When attempting to monitor a Windows® XP Professional machine, the remote agent sometimes fails to connect with an Access Denied error message. This error can be caused by the Windows ForceGuest setting, which is enabled by default on machines that are not part of a domain. To resolve the issue, ensure that remote connections are not being coerced to log on as the guest account by following the procedure below.
1 |
2 |
3 |
Choose Local Policies > Security Options. |
4 |
Select the entry: Network access: Sharing and security model for local accounts. |
5 |
6 |
In the dialog box that appears, on the Local Security Setting tab, select Classic - local users authenticate as themselves from the list. |
7 |
Click OK. |
For more information, see step 5 in the following VMWare KB article:
http://kb.vmware.com/selfservice/microsites/search.do?language=en_US&cmd=displayKC&externalId=2013
The agent uses Windows® authentication to Negotiate the monitored instance. In some cases, the negotiation can fail if there is a mismatch between the authentication types used by the client and the server.
The following symptoms indicate an authentication issue:
To resolve these issues, you may need to disable the NTLMv2 authentication.
1 |
Run regedit to edit the registry. |
2 |
Locate the following registry key: HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Lsa |
3 |
Locate the value named LMCompatibilityLevel, and change the DWORD value to 2 (send NTLM authentication only). |
4 |
Close regedit and restart the machine. |
When the agent attempts to access the Windows® registry and enter the Windows Management Instrumentation (WMI) component, the attempt can fail if the agent user does not have the required permissions.
The following symptoms indicate a permissions issue:
• |
1 |
Ensure that the following two registry keys exist on the monitored host, in HKEY_CLASSES_ROOT\CLSID\: |
• |
• |
b |
Start regedit, and from the Edit menu, use Find to search for the following key: 76A6415B‑CB41‑11d1‑8B02‑00600806D9B6. |
c |
d |
e |
f |
On the Owner tab, in the Change owner to area, select the account with which you are currently logged in. |
g |
Click OK. |
h |
i |
j |
Any WindowsShell connection made to a non-local host requires DCOM access to that machine, regardless of whether the user establishing the connection is a local or third-party user.
Therefore, agents that connect to Windows® machines using the Agent Manager’s WindowsShellService need to make the following specific registry changes to allow the connection.
1 |
Ensure that the following two registry keys exist on the monitored host, in HKEY_CLASSES_ROOT\CLSID\: |
b |
Start regedit, and from the Edit menu, use Find to search for the following key: 72C24DD5-D70A-438B-8A42-98424B88AFB8. |
c |
d |
e |
f |
On the Owner tab, in the Change owner to area, select the account with which you are currently logged in. |
g |
Click OK. |
h |
i |
j |
Click OK. |
© ALL RIGHTS RESERVED. Terms of Use Privacy Cookie Preference Center