When attempting to perform a patch scan, the scan fails with the following error:
Error 1300: Not all privileges or groups referenced are assigned to the caller
The hf.log may contain the following line:
ScanWorkItem.cpp:535 Error in scan thread func class STWin32::CWin32Exception at Privilege.cpp:81
The 535 Error mentioned in the log indicates an authentication problem.
The error message is a generic error stating you haven't provided an account with full privileges that may be required to perform some action.
Often we see this error occur when attempting to scan a hosted VM template and the account used is incorrect or does not have all privileges required to perform the action.
Verify the following:
1) First and foremost, ensure that the account(s) being used are valid Administrator accounts with all required privileges available. You may also need to refer to our Ivanti Patch for Windows Servers Requirements Guide.
2) Is the target system part of a domain? If the administrator account being supplied as the "Admin Credentials" doesn't have the following user rights you may need to make changes to the account as these user right will be required:
Take ownership of files or other objects
Manage auditing and security log
Back up files and directories
Restore files and directories
3) If this is occurring when scanning a VM template make sure to check the above as well as this:
In your machine group, do you have both the "Admin Credentials" and "Browse Credentials" set for the vm template once added to the group?
(Browse credentials being the vCenter administrator and Admin credentials being an administrator within Windows on the template.)
For the "Browse Credentials" make sure you are supplying a vCenter admin, not just an ESXi admin - templates are managed by vCenter.
You may also need to refer to our Virtual Machine Quick Start Guide.
Shavlik Protect 9.x