eEye Digital Security

 Nothing has changed in my domain yet all of the sudden Retina is not getting remote access into the registry of some 20+ computers.

I can access every registry remotely threw regedt32, so thats not the issue. I have installed the newest version today and still no change.

I have played with the permissions as work around and was able to get a good scan adding EVERYONE with read priveleges, but this is not a good work around as it is causse for vurnalbilites. It should as was working with LOCAL SERVICES with read writes, so again this can't be the issue.

Another flaky issue; when we go to single scan SOMETIMES, but rare, I can get a good scan. Why is this?

Is anyone else having similar problems with Retina?

First check your credentials.  Next verify your firewall settings.  If that doesn't work out, please submit a support request through the client support portal.

Something has changed. When Retina suddenly starts having registry access issues it's usually a policy or firewall issue.  First thing to do is follow the advice nomuus gave. If you still don't have registry access then do this:

1) Narrow your scan to one target and one audit that is problematic.

2) Examine the Retina log file (xxxx_RetinaScanner.log in the Logs directory) and look for lines that have "WNetAddConnection" and  "CreateRegSession". Examine the lines that follow these entries and check if the calls returned an error. If you see error 1326 you have invalid credentials. If you see lots of "err=5", it's a permission thing.

Your message is not specific so I can only give you a vague response. More details are needed.

A) What version of Retina?

B) What do the 20+ computers in question have in common? i.e. On the same subnet? Different domain? Different group policies? etc...

If you're a valid Retina customer you have access to support via the Business Portal

I think the address is www.eeye.com/clients

 *Passes out laughing at Gamachan's avatar picture*