This website uses cookies. By clicking Accept, you consent to the use of cookies. Click Here to learn more about how we use cookies.
Accept
Reject
Community FAQ
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 

"Registry access denied". What keys?

spino
Engaged Sweeper

‎02-05-2008 03:00 PM

hello,
while scanning a server, part of an AD domain, I get "Registry access denied".
This happens also with the service running as a domain administrator.
Using regedit on the server, checked that domain admins do have full control permission over each registry branch.
Is there any way, or any useful information, to identify what registry leaf was denied access to?
thanks
Labels:
0 Kudos
15 REPLIES 15
Hemoco
Lansweeper Alumni

‎02-06-2008 03:54 PM

Where exactly did you get the registry access denied?
Was it in the errorlog.txt?
Can you post the error part please.
0 Kudos
tuvita
Engaged Sweeper
In response to Hemoco

‎02-06-2008 04:13 PM

Lansweeper wrote:
Where exactly did you get the registry access denied?
Was it in the errorlog.txt?
Can you post the error part please.


website, client details, error tab: there's a line stating:

Regerror Requested registry access is not allowed. clientname (clientname) 2/6/2008 3:10:32 PM

errorlog.txt on the server is empty

0 Kudos
Hemoco
Lansweeper Alumni

‎02-06-2008 02:09 PM

You can ignore the buffer overflow.
Did you run procmon on the server or on the client?
You should run it on the server when the server tries to scan the client.
0 Kudos
tuvita
Engaged Sweeper
In response to Hemoco

‎02-06-2008 03:50 PM

Lansweeper wrote:
You can ignore the buffer overflow.
Did you run procmon on the server or on the client?
You should run it on the server when the server tries to scan the client.


ops, I did it on the workstation to be scanned.
I tried now to issue a "trigger scan" command from the website.
on the server, process lansweeper30 makes operations on
\\targetpc\PIPE\winreg and on
\\targetpc\IPC$\winreg .
All operation are "success". No other operations are tracked for process lansweeper30.exe.
0 Kudos
Hemoco
Lansweeper Alumni

‎02-05-2008 03:09 PM

download the free tool "procmon" (process monitor) from http://www.sysinternals.com
This will give a complete trace of what's going on. (you can easily find all access denieds)
0 Kudos
tuvita
Engaged Sweeper
In response to Hemoco

‎02-06-2008 02:04 PM

Lansweeper wrote:
download the free tool "procmon" (process monitor) from http://www.sysinternals.com
This will give a complete trace of what's going on. (you can easily find all access denieds)


There's no "access denied errors".
I see a number of "not found" errors, which I expect to be correct.
Then a mumber of "buffer overflow" errors while opening keys. maybe this is misinterpreted as "access denied"?
0 Kudos

New to Lansweeper?

Try Lansweeper For Free

Experience Lansweeper with your own data.
Sign up now for a 14-day free trial.

Try Now