You mentioned you did check the requirements. I have posted them below just in case where you were viewing the requirements they varied, also for others reviewing this posting.
It depending on how this is failing. With certain hardware configurations have been reported to possibly cause less data to come back from the hardware asset scans. (Certain vendors can disable what hardware is reported to the operating system, and this can vary even just on version of the same hardware, at this time we do not have a listing of these items.)
Is this failing with an error during scanning at this time and not reporting any results?
Asset Management Scan Requirements
Before attempting an asset scan, please confirm that you meet the following requirements:
• An asset management license key must be available.
• The Windows Management Instrumentation (WMI) service must be enabled and
accessible on the target machines.
• TCP port 135 must be configured on your organization's firewall to allow the WMI
• Credentials must be provided for the target machines. You cannot perform scans using
your current logon credentials. See Supplying Credentials for details.
• For target machines using Windows operating systems that employ the use of User
Account Control (this includes Windows Vista or later and Windows Server 2008 or later),
you must either:
o Join the machines to a domain and then perform the scan using domain
administrator credentials, or
o If you are not using the true administrator account on the target machines you
must disable User Account Control (UAC) remote restrictions on the machines.
To do this:
1. Click Start, click Run, type regedit, and then press Enter.
2. Locate and then click the following registry subkey:
3. If the LocalAccountTokenFilterPolicy registry entry does not exist,
follow these steps:
a. On the Edit menu, point to New, and then click DWORD Value.
b. Type LocalAccountTokenFilterPolicy and then press Enter.
4. Right-click LocalAccountTokenFilterPolicy and then click OK.
5. In the Value data box, type 1, and then click OK.
6. Exit Registry Editor.
For more details on disabling UAC remote restrictions, see
Windows Firewall Requirements for Hardware Asset Scans
NetChk Protect scans for hardware assets using WMI in semisynchronous mode. This means the
firewall policy only requires DCOM connections from the console machine to the target machines.
Asynchronous mode, which would require reverse connections back to the console, are not used.
To scan hardware assets of a machine with Windows Firewall running, you must set that
machine’s firewall to allow remote administration. You can configure the firewall via group policy
or local command. The local command is:
netsh firewall set service RemoteAdmin
If you are unfamiliar with Windows Firewall administration, the following links may help:
I think I have found the problem. Since putting in this question I have reconvened with my firewall team, and it seems that for some reason the RPC calls are acting differently from XP machines than all of the other Windows machines. My firewall guy apparently has to implement a hotfix to get everything working like it should on the firewall end. Until then he has just opened up all RPC high ports, which has resolved the issue.
FYI for those who don’t know, when Shavlik does a hardware asset scan it uses WMI. WMI initiates over port 135 but then gets assigned a dynamic high port through RPC from the destination workstation.