Microsoft, Baseline Security Analyzer, 2.1, not scanning all workstations

Posted on 2008-11-18
Last Modified: 2013-12-04
I am running Microsoft Baseline Security Analyzer from Server 2003 and the scan log is reporting that many of the domain computers are unreachable because their names could not be resolved.  I have checked and rechecked dns entries on the domain controller, disabled firewalls on all workstations (verified that service is not started), and even set the Network Access: sharing and Security Model for Local Accounts (in Local Security Policy) to Classic.  
Note:  I have also tried to run this from both the domain controller and another server.

Scanning either the whole domain, range of IPs, or individual IPs yields the same result. Please help...
Question by:CrashCrack
    LVL 13

    Expert Comment

    See if this FAQ helps:

    Also, see the explaination for your error:
    Q: Why am I seeing error "Could not resolve the computer name: name. Please specify computer name, domain\computer, or an IP address."?
    This error is common when scanning based on an IP address range. This is because MBSA will convert the range into a list of specific IP addresses for that range and attempt to resolve each IP address into the associated NetBIOS computer name. When that name resolution cannot be performed because the computer is switched off, or the IP address is not in use, this error will be returned.

    The error can also happen when using a domain name of domain members are not accessible on the network, such as a laptop computer roaming outside the wireless network, or a desktop computer that has been shut down.

    If you specify a DNS fully qualified domain name (FQDN) as the domain to be scanned, you will also see these errors. In that case, you need to use the NetBIOS compatible domain name.

    Hope that helps
    - Kelvin
    LVL 13

    Expert Comment

    Also make sure you have the agents running on all the client machines.
    LVL 13

    Accepted Solution

    I came across a reply from a Microsoft staff regarding a person with similiar problems.

    Maybe you can run through the points he mentioned:

    Author Comment

    I was scanning using the NetBIOS domain name and also by IP.

    I checked the help file in MBSA and I'm sure that both the scanning computer and the target computers meet all requirements except one.  The Windows Update Agent 3.0: how do I know if I have it installed?
    LVL 52

    Assisted Solution

    The presence of update agent 3 can be verified by looking at the c:\windowsupdate.log file at one of the clients. Search for lines with WU client version in them. That should read (like client version 7.2.6001.784).
    Maybe you have to use a sniffer like wireshark to see if traffic is getting through to the client. I never had these problems but we don't use any firewalls - I suspect those, even if the service is stopped. Uninstall one.

    Featured Post

    Highfive Gives IT Their Time Back

    Highfive is so simple that setting up every meeting room takes just minutes and every employee will be able to start or join a call from any room with ease. Never be called into a meeting just to get it started again. This is how video conferencing should work!

    Join & Write a Comment

    Getting hacked is no longer a matter or "if you get hacked" — the 2016 cyber threat landscape is now titled "when you get hacked." When it happens — will you be proactive, or reactive?
    Today, still in the boom of Apple, PC's and products, nearly 50% of the computer users use Windows as graphical operating systems. If you are among those users who love windows, but are grappling to keep the system's hard drive optimized, then you s…
    This video discusses moving either the default database or any database to a new volume.
    In this seventh video of the Xpdf series, we discuss and demonstrate the PDFfonts utility, which lists all the fonts used in a PDF file. It does this via a command line interface, making it suitable for use in programs, scripts, batch files — any pl…

    731 members asked questions and received personalized solutions in the past 7 days.

    Join the community of 500,000 technology professionals and ask your questions.

    Join & Ask a Question

    Need Help in Real-Time?

    Connect with top rated Experts

    18 Experts available now in Live!

    Get 1:1 Help Now