Error: "Reader cannot access registry on target box" when attempting to collect from a Domain Controller
Article ID: 152448
Updated On:
Products
Security Information Manager
Issue/Introduction
Error: Reader cannot access registry on target box.
Symptoms
When collecting remotely from an Active Directory server from another Active Directory server the collector does not collect events and in the collector logs there is Error: Reader cannot access registry on target box.
Symptoms
When collecting remotely from an Active Directory server from another Active Directory server the collector does not collect events and in the collector logs there is Error: Reader cannot access registry on target box.
Cause
Local Security Policy on the Server is not configured properly to allow the collection.
Resolution
Setting the Domain Controller to allow connections to the EventLog registry path
- On the target Domain Controller, open the Default Domain Security Settings.
- Navigate to Local Policies and click Security Options.
- In the right pane, double-click Network access: Remotely accessible registry path and sub-paths.
- On the Security Policy Setting tab, check the Define this policy setting in the template check-box.
- Add to the list the value:
System\CurrentControlSet\Services\EventLog
- Click OK.
- Close the Default Domain Security Settings.
Feedback
Yes
No
Powered by
