Want to win a PS4? Go Premium and enter to win our High-Tech Treats giveaway. Enter to Win

x
?
Solved

MBSA doesn't scan 2003 Server to Vista Business 64-bit

Posted on 2009-03-30
10
Medium Priority
?
493 Views
Last Modified: 2013-11-29
Currently, we are trying to scan all the workstations on a network using Microsoft Baseline Security Analyzer 2.1.  All the Vista Business 64-bit and SP1 machines are giving the error incomplete scan.  They can use the MBSA and scan themselves as local machines but anything through the network doesn't work.  I tried disabling Windows Defender, Windows Firewall, and Symantec Endpoint Protection.  I also logged in as a local user and tried to get access to it and had no luck.  Does anybody have any idea's on why this is occurring?
0
Comment
Question by:LightningTech
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 5
  • 5
10 Comments
 
LVL 3

Expert Comment

by:kchat
ID: 24026230
Give some more info regarding the machine (OS and version) and the account you use to scan the remote machines. Also, is it a domain or workgroup?
0
 
LVL 1

Author Comment

by:LightningTech
ID: 24029958
OS: Windows Server 2003 Standard SP2
CPU: Xeon CPU 3.2GHz
RAM: 3GB
In a Domain
Account used to scan: DOMAIN\administrator (It doesn't scan with the logged in account?)
0
 
LVL 3

Expert Comment

by:kchat
ID: 24036185
Under the report details in MBSA there is a section that describes what was incomplete,  can you give us the Score, Issue and Result, in order to get the picture?
0
VIDEO: THE CONCERTO CLOUD FOR HEALTHCARE

Modern healthcare requires a modern cloud. View this brief video to understand how the Concerto Cloud for Healthcare can help your organization.

 
LVL 1

Author Comment

by:LightningTech
ID: 24053261
Here is a screen shot of the page that comes up after I run a MBSA. Just says unable to scan

Thank You,
MBSA.bmp
0
 
LVL 3

Expert Comment

by:kchat
ID: 24057214
Microsoft quotes (http://technet.microsoft.com/en-us/security/cc184923.aspx) that:
By customer request, the automatic distribution of the latest Windows Update Agent (WUA) client to client computers scanned by MBSA has been disabled in MBSA 2.1. This may prevent MBSA from successfully scanning computers that do not have the latest WUA client installed. Administrators and security auditors will want to select the option to "Configure computers for Microsoft Update and scanning prerequisites" in order to improve security scan success.
0
 
LVL 1

Author Comment

by:LightningTech
ID: 24062289
Alright, so I downloaded WUA 3.0 and installed it on one of the Vista machines to test it out.  Immediately after the install I was able to scan the Vista machine via MBSA with that, "Configure computers for Microsoft Update and scanning prerequisites" checked.  But, after that I tried to scan the whole network with the "Configure computers for Microsoft Update and scanning prerequisites" checked and it failed all of them including the one that succeeded previously.  Finally, I scanned that one single machine that passed and now it isn't scanning again with the same problem as before.  One step forward, One step back.
0
 
LVL 3

Expert Comment

by:kchat
ID: 24062958
Do you have a WSUS in place?
0
 
LVL 1

Author Comment

by:LightningTech
ID: 24078210
I do have one installed on the server but it isn't currently configured all the way. (Workstations are not set to go to the server for updates)
0
 
LVL 1

Accepted Solution

by:
LightningTech earned 0 total points
ID: 24081381
Okay, so I looked into it and found the problem.

"Requirements for a Computer to Be Scanned Remotely
The computer must be running Microsoft Windows Server" 2008, Windows Vista, Windows Server" 2003, Windows XP, or Windows 2000 Service Pack 3 or later. Itanium-based computers must be running Windows Server 2003 with SP1 or higher.
Internet Explorer 5.01 or later is required for IE zone checks.
IIS 5.0, 6.0 is required for IIS product and administrative vulnerability checks.
Microsoft SQL Server 7.0 or 2000 or Microsoft Data Engine or Microsoft SQL Server 2000 Desktop Engine (MSDE) is required for SQL product and administrative vulnerability checks.
Windows Update Agent 3.0 is required to scan for updates.
Microsoft Office 2000, Office XP or Office System 2003 is required for Office product and administrative vulnerability checks.
Windows Installer 3.0 or later is required for Office product updates checks.
The following must be enabled:
Server service
Remote Registry service
File and Print Sharing
Distributed COM (DCOM) is required for remote security update scanning.
To run MBSA, you must be logged on with an account that has local administrative privileges on each computer being scanned either locally or remotely."

The "Remote Registry service" was not started on any of the machines.  I started it and was able to scan and everything even without checking, "Configure computers for Microsoft Update and scanning prerequisites".

Thank you kchat for all of your help.  You helped me pinpoint the problem so thank you.  Take care!
0
 
LVL 3

Expert Comment

by:kchat
ID: 24084202
No pro bro, thank you too for the solution ...
0

Featured Post

Technology Partners: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

This article shows how to use a free utility called 'Parkdale' to easily test the performance and benchmark any Hard Drive(s) installed in your computer. We also look at RAM Disks and their speed comparisons.
In this modest contribution, I want to share with the IT community (especially system administrators, IT Support Engineers and IT Help Desks) about Windows crashes/hangs and how to deal with these particular problems.
This Micro Tutorial will give you a basic overview of Windows DVD Burner through its features and interface. This will be demonstrated using Windows 7 operating system.
Finding and deleting duplicate (picture) files can be a time consuming task. My wife and I, our three kids and their families all share one dilemma: Managing our pictures. Between desktops, laptops, phones, tablets, and cameras; over the last decadeā€¦

618 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question