Environment
PlateSpin Recon
Situation
This article discusses an issue when attempting to inventory a Domain Controller fails with following error:
You will be able to Inventory other machines but unable to inventory Domain Controllers. You may also see the error below in event logs on the Recon Server:
This can be an issue when a domain environment is highly locked down and secured. WMI/WBEMTEST test will be successful.
Resolution
To resolve this issue, follow the steps below:
- Click Start > Programs > Administrative Tools > Domain Controller Security Policy, expand e xpand Local Policies > User Rights Assignment .
- Double-click on “Replace a Process Level Token†policy in the right-window pane.
- Add the NETWORK SERVICE and LOCAL SERVICE accounts to the policy.
- Repeat step 3 and 4 for “Create a Process Level Token†policy as well.
- Refresh the policy by running “GPUPDATE /FORCE†command (for Windows 2003/XP) or “SECEDIT /REFRESHPOLICY MACHINE_POLICY /ENFORCE" command (for Windows 2000).