This website uses cookies. By clicking Accept, you consent to the use of cookies. Click Here to learn more about how we use cookies.
Community FAQ
Register | Log In
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
- Lansweeper Community
- Forums
- General Discussions
- Registry Scanning of Windows 7, Access Denied
Options
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark
- Subscribe
- Mute
- Printer Friendly Page
Register to ask a question, start a topic or share an idea
Join the Community
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
‎02-02-2011 11:57 PM
Currently using lansweeper 4.1, but I have also tried the following in the previous 4.0.0.1+ releases.
I have followed all of the instructions on the site in regards to opening everything up for WMI. I have made sure all the proper services are running. I can even connect to everyones registry remotely in regedit. I have also disabled the firewall on my Windows 7 system and set all sorts of permissions in regards to my WMI and the permissions for the winreg key have been set properly.
Also all these systems pass the Test Connection application in lansweeper, but here is the error log. I also know for a fact that the 3 registry keys I am attempting to scan for are valid on most if not all the systems.
02/01/2011 10:00:44: J39XXXX REGISTRY Access denied
at System.Management.ManagementException.ThrowWithExtendedInfo(ManagementStatus errorCode)
at System.Management.ManagementObject.InvokeMethod(String methodName, ManagementBaseObject inParameters, InvokeMethodOptions options)
at LansweeperService.MdlRegistry.LSRegistry(LSWComputer& mycomputer, String section, SqlConnection& sqlcon)
I have followed all of the instructions on the site in regards to opening everything up for WMI. I have made sure all the proper services are running. I can even connect to everyones registry remotely in regedit. I have also disabled the firewall on my Windows 7 system and set all sorts of permissions in regards to my WMI and the permissions for the winreg key have been set properly.
Also all these systems pass the Test Connection application in lansweeper, but here is the error log. I also know for a fact that the 3 registry keys I am attempting to scan for are valid on most if not all the systems.
02/01/2011 10:00:44: J39XXXX REGISTRY Access denied
at System.Management.ManagementException.ThrowWithExtendedInfo(ManagementStatus errorCode)
at System.Management.ManagementObject.InvokeMethod(String methodName, ManagementBaseObject inParameters, InvokeMethodOptions options)
at LansweeperService.MdlRegistry.LSRegistry(LSWComputer& mycomputer, String section, SqlConnection& sqlcon)
Solved! Go to Solution.
Labels:
- Labels:
-
General Discussion
1 ACCEPTED SOLUTION
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
‎02-03-2011 06:48 PM
You can try procmon http://technet.microsoft.com/en-us/sysinternals/bb896645 to check for access denied errors while performing the scan.
12 REPLIES 12
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
‎02-05-2011 01:12 AM
XP and Windows 7 HKCU is a Reg Link to HKEY_Users, that does not surprise me, but in XP HKCU is actually readable remotely when called.. so why, why can I not set Windows 7 to act the same way?? I am tempted to create a new reg_link path to my SID and see if it works.
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
‎02-04-2011 06:04 PM
Ok lansweeper appears to read the HKLM properly even on the Windows 7 systems that I have not touched much. I added a path via HKEY_USERS to the specific key I wanted to read on my Windows 7 system and it read it just fine, had to restart the lansweeper service each time after making changes though. So my big issue for the registry scanning to be useful is to find a way to check all paths directly under HKEY_USERS or for lansweeper to detect which user has last logged on to that system and for it to automatically place the proper SID into the path? Is this possible?
As an example
HKEY_USERS\{SID}\Software\Open Systems\AppName\ClientUpg\Upgrade
SID = S-1-5-21-1292428093-1525645564-3455 (Last user login or scan all user SIDs)
Of course the other alternative is to find out how XP creates their psuedo paths which actually allows the Remote Registry to link to the proper HKEY_Users\{SID} path automatically when a key for the HKEY_CURRENT_USER path is requested.
As an example
HKEY_USERS\{SID}\Software\Open Systems\AppName\ClientUpg\Upgrade
SID = S-1-5-21-1292428093-1525645564-3455 (Last user login or scan all user SIDs)
Of course the other alternative is to find out how XP creates their psuedo paths which actually allows the Remote Registry to link to the proper HKEY_Users\{SID} path automatically when a key for the HKEY_CURRENT_USER path is requested.
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
‎02-04-2011 05:37 PM
Yes, all of my Windows 7 systems re-act the same way, however I have only applied various fixes and permissions to my registry specifically which is running Windows 7 Pro 64bit and it does not act different in any way than any other Windows 7 system. It all fails the lansweeper registry scan the same.
Has lansweeper been tested from a 32bit system like XP vs scanning registry keys on 64bit systems? I am wondering if I would have this same issue if I was to install lansweeper on a 64bit Windows 7 computer.
Has lansweeper been tested from a 32bit system like XP vs scanning registry keys on 64bit systems? I am wondering if I would have this same issue if I was to install lansweeper on a 64bit Windows 7 computer.
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
‎02-04-2011 05:32 PM
Do you have this with all windows 7 machines?
Maybe it's a corrupt wmi repository?
Maybe it's a corrupt wmi repository?
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
‎02-04-2011 05:16 PM
Also I just added HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Version to lansweeper and it still fails to read the information.
This is the VB script I am using to make sure that my computer is indeed allowing my registry paths to be read properly and while it fails for everything related to HKCU on Windows 7 (even though it passes for users logged into XP), the script does pass just fine on the HKLM paths for windows 7.
This is the VB script I am using to make sure that my computer is indeed allowing my registry paths to be read properly and while it fails for everything related to HKCU on Windows 7 (even though it passes for users logged into XP), the script does pass just fine on the HKLM paths for windows 7.
' Constants (taken from WinReg.h)
'
Const HKEY_CLASSES_ROOT = &H80000000
Const HKEY_CURRENT_USER = &H80000001
Const HKEY_LOCAL_MACHINE = &H80000002
Const HKEY_USERS = &H80000003
' Chose computer name, registry tree and key path
'
strComputer = "MyCOMPUTERName" ' Use . for current machine
hDefKey = HKEY_LOCAL_MACHINE
strKeyPath = "SOFTWARE\Microsoft\Internet Explorer"
' Connect to registry provider on target machine with current user
'
Set oReg = GetObject("winmgmts:{impersonationLevel=impersonate}!\\" & strComputer & "\root\default:StdRegProv")
' Try to enum the subkeys of the key path we've chosen. We can't if the key doesn't exist
'
If oReg.EnumKey(hDefKey, strKeyPath, arrSubKeys) = 0 Then
wscript.echo "Key exists!"
Else
wscript.echo "Key does not exists!"
End If
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
‎02-04-2011 04:58 PM
So if my only route is HKEY_Users, do I have wildcards or whatever it is called? So I can scan all SIDs?
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
‎02-04-2011 01:03 AM
the key I am looking for is in HKEY_CURRENT_USER and it would appear that entire path is blocked on Windows 7 but not XP. From the best I can tell the permissions are the same..
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
‎02-04-2011 11:20 AM
pjtech wrote:
the key I am looking for is in HKEY_CURRENT_USER and it would appear that entire path is blocked on Windows 7 but not XP. From the best I can tell the permissions are the same..
HKEY_CURRENT_USER refers to the user doing the scanning (not to the logged on user)
most likely there is no profile for this user on the computer.
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
‎02-03-2011 10:38 PM
I have installed procmon, had to actually remove kaspersky entirely for it to work right. I have been tracking svchost.exe and wmiprvse.exe on both the client and server, as well as the lansweeperservice.exe on the server. Everything has a result of Success with a few "Name not found" results, but no failures or Access denied errors.
General Discussions
Find answers to technical questions about Lansweeper.
New to Lansweeper?
Try Lansweeper For Free
Experience Lansweeper with your own data. Sign up now for a 14-day free trial.
Try Now
Related Content
- Problem scanning host in General Discussions
- Exchange Online Scanning in General Discussions
- Issues with Exchange Scanning in General Discussions
- Lansweeper Cloud Intune Discovery Actions Filter to scan no windows clients in Product Discussions
- How can we ensure that all of our Windows workstations are excluded from agentless scanning? in Open Office Hours Q&A
