Error Description: Enumerating all of the users on SERVER1 - BVNTProcessQuery::ObjectTypeAccount(): Processing machine scope - Access is denied in CCS
search cancel

Error Description: Enumerating all of the users on SERVER1 - BVNTProcessQuery::ObjectTypeAccount(): Processing machine scope - Access is denied in CCS

book

Article ID: 282292

calendar_today

Updated On: 04-23-2024

Products

Control Compliance Suite Standards Server Control Compliance Suite Control Compliance Suite Standards Module

Issue/Introduction

In Control Compliance Suite when running a data collection/CER job against a Windows Machine asset, you get the following error in the console.

Error Description: Enumerating all of the users on SERVER1 - BVNTProcessQuery::ObjectTypeAccount(): Processing machine scope - Access is denied.

Where SERVER1 is the hostname of the Windows Machine asset.

Cause

The user that is specified in the CCS Credentials database does not have enough permission to retrieve the requested data.

Resolution

Verify that the user is in the local administrators' group on the target server. Make sure that user is not in any of the local security policies 'deny' settings.

Make sure that user has all the needed access to WMI and DCOM.

Run the following commands to verify that the user is able to remotely collect the data from the CCS Manager server doing the data collection.

From a Command Prompt (cmd.exe), replace SERVER1 with the correct hostname, and DOMAIN\USER with the correct user credential that is configured for data collection.

NOTE: When you execute these commands, you will get a prompt to enter in the user's password.

wmic /Node:"SERVER1" /user:DOMAIN\USER path win32_groupuser

From a PowerShell prompt

Get-WmiObject -ComputerName SERVER1 -Credential DOMAIN\USER -Class Win32_groupuser

If you see "Access is denied" from either of those, work with your Windows AD team to figure out what is limiting the permissions or preventing that user from collecting the data.  It could be a 3rd party security service, or it could be the OS has been hardened.