Hi Team,

We are currently troubleshooting Error Code 12023 during a Windows Domain Scan using the ServiceDesk Plus Cloud Probe. We have approximately 2,500 assets to inventory, and the scan is failing consistently with this error.

Our Environment & Findings:

• Discovery Method: Agentless Windows Domain Scan.

• Connectivity Check: We performed a Test-NetConnection from the Probe machine to several target assets. 

• Observed Behavior: When we manually blocked these ports in a lab environment, we received a "Local Asset Credential not succeeded" error. However, the production environment continues to return Error 12023.

The Challenge: According to ManageEngine's KB, Error 12023 indicates that an active firewall or antivirus is preventing the probe from "pasting" the temporary scan files into the target machine. Our security team requires exact, granular parameters before they can grant any exceptions.

Could you please provide clarity on the following points to resolve the 12023 error?

1. Mandatory Ports: Besides TCP 135 and 445, is Port 389 (LDAP) required to be open on all target workstations, or only on the Domain Controller?.

2. Antivirus Exclusions: What are the exact executable names (e.g., Scan_Windows.exe or MECSAgent.exe) and file paths (e.g., C:\Windows\Temp) that must be whitelisted to allow the probe to drop and execute the temporary scanner?.

3. Specific Services: Is the Remote Registry service mandatory for the initial "handshake" to avoid the 12023 timeout?.

We want to ensure we "get to the heart of the matter" regarding these permissions to avoid further delays in our asset discovery process.

Thanks in advance for your technical guidance.