Why do KSDU scans fail


When I run a Latest or Baseline Scan on a agent, why does my scan fail with the message "Error Scanning"?



Generally there are a wide variety of reasons why a KSDU scan fails. Here are some steps to help you narrow down the issue.

1). One common issue is that the agent lacks Administrative rights. Check the Agent tab > Agent Logs > Agent Procedure Logs. Look for the time when the scan last ran and see why the scan failed. The log will be specific and say that the credentials don't have administrative rights to execute the command. If this is the case, set another account in the Agent > Set Credentials section and see if the scans succeed then.

2). Navigate to the agent locally and go to its working directory. Within the working directory, navigate to the KSDU folder and look for NiniteOne.exe. Execute this file. When you execute this file, you should only see a pop-up asking you what programs to install. However, if anything else pops-up locally on the endpoint, this indicates that something else is blocking this program from executing. Some common issues are UAC is enabled, GPO settings prevent exe from running, and security programs are blocking the execution of the program.

3). Another common issue is that the application does not have access to the KSDU websites to run a successful scan.  The websites are listed below.

-Kserver has access to deploy01.kaseya.com on port 443
-Agents have access to
     -ninite.com on port 443
     -ocsp.digicert.com on port 80
     -crl3.digicert.com on port 80
     -crl4.digicert.com on port 80
To verify that the websites are indeed the problem, try using the offline scan to see if that helps. There is no difference in results between the online and the offline scan source. However, with the offline scan source, a small file is sent locally to the agent for the agent to scan against. The offline scan file will contain all the latest programs that are available at the moment.
To set the offline scan source, go to Software Deployment > Application Settings > Offline Scan > select the machine to use an offline scan. Run a scan against the machine and see if is successful. If this scan is successful and the other scan is not, then the problem lies with the network.
If you are still experiencing problems after all this, please submit a ticket to our support forums specifying in detail everything that you have done.

Have more questions?

Contact us

Was this article helpful?
1 out of 2 found this helpful

Provide feedback for the Documentation team!

Browse this section