[more=решение проблем сканирования]
Scan Troubleshooting
This document helps you to troubleshoot problems while discovering workstations through Windows Domain Scan
Windows Domain Scan:
1. Click "Admin" tab -> Windows Domain Scan link. This opens 'Windows Domain List' page with the list of all Domains/Workgroups discovered by the Asset Explorer.
2. Click 'Add New Domain' link to add new domain/workgroup or undiscovered domains/workgroups.
3. Click on any of the listed Domain or on the 'Edit Domain' icon. This opens the Edit Domain page. Specify the Domain Controller name, Login Name and Password of the domain administrator account.
4. Click 'Save' button to save the domain details. Click 'Scan' icon (Second of three icons shown) to start the discovery process for the specified domain. This brings up the Domain Scan Wizard page.
5. Select Organizational units for which you want to scan, by enabling the check box.
6. Click 'Start Scanning' button.
All the discovered workstations can be viewed in the Assets -> Workstations page. If scanning of a workstation fails, the cause for the failure will be listed below the 'View Error logs' in the Domain Scan Wizard page. The error messages can also be found at Support > System Log Viewer. This error Message will be helpful to resolve the scanning problem.
TROUBLESHOOTING:
To search for a resolution in this document, click the corresponding error message, below :
No response received from workstation. Probably the workstation might be switched off or does not exist.
Either access denied for the user or the remote DCOM option might be disabled in the workstation.
User does not have the access privileges to perform this operation.
Remote DCOM option is disabled in the Server machine.
Connection to RPC server in the workstation failed.
One of the WMI components is not registered properly.
Execution failure in the WMI Service of workstation.
WMI Service is disabled in the workstation.
Request for scan operation rejected by the workstation.
General failure while performing the operation.
No response received from workstation. Probably the workstation might be switched off or does not exist.
CAUSE:
a) As the message states, the target workstation might be switched off while performing the scan operation.
b) AssetExplorer is running in some non-english OS computer.
RESOULUTION:
a). Check if the the target workstation is switched ON and can be pinged from DOS prompt in AssetExplorer Server. Sometimes if the Firewall is enabled normal ping will not work. Ensure Normal ping is successful. You ll have to open the firewall for ICMP echo.
b) If the server is running in any Non-English OS, open TCP port 7 Exception in Firewall of the target workstation.
1. Goto Control Panel -> Windows Firewall -> Click Exceptions Tab
2. Click the "Add Port" button
3. Enter a name for Reference, Port 7 and select TCP
4. Click OK.
Go Top
Either access denied for the user or the remote DCOM option might be disabled in the workstation.
CAUSE:
This error message occurs when a Windows workstation fails while scanning. This is due to any of the following reasons:
a) The login name and password provided for scanning might be invalid in the workstation.
b) Remote DCOM option might be disabled in the remote workstation.
RESOULUTION:
Step 1:
For Windos workstations "Windows Domain Scan" mode will be more efficient than "Network Scan" mode. Configure the proper login credentials for the Domain/Workgroup. Check if the login credentials are provided in correct format. For login credentials ensure that you haven't entered the DomainName along with the UserName (i,e Do not Enter as DoaminName\\UserName). It is sufficient if only the UserName is entered in the provided text-field.
Step 2:
Ensure that the login information provided are correct and has administrator privileges in the target computers. To check the validity of the login information, you can execute the following commands in the command prompt of the server:
net use \\<RemoteComputerName>\C$ /u:<DomainName\UserName> "<password>"
net use \\<RemoteComputerName>\ADMIN$ /u:<DomainName\UserName> "<password>"
Note: Replace the relevant value within <>. Supply password within the quotes.
If the above commands succeed and Scanning fails, then the problem might be in the DCOM Configurations.
Step 3:
Ensure Remote DCOM is enabled on the target workstations.
To Enable DCOM in Windows 2000 Computers
1. Select Start > Run
2. Type DCOMCNFG in the text field
3. Click OK.
4. Select Default Properties tab
5. Check the box "Enable Distributed COM in this machine"
6. Press OK
To Enable DCOM in Windows XP Computers
1. Select Start > Run
2. Type DCOMCNFG in the text field
3. Click OK
4. Right Click on Component Services > Computers > My Computer
5. Click Properties
6. Select Default Properties tab in the frame that pops
7. Check the box "Enable Distributed COM in this machine"
8. Press OK
Try scanning the workstation after Enabling Remote DCOM.
Step 4:
If scanning fails after enabling remote DCOM, give more DCOM permissions and try scanning the workstation.
1. Start -> Run -> DCOMCNFG
2. Choose the DEFAULT PROPERTIES tab
3. Chek the check-box Enable Remote DCOM on this computer
4. Set the Default Authentication Level as DEFAULT. NONE also can be set.
5. Set the Default Impersomation Level as IMPERSONATE.
6. Now select the DEFAULT SECURITY tab.
7. Click the Edit Default button under Default Access Permission.
8. In the Frame that pops, click the ADD button and add "Everyone" with Allow Access permission.
9. Similarly, under the Default Launch Permission add "Everyone" with Allow Launch permission.
10. Click OK and now try scanning the workstation.
NOTE: Sometimes DCOM Settings will be effective after restarting the server.
Step 5:
In certain cases, the problem might be due to enabling "Simple File Sharing". To disable "Simple File Sharing":
1. In any of the Windows Folders Click "Tools" > "Folder Options".
2. In the Folder Options window, goto "View" tab.
3. Uncheck "Use simple file sharing"
4. Click "OK" to save changes.
Step 6:
If the target workstations are Windows XP try modifying the Network Access Security Model.
1. Goto Control Panel -> Administrative Tools -> Local Security Policy
2. Right Click "Network Access : Sharing and security model for local accounts" and then select Properties
3. Choose the option "Classic - local users authenticate as themselves" and apply
4. Restart and scan the workstation.
Go Top
User does not have the access privileges to perform this operation.
CAUSE:
Such error messages are shown, if the User ID provided for scanning does not have sufficient access privileges to perform the scanning operation. Probably, this user does not belong to the Administrator group of the workstation.
RESOLUTION:
Move the user to the Administrator Group (or) scan with an administrator (preferably a Domain Administrator) account.
(or)
You may also provide WMI Admin rights for the user in the target workstation as follows:
1. In the target Windows Workstation, Click Start -> Run -> Type "wmimgmt.msc" and Press Enter
2. Right Click on "WMI Control(LOCAL)" that is shown in the Right side Frame and Select Properties
3. In the "WMI Control Properties" window that pops up, Click the "Security" tab
4. Select the "Root" node , Click the "Security" button
5. Add the User (configured for Domain Scan) and allow All Security Permissions. Click OK
Go Top
Remote DCOM option is disabled in the Server machine.
CAUSE:
Remote DCOM option might be disabled in the machine running ServiceDesk Plus Server.
RESOLUTION:
ServiceDesk uses Windows Management Instrumentation (WMI) to scan the remote workstations. WMI works over Remote DCOM and hence this option must be enabled for scanning the remote machines.
To Enable DCOM in Windows 2000 Computers:
1. Select Start > Run
2. Type DCOMCNFG in the text field
3. Click OK.
4. Select Default Properties tab
5. Check the box "Enable Distributed COM in this machine"
6. Press OK
To Enable DCOM in Windows XP Computers:
1. Select Start > Run
2. Type DCOMCNFG in the text field
3. Click OK
4. Right Click on Component Services > Computers > My Computer
5. Click Properties
6. Select Default Properties tab in the frame that pops
7. Check the box "Enable Distributed COM in this machine"
8. Press OK
Go Top
Connection to RPC server in the workstation failed.
CAUSE:
This message is shown when a firewall is configured on the remote computer. Such exceptions mostly occur in Windows XP (SP-2), when the default Windows Firewall is enabled.
RESOLUTION:
a) Disable the default Firewall in the workstation. To disable the Firewall in Windows XP (SP2)
1. Select Start->Run
2. Type Firewall.cpl
3. Click OK.
4. In the General tab, click Off.
5. Click OK.
b) If Firewall cannot be disabled then, we can lauch Remote Administration feature for administrators in the remote computer and then scan the workstation. The following command when executed in the target computer, can enable this feature :
netsh firewall set service RemoteAdmin
After scanning the computer, if required, the Remote Administration feature can also be disabled. The following command disables this feature :
netsh firewall set service RemoteAdmin disable
c) The above configuration can be made through Policy Editor as follows:
1. From Start -> Run -> gpedit.msc (to open Group policy editor)
2. Computer Configuration folder.
3. Open the Administrative Templates folder.
4. Open the Network folder.
5. Open the Network Connections folder.
6. Open the Windows Firewall folder.
7. If the computer is in the domain, then open the Domain Profile folder; otherwise, open the Standard Profile folder.
8. Click Windows Firewall: Allow remote administration exception. On the Action menu, select Properties.
9. Click Enable, and then click OK.
Go Top
One of the WMI components is not registered properly.
CAUSE:
This message is shown if WMI is not available in the remote windows workstation. This happens in the Windows 9x, Windows NT and Windows ME. Such error codes might also occur in higher versions of Windows if the WMI Components are not registered properly.
RESOLUTION:
Install WMI core in the remote workstation. This can be downloaded from the Microsoft web site.
If the problem is due to WMI Components registration, do register the WMI dlls, executing the following command at command prompt:
winmgmt /RegServer
Go Top
Execution failure in the WMI Service of workstation
CAUSE:
Such error messages are shown, when there are some internal execution failures in the WMI Service (winmgmt.exe) running in the remote workstation. Probably the last update of the WMI Repository in that workstation could have failed.
RESOLUTION:
Restart the WMI Service in the remote workstation. To restart the WMI service in the workstation
1. Click Start -> Run.
2. Type Services.msc
3. Click OK.
4. In the Services window that pops-up, select "Windows Management Instrumentation" service and right-click on that.
5. Click Restart.
Go Top
WMI Service is disabled in the workstation.
CAUSE:
This error message is shown when the WMI Service (winmgmt.exe) is not enabled in the remote workstation.
RESOLUTION:
Modify the property of WMI Service as Manual or Automatic from Disabled.
1. Click Start -> Run
2. Type Services.msc
3. Click OK.
4. In the Services window that pops-up, select "Windows Management Instrumentation" service and right-click on that.
5. Click Properties.
6. If the Startup type is "Disabled", change it to "Automatic/Manual" and start the service.
7. Restart the service.
Go Top
Request for scan operation rejected by the workstation
CAUSE:
DCOM settings in Registry of the target workstation reject the scan request.
RESOLUTION:
Edit the Registry key value, as described below:
1. Use Regedit to navigate to: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\OLE.
2. Double-click the EnableDCOM value Name, a string (REG_SZ) data type. Set its data value to Y, even if it is already SET to Y.
3. Click OK
4. Shutdown and restart the computer.
Go Top
General failure while performing the operation
CAUSE:
Some unexpected exception occurred while, scanning the workstation.
RESOLUTION:
Contact the ServiceDesk support team with the Error log files. You can obtain the error log files from Support tab by clicking on the Support File link in the ServiceDesk Plus application.
[/more]
