How-To troubleshoot Error 5 - Access is denied

• Cannot scan a remote machine with Protect
• Scanning a remote machine in Protect fails with the following error: 
  Error 5: Access is denied

1- Do I have local admin rights for the target machine ?

2- Is the remote registry service running ?

To test the remote registry connection: From the console machine to the target machine -

Open Regedit> File> Connect Network Registry , Open one of the hives and ensure you can read the actual Key - what is the result ?

3- Does the local user account have full permissions to the remote registry as local administrator ?

Open Regedit and go to:

HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSecurePipeServerswinreg

4- Reboot both target and console machine - what is the result after a scan ?

5- Can you complete a nslookup IP Address, NETBios Name, FQDN both forward and reverse for target and console. Ensure results are consistent.

6- Is this the only machine you are getting this error ?

7- Do you have credentials assigned to this machine in the machine group ?

8- What credentials are set in the Machine Properties?  Go to the Machine View, right-click on the device and click "Machine Properties".  Verify that the correct credentials are listed there.

9- Try disabling your anti-virus and firewall and seeing if it makes a difference to your error ?  If it does, re-check the port list to ensure all necessary ports are enabled.  http://community.shavlik.com/docs/DOC-22939

10- Is User Account Control Enabled on the Machine?

For machines using Windows operating systems that employ the use of User Account Control (this includes Windows Vista or later and Windows Server 2008 or later), you must either:

• Join the machines to a domain and then perform the scan using domain administrator credentials, or
• If you are not using the built-in Administrator account on the remote machines (and using that account is NOT recommended), you must disable User Account Control (UAC) remote restrictions on the machines. To do this:
  1. Click Start, click Run, type regedit, and then press Enter.
  2. Locate and then click the following registry subkey:

               HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System 

               If the LocalAccountTokenFilterPolicy registry entry does not exist, follow these steps:

• On the Edit menu, point to New, and then click DWORD Value.b. Type LocalAccountTokenFilterPolicy and then press Enter.
• Right-click LocalAccountTokenFilterPolicy and then click OK.
• In the Value data box, type 1, and then click OK.
• Exit Registry Editor.

                For more details on disabling UAC remote restrictions, see http://support.microsoft.com/kb/95101

Be sure to have followed the pre-requisites guidelines :

http://www.shavlik.com/uploadedFiles/Support/Online_Documentation/Shavlik_Protect_90/administration-guide.pdf

Contact the support by opening a case via the portal and provide clean logs:

http://support.shavlik.com

To gather the logs, please see the following document: http://community.shavlik.com/docs/DOC-22921