Error: 'Processor architecture for machine \\computer names is unknown, Error accessing registry key (NETIQKB41323)

  • 7741323
  • 02-Feb-2007
  • 05-Feb-2008

Environment

Domain Migration Administrator 6.3

Domain Migration Administrator 7.x

Situation

Error: 'Processor architecture for machine \\computer names is unknown
Error accessing registry key SYSTEM\CurrentControlSet\Control\Session Manager\Environment rc=5 Access is denied'.
Failed to install agent on \\computer, rc=5 Access is denied.
Failed to launch agent on \\computer, hr=80070005 Access is denied
Access is denied when trying to dispatch an agent to migrate a computer or translate security.

Resolution

There are several different resolutions to this issue depending on which cause applies:

If the account logged on to the DMA console is not a member of the Local Administrators group on the remote workstation:

  1. Log on to the DMA console with an account that has Local Administrator permissions to the remote workstation.

If the Remote Registry service is not enabled on the remote workstation:

  1. Using Computer Management on the DMA machine connect to the remote workstation and enable the Remote Registry service.

If both cause 1 and 2 have been verified, then the most likely cause is the permissions to the remote registry have been restricted. On the remote workstation: 

  1. Click Start | Run.
  2. Type regedt32 into the Open field.
  3. Add the migration account (or a group that it is a member of) to the permissions on the following key:
    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurePipeServers\winreg
  4. If these permissions already appear correct, add the LOCAL SERVICE group with Read permissions to the permissions of the winreg key.


Cause

This error message appears in the Dispatch.log (\Program Files\NetIQ\DMA\Logs\Dispatch.log) because the account logged on to the DMA console does not have permission to remotely access the registry of the remote workstation. There are several possible reasons for this.

  1. The account logged on to the DMA console is not a member of the Local Administrators group on the remote workstation.
  2. The remote registry service is not enabled on the remote workstation.
  3. Remote registry access has been restricted via registry permissions. Typically, this will happen on Microsoft Windows XP/2003 machines that do not have the Local Service local group listed with at least Read permissions to the HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurePipeServers\winreg key. This key can be used to restrict and allow certain types of remote registry access.

Additional Information

Formerly known as NETIQKB41323

Feedback service temporarily unavailable. For content questions or problems, please contact Support.