PowerRecon 2.0 "Requested Registry Access not allowed" error during inventory

  • 7920526
  • 27-Mar-2006
  • 26-Apr-2012

Environment

Applies to:  PowerRecon 2.0 and higher

Situation

When attempting to add a machine with Windows 2000 Server/Windows 2003 Server with SP1 to PowerRecon's Inventory, the following error may appear:

Requested Registry Access not allowed



 

Resolution

Details

The Remote Registry service MUST be running on the machine that PowerRecon is attempting to discover.  By default the Remote Registry service runs under the LOCAL SERVICE account.  Therefore, the LOCAL SERVICE account will need read permissions to the following registry key on the machine that PowerRecon is attempting to add:

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurePipeServers\winreg

For more details regarding this, please see the link below to the following Microsoft article entitled "Can't access Remote Registry Service after upgrading to Windows 2003"

< o:p>.

 

In addition, if you are attempting to inventory a Windows 2003 Small Business Server, the following steps are also recommended:

  1. Run regedt32
  2. Locate the following registry key:

    HKEY_LOCAL_MACHINE\System\ControlSet001\Services\SBCore

  3. Remove the SYSTEM account from having access to this key.  If the SYSTEM account is not removed, the system will overwrite any additional permissions set on this particular registry key restoring it to the original level of access which by default is SYSTEM only.
  4. Provide the LOCAL SERVICE account with READ access

  

If error continues to appear after trying the above suggestions, please follow the steps below to further troubleshoot the error:

  1. Launch the Local Security Policy console on the server that PowerRecon had failed to inventory
  2. Go to Local Policies -> Audit Policy
  3. Ensure that "Audit Logon events" and "Audit Object Access" are set to audit failures
  4. Apply the changes
  5. Try to inventory the server again and when the error re-occurs, check the Event logs of the server that failed to discover
    and make the appropriate permissions change(s) as necessary

Feedback service temporarily unavailable. For content questions or problems, please contact Support.