When attempting performing scan, you may receive error "Error code 201: Network connection error. Verify that you can logon to the specified machine " even though the most common prerequisites have been met, e.g.
- DNS resolution: nslookup machinename resolves correct IP
- Admin share access: net use \\machinename\IPC$ succeeds
- Remote registry connection: Able to connect to the machine from Regedit by going to File > Connect Network Registry...
- Windows Firewall is not configured.
- Have admin access to VM's, can map to VM's remotely C$ & IPC$.
On the target machine, the "Operational" log located under the Applications and Services Log/Microsoft/Windows/NTLM records warnings “NTLM server blocked: Incoming NTLM traffic to servers that is blocked”, "NTLM authentication requests to this server have been blocked."
NTLM Traffic is blocked on the target machine. Local Group Policy "Network Security: Restrict NTLM: Incoming NTLM Traffic" is configured as "Deny all domain accounts" or "Deny all accounts".
Set "Network Security: Restrict NTLM: Incoming NTLM Traffic" to "Allow all".
Shavlik Protect 9.2.x
Ivanti Patch for Windows Servers 9.3.x