Solved

Systeminfo /S prompts for a password

Posted on 2004-10-01
5
1,379 Views
Last Modified: 2012-05-05
I am a domain admin on our company network, and am faced with a problem that is quite puzzling.  On a select few machines in our domain (including my own personal machine), if I login is myself, and run a 'systeminfo /S computername' I am prompted with a "Type the password for domain\choldsworth" ... I type in my password, and then it errors out with a login failure.  If I run the systeminfo /S on a different computer, still logged in as myself, it works just fine.  However, I've also found that I can only do a systeminfo on my own personal machine if I am logged into it directly... If I (or any of the other admins) try and systeminfo my machine remotely, we have the same problem.

Normally, this wouldn't be a huge issue ... however, we have just purchased some auditting software, and if I try and scan someone from my computer, I get an access denied message... which I am sure is related.

I am running Windows XP SP2, with the firewall off.  Other machines running WinXP SP2 are able to perform this command w/o problem.

If anyone has an idea what the issue could possibly be, please reply... I am running out of ideas :)
0
Comment
Question by:choldsworth
5 Comments
 
LVL 24

Expert Comment

by:Kenneniah
ID: 12203404
The only thing offhand I can think of is if somehow local policy got changed. Specifically "Access this computer from the network", and "Deny access to this computer from the network" under User Rights Assignment in secpol.msc.

Make sure Administrators is in the first and not in the second.

Can you connect at all to these machines from a remote computer such as mapping a drive to?
0
 

Author Comment

by:choldsworth
ID: 12203450
Good suggestion ... I checked, and unfortunately everything checks out ok under gpedit.msc - Admins have access, and are not under deny access.

Yes, I can connect to these machines by mapping a drive.  The only problem I seem to have is running a systeminfo on them, or running my auditing software on them.  It prompts for a password, but does not accept my credentials.
0
 
LVL 1

Accepted Solution

by:
DebugNT earned 250 total points
ID: 12209275
To contact the remote computer, the SYSTEMINFO program uses WMI which in turn relies on proper operation of DCOM.  Your remote security proble may rest with dcom.

Use dcomcfng to configure DCOM Security.
Here are a few resources you may find useful.

COM Security in Practice
http://msdn.microsoft.com/library/default.asp?url=/library/en-us/dncomg/html/msdn_practicom.asp

Securing Remote Management with WMI
http://mcpmag.com/columns/article.asp?EditorialsID=381

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Ole
http://msdn.microsoft.com/library/default.asp?url=/library/en-us/com/htm/reg_3kv9.asp

If you find yourself changing the permissions, then you may want to just return to the defaults.
Delete the DefaultAccessPermissions in the above key to get back to the default the system ships with.

Try a quick test with the following script to see if you can contact the WMI repository on the remote machine.

PROC.VBS

'Change the computername to the computer name
strComputer = "COMPUTERNAME"
Set objWMIService = GetObject("winmgmts:" _
    & "{impersonationLevel=impersonate}!\\" & strComputer & "\root\cimv2")

Set colSettings = objWMIService.ExecQuery _
    ("Select * from Win32_Processor")

For Each objProcessor in colSettings
    Wscript.Echo "Processor: " & objProcessor.Description
Next

Good Luck,

John
0
 

Author Comment

by:choldsworth
ID: 12292476
Thanks a lot, John.  After reviewing those links, I was able to determine that DCOM was actually turned off.  I'm guessing a security update I ran at some point may have done it.. I'm not sure.  After re-enabling DCOM, systeminfo /S (and our auditing software) now works like a charm.  Thanks again!

Chris
0
 

Expert Comment

by:mirthless
ID: 20361024
I had the same problem. Somehow, DCOM got disabled on my computer. To turn it back on I...
Start > Run > dcomcnfg
Expand Component Services > Computers, Right Click 'My Computer' > Properties.
On the Default Properties tab, check 'Enable Distributed COM on this computer'
Other settings were:
     No check in 'Enable COM Internet Services on this computer'
     Default Authentication Level = Connect
     Default Impersonation Level = Identify
     No check in 'Provide additional security for reference tracking'
0

Featured Post

Free Trending Threat Insights Every Day

Enhance your security with threat intelligence from the web. Get trending threat insights on hackers, exploits, and suspicious IP addresses delivered to your inbox with our free Cyber Daily.

Join & Write a Comment

If you build your web application in Visual Studio you'll get at least a few binaries, or .DLL, files in your bin folder. However, there is more compiling to be done. Normally this would happen when an ASP.NET resource within the web site is request…
cPanel is a Unix based web hosting control panel that provides a graphical interface and automation tools designed to simplify the process of hosting a web site. cPanel utilizes a 3 tier structure that provides functionality for administrators, rese…
This video explains how to create simple products associated to Magento configurable product and offers fast way of their generation with Store Manager for Magento tool.
You have products, that come in variants and want to set different prices for them? Watch this micro tutorial that describes how to configure prices for Magento super attributes. Assigning simple products to configurable: We assigned simple products…

757 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

19 Experts available now in Live!

Get 1:1 Help Now