Symptoms

• Cannot scan a remote machine with Protect
• Scanning a remote machine in Protect fails with the following error: 
  Error 452: Unable to connect to the remote machine

          You can see the error code listed in a scan result under the 'Machines Not Scanned' tab as well. 

Cause

This issue occurs if one or more scanning prerequisites are not met, usually due to a configuration issue. Generally, 452 indicates that the provided credential is invalid for accessing the remote system or does not have permissions for some component of the remote system.

Resolution

To resolve this issue:

1. Review and ensure you are meeting the Agentless Patch Scanning Prerequisites.
2. Reboot the Protect console machine.
3. Verify if the Server and Remote Registry services are enabled on the remote machine and that you can remotely log in to this machine.
   To test the remote registry connection:
   1. Click Start> Run, type regedit, and click OK. The Registry Editor window opens.
   2. Click File> Connect Network Registry.
4. Ensure that the Workstation service is running on the machine performing the scan.
5. Check if there is already a connection between the server and scanned device and that this connection is using a different set of credentials than the Protect patch server. In this case,the Protect patch server cannot establish the connection. If the target machine being scanned is already connected to the scanning server via a drive mapping, the scan fails
6. Try scanning the target machine using both IP and Name.
7. Test the admin share using this command:
   
   net use\\machine_name\IPC$/user:domain\ username password
   
   Note: Provide the actual name of the machine you are trying to scan, along with the same credentials that you are attempting to scan with. You can substitute machine_name with domain if you are using local credentials.
8. Check the Local Area Connection properties on the target machine to ensure that File and Printer sharing is enabled.
9. Try lowering your thread count for simultaneous machines scanned in the scan template to see if this eliminates the error. To do this, navigate to Scan template> General tab.
   
   

Additional Information

The patch below has been known to be the root cause of some error 452 failures:

MS15-027 (KB3002657) May Cause Patch Scans To Fail With Error 452

The following document may also prove helpful:

Scan Error 451 or 452 When Scanning A Machine Located In A Workgroup

Also, Microsoft provides a patch to resolve this issue in a specific scenario.

To verify if this is applicable, open a command prompt and run these commands:sc.exe \\Target_Computer_Namequery
sc.exe\\Target_IP_AddressqueryIf sc.exe using Target_Computer_Name works, but sc.exe using Target_IP_Ad does not work, you must apply these patches: In the console machine:

• For Windows Server 2008, 2008 R2 and 7, apply either SP1 or the patch described in the Microsoft Knowledge Base article 2194664.
• For Windows Server 2003 and 2003 R2, apply the patches described in the Microsoft Knowledge Base articles 975467 and 968389.

In the target machine:

• For Windows Server 2008, 2008 R2 and 7, there are no available patches and this issue is not seen to occur in these target operating systems.
• For Windows Server 2003 and 2003 R2, apply the patches described in the Microsoft Knowledge Base articles 975467 and 968389.

Affected Product(s)

Shavlik Protect, All Versions