Unable to Scan Machines - Error 201 despite meeting common prerequisites

Version 4



    When attempting performing scan, you may receive error "Error code 201: Network connection error. Verify that you can logon to the specified machine " even though the most common prerequisites have been met, e.g.


    • DNS resolution: nslookup machinename resolves correct IP
    • Admin share access: net use \\machinename\IPC$ succeeds
    • Remote registry connection: Able to connect to the machine from Regedit by going to File > Connect Network Registry...
    • Windows Firewall is not configured.
    • Have admin access to VM's, can map to VM's remotely C$ & IPC$.




    On the target machine, the "Operational" log located under the Applications and Services Log/Microsoft/Windows/NTLM records warnings “NTLM server blocked: Incoming NTLM traffic to servers that is blocked”, "NTLM authentication requests to this server have been blocked."




    NTLM Traffic is blocked on the target machine. Local Group Policy "Network Security: Restrict NTLM: Incoming NTLM Traffic" is configured as "Deny all domain accounts" or "Deny all accounts".




    Set "Network Security: Restrict NTLM: Incoming NTLM Traffic" to "Allow all".


    Affected Products


    Shavlik Protect 9.2.x

    Ivanti Patch for Windows Servers 9.3.x