Error reading security descriptor - unknown error (0x8004101d)
Issue
When scanning a Windows machine the agent fails when reading registry security descriptors and the following error is seen
Error reading the registry security descriptor for 'path'. Unknown error (0x8004101d).
Cause
This error can be caused when there is an unresolved account name in the security descriptor and the Windows machine is being scanned using Windows Management Instrumentation (WMI).
The security descriptor can be viewed in regedit by right clicking the affected key and selecting security.
Resolution
To resolve this issue either
- Correct the security descriptor.
- or - - Scan the Windows machine using PowerShell remoting.
More Information
The issue is caused by an underlying limitation of the GetSecurityDescriptor method of the StdRegProv class.