FIX: Unable to Inventory Domain Controller

  • Document ID:7005680
  • Creation Date:06-Apr-2010
  • Modified Date:27-Apr-2012
    • Micro Focus Products:
      PlateSpin Recon

Environment

PlateSpin Recon

Situation

This article discusses an issue when attempting to inventory a Domain Controller fails with following error:

 

 

You will be able to Inventory other machines but unable to inventory Domain Controllers. You may also see the error below in event logs on the Recon Server:

This can be an issue when a domain environment is highly locked down and secured. WMI/WBEMTEST test will be successful.

Resolution

To resolve this issue, follow the steps below:
 
  1. Click Start > Programs > Administrative Tools > Domain Controller Security Policy, expand e xpand Local Policies > User Rights Assignment .
  2. Double-click on â€œReplace a Process Level Token†policy in the right-window pane.
  3. Add the NETWORK SERVICE and LOCAL SERVICE accounts to the policy.
  4. Repeat step 3 and 4 for “Create a Process Level Token†policy as well.
  5. Refresh the policy by running â€œGPUPDATE /FORCE†command (for Windows 2003/XP) or “SECEDIT /REFRESHPOLICY MACHINE_POLICY /ENFORCE" command (for Windows 2000).