Unable to Scan Machines - Error 201 despite meeting common prerequisites

Version 4

    Symptoms

     

    When attempting performing scan, you may receive error "Error code 201: Network connection error. Verify that you can logon to the specified machine " even though the most common prerequisites have been met, e.g.

     

    • DNS resolution: nslookup machinename resolves correct IP
    • Admin share access: net use \\machinename\IPC$ succeeds
    • Remote registry connection: Able to connect to the machine from Regedit by going to File > Connect Network Registry...
    • Windows Firewall is not configured.
    • Have admin access to VM's, can map to VM's remotely C$ & IPC$.

     

    Troubleshooting

     

    On the target machine, the "Operational" log located under the Applications and Services Log/Microsoft/Windows/NTLM records warnings “NTLM server blocked: Incoming NTLM traffic to servers that is blocked”, "NTLM authentication requests to this server have been blocked."

     

    Cause

     

    NTLM Traffic is blocked on the target machine. Local Group Policy "Network Security: Restrict NTLM: Incoming NTLM Traffic" is configured as "Deny all domain accounts" or "Deny all accounts".

     

    Resolution

     

    Set "Network Security: Restrict NTLM: Incoming NTLM Traffic" to "Allow all".

     

    Affected Products

     

    Shavlik Protect 9.2.x

    Ivanti Patch for Windows Servers 9.3.x