PowerRecon 2.0 "Requested Registry Access not allowed" error during inventory

  • 7920526
  • 27-Mar-2006
  • 26-Apr-2012


Applies to:  PowerRecon 2.0 and higher


When attempting to add a machine with Windows 2000 Server/Windows 2003 Server with SP1 to PowerRecon's Inventory, the following error may appear:

Requested Registry Access not allowed




The Remote Registry service MUST be running on the machine that PowerRecon is attempting to discover.  By default the Remote Registry service runs under the LOCAL SERVICE account.  Therefore, the LOCAL SERVICE account will need read permissions to the following registry key on the machine that PowerRecon is attempting to add:


For more details regarding this, please see the link below to the following Microsoft article entitled "Can't access Remote Registry Service after upgrading to Windows 2003"

< o:p>.


In addition, if you are attempting to inventory a Windows 2003 Small Business Server, the following steps are also recommended:

  1. Run regedt32
  2. Locate the following registry key:


  3. Remove the SYSTEM account from having access to this key.  If the SYSTEM account is not removed, the system will overwrite any additional permissions set on this particular registry key restoring it to the original level of access which by default is SYSTEM only.
  4. Provide the LOCAL SERVICE account with READ access


If error continues to appear after trying the above suggestions, please follow the steps below to further troubleshoot the error:

  1. Launch the Local Security Policy console on the server that PowerRecon had failed to inventory
  2. Go to Local Policies -> Audit Policy
  3. Ensure that "Audit Logon events" and "Audit Object Access" are set to audit failures
  4. Apply the changes
  5. Try to inventory the server again and when the error re-occurs, check the Event logs of the server that failed to discover
    and make the appropriate permissions change(s) as necessary