In this section

• Home
• Support
• Knowledgebase
• Articles

Online support

• Knowledgebase
• Virus disinfection

Product maintenance

• Downloads and updates
• Documentation
• Software lifecycle

Contact support

• Talk to an expert
• Send a sample
• Email us

Support services

• Overview
• Technical Support
• Professional Services
• Technical Training

Enterprise Console: error 80070035 and 0000002b when deploying to Windows Vista or 2008

Issue
If Enterprise Console is used to deploy Sophos Anti-Virus for Windows 2000+, version 6 and above, onto a Windows Vista or Windows 2008 computer, two problems may be encountered:

1. the Remote Registry service will not have been started
2. the default Local Security Policy on that Windows Vista/2008 computer may not allow installation.

One of the following error messages may be displayed:

• 80070035 Could not start installation program on the computer. The network path was not found.

• The installation did not start. The computer may have been shut down, renamed or disconnected, or a required service may not be running. It may be running Windows XP Home or Windows Vista, or Windows 2008.

A subsequent error message may be displayed once the Remote Registry service has been started - the following is associated with the Local Security Policy:

0000002b The installation credentials you entered in the "Protect computers wizard" are either incorrect or do not give administrator access to the computer over the network.

The above error message is displayed if the local administrator account credentials specified during deployment are not those of the 'built-in' computer administrator.

Sophos Product and version
Sophos Anti-Virus for Windows 2000+, versions 6 and 7.

Operating system
Windows Vista
Windows 2008

What to do

1. Open Windows Firewall with Advanced Security:
   • Select Start|Control Panel|Classic View|Administrative Tools.
   • Change the 'Inbound rules' to enable the following, where present:
     Remote Administration (NP-In) Domain
     Remote Administration (NP-In) Private
     Remote Administration (RPC) Domain
     Remote Administration (RPC) Private
     Remote Administration (RPC-EPMAP) Domain
     Remote Administration (RPC-EPMAP) Private
     
   • Note: When installation is complete, you should disable these processes
     again.
     
2. Start the 'Remote registry' service on the Windows Vista or Windows 2008 computer (if it is not currently running), and set it to run automatically:
   • Right-click the Remote Registry service
   • Select 'Properties
   • In the 'Startup type' dropdown menu, select Automatic
   • Click 'OK'.
3. Then either
   • Open the Windows Control Panel.
   • Select User accounts.
   • Select the admin account.
   • Select 'Turn User Account Control on or off'.
   • In the dialog that opens, deselect this option.Note: When installation is complete, you should turn this back on.
   or
   • On the Windows Vista or Windows 2008 computer, open Local Security Policy in Administrative Tools.
   • There is an option called 'User Account Control: run all users, including administrators, as standard users' in the local security policy that defaults to 'Enabled'. Change this to 'Disabled'.
4. Reboot the computer.
5. From Enterprise Console, version 2 or above, deploy to the Windows Vista or Windows 2008 computer, specifying the local administrator credentials.

Deployment should then succeed.

If you need more information or guidance, then please contact technical support.

• Article ID: 15027
• Created: 23 May 2006
• Last updated: 20 Oct 2008

Rate this article Choose a rating Very useful Quite useful Moderately useful Not very useful Not useful at all

•  Read our search tips
• Contact one of our experts
• Suggest an improvement