolicy and then press Enter to name and create the new value
  • Double-click the new LocalAccountTokenFilterPolicy value and change the value to 1 and click OK to save it

In some instances, exporting/importing this registry key will not correctly fix the issue. If you imported this key via a .reg file, and you continue getting access denied messages, try deleting the registry value and manually entering it using the steps above.

For more details on disabling UAC remote restrictions, see http://support.microsoft.com/kb/951016

 

Additional Information

 

Refer to this portion of the Agentless Patch Scanning Prerequisites.

 

Affected Versions

Patch for Windows Servers 9.3.x

Ivanti Security Controls (all)


Viewing all articles
Browse latest Browse all 1352

Trending Articles