The Remote Registry service must be enabled and started and accessible from both the JSA Vulnerability Manager scanner appliance and the configured scanning user used in the scan profile.
If the remote registry cannot be accessed, windows patch scanning fails completely.
If JSA Vulnerability Manager cannot access the remote registry, the scan results record the following error:
Local Checks Error – Remote Registry Service Not Running
In JSA Vulnerability Manager version 2014.3 and later, a yellow triangle icon is displayed next to the asset in the scan results.
The status of the remote registry service can be verified from the Administrative Control Panel under Services. Ensure that the following dependent services are started:
Remote Procedure Call (RPC)
DCOM Server Process Launcher
RPC EndPoint Mapper
JSA Vulnerability Manager can access the remote registry over the classic NetBIOS (ports 135, 137, 139) or the newer NetBIOS over TCP (on port 445). Network or personal firewalls that block access to either of these protocols prevents access to Windows patch scans.
Administrative user accounts have access to the remote registry by default. Non-administrative user accounts do not have access to the remote registry. You must configure access.