Group Policy Modeling and WMI service

I'm trying to run the Group Policy Results Wizard against machines in my network to see how the policy policies are being applied.  I have picked several PCs and get the same error from all, which is:

"Failed to connect to domain name\machine name due to error listed below.  Ensure that the Windows Management Instrumentation (WMI) service is enabled on the target computer, and consult the event log of the target computer for further details.  The RPC server is unavailable."

I've looked at the of the notes in this forum related to the issue and they point to checking that RPC is running on the XP systems.  I've confirmed this is service is running by "net start rpcss".  Still no luck.  I've tried this on a couple of XP machines in the office and get the same result.  

I though the Norton Internet Security application was blocking access so I disabled it, same result.  

I've looked at the event viewer of the PCs and have no entries pointing to issues with this service.  I also tried to run MBSA and am denied access.  

Please let me know what I'm missing.

Jason
jtcomstockAsked:
Who is Participating?
 
Jeffrey Kane - TechSoEasyPrincipal ConsultantCommented:
Actually that looks perfect.  The reason the Small Business Server Internet Connection Firewall policy is filtered/denied is because that was the one for PreSP2 XP Machines.  This machine has XP SP2 so it is getting the Small Business Server Windows Firewall policy instead.

So, you are able to run GPRESULT from a workstation, but not from the server?  Try running the command line entry instead of using the wizard.  You would just add /S <hostname> to the end, so for example to get the GPRESULT for the workstation above, you would enter GPRESULT /S STATIC-PC-0.

On the numlock issue... if it's a Dell, then you just need to change it in the BIOS.

Jeff
TechSoEasy

0
 
Jeffrey Kane - TechSoEasyPrincipal ConsultantCommented:
Well, troubleshooting RPC connections is explained here:  http://support.microsoft.com/kb/224370

The usual reason for this is due to workstations not being added to the SBS domain correctly with the http://<servername>/connectcomputer wizard.

If you did not add the workstations to the domain in this manner you need to correct this by following these steps:

The following needs to be done with the client machine:
1.  Log in with THAT machine's LOCAL administrator account.
2.  Unjoin the domain into a WORKGROUP
3.  Change the name of the computer
4.  Delete or rename the following directory C:\Program Files\Microsoft Windows Small Business Server\Clients if it exists
5.  Ensure that DHCP is enabled and there are  no manually configured network settings
6.  Reboot

Then on the server, from the Server Management Console:
1.  Remove the client computers if it still shows in the Client Computer screen on the Server Management Console
2.  Add the client with it's NEW name using the Add Computer wizard

Then, go back to the client machine and join the domain by opening Internet Explorer and navigating to http://servername/connectcomputer

Jeff
TechSoEasy
0
 
jtcomstockAuthor Commented:
Jeff,

I did follow the connectcomputer process and it all appeared to have gone well.  Users have not problems with Exchange.  

Took a look at the article and it doesn't appear to apply for the XP machines.

Have you seen where computers have gone through the connect computer process with no errors, but then have this type of issue.  

I'm at another customer's site and have the same problem.  All the computers here were added through connect computer.  

Jason


0
Free Tool: SSL Checker

Scans your site and returns information about your SSL implementation and certificate. Helpful for debugging and validating your SSL configuration.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

 
Jeffrey Kane - TechSoEasyPrincipal ConsultantCommented:
Yes, I have seen it when the computer accounts have been moved from the default OU in Active Directory.  They should all be in \MyBusiness\Computers\SBSComputers.  

If you haven't moved them, then please log into one of the problem workstations and run a "gpresult" command and post the results here.

Jeff
TechSoEasy
0
 
jtcomstockAuthor Commented:
Jeff,

I was able to RDP into the server and the users are in the default group you mentioned.  The workstations are shutdown for the night.  I'll be onsite tomorrow and will get the gpresults.

Jason
0
 
Jeffrey Kane - TechSoEasyPrincipal ConsultantCommented:
I generally advise clients to not shut down workstations at night.  This is when they have the opportunity to get important updates, and would also be a good time if you ever needed to perform remote maintenance.  The power configuration should be set to turn off the monitor as well as the hard drives after a certain period of non-use.  However, actually shutting down the system only reduces the power it consumes in a very minimal way since computers that are plugged in are always actually "on".

Jeff
TechSoEasy
0
 
jtcomstockAuthor Commented:
Jeff,

I'm with you and I give that advice.  Some habits are hard to break.  

Jason
0
 
Jeffrey Kane - TechSoEasyPrincipal ConsultantCommented:
Yeah, they are... but they're much easier to break with Group Policies... you can inhibit the ability to shut a machine down.  :-)  (or if they use the power switch, it can be set to power itself back on at a certain time as well!)

Jeff
TechSoEasy
0
 
jtcomstockAuthor Commented:
Good suggestion.

Do you know if there is a GPO object that enables the num lock.  I have a laptop that boots up with num lock on, which makes it challenging for the users.  I've look in the setup via F2 and cannot find a setting in there.  I looked through Group Policies and didn't find it.  

Jason
0
 
Jeffrey Kane - TechSoEasyPrincipal ConsultantCommented:
Numlock is a BIOS setting so it needs to be set there.  If it's an IBM ThinkPad, then you will find the NumLock setting in IBM ThinkPad management tools I believe.

Okay, that's your freebie question.  :-)

Jeff
TechSoEasy
0
 
jtcomstockAuthor Commented:
Thanks Jeff,

Its a Dell, so I'll search around for the answer.  
0
 
jtcomstockAuthor Commented:
Jeff,

Here is the GPresults.  Looks like WMI is being denied, but not sure as to why.  

Microsoft Windows XP [Version 5.1.2600]
(C) Copyright 1985-2001 Microsoft Corp.

C:\Documents and Settings\Administrator.PIA>gpresult

Microsoft (R) Windows (R) XP Operating System Group Policy Result tool v2.0
Copyright (C) Microsoft Corp. 1981-2001

Created On 6/9/2006 at 4:26:58 PM


RSOP results for PIA\administrator on STATIC-PC-0 : Logging Mode
------------------------------------------------------------------------

OS Type:                     Microsoft Windows XP Professional
OS Configuration:            Member Workstation
OS Version:                  5.1.2600
Domain Name:                 PIA
Domain Type:                 Windows 2000
Site Name:                   Default-First-Site-Name
Roaming Profile:
Local Profile:               C:\Documents and Settings\Administrator.PIA
Connected over a slow link?: No


COMPUTER SETTINGS
------------------
    CN=STATIC-PC-0,OU=SBSComputers,OU=Computers,OU=MyBusiness,DC=pia,DC=o
ffice
    Last time Group Policy was applied: 6/9/2006 at 3:36:34 PM
    Group Policy was applied from:      SERVER.pia.office
    Group Policy slow link threshold:   500 kbps

    Applied Group Policy Objects
    -----------------------------
        SMB signing Disabled
        Default Domain Policy
        Small Business Server Domain Password Policy
        Small Business Server Remote Assistance Policy
        Small Business Server Windows Firewall
        Small Business Server Client Computer
        Small Business Server Lockout Policy

    The following GPOs were not applied because they were filtered out
    -------------------------------------------------------------------
        Small Business Server Internet Connection Firewall
            Filtering:  Denied (WMI Filter)
            WMI Filter: PreSP2

        Local Group Policy
            Filtering:  Not Applied (Empty)

        Small Business Server Folder Redirection
            Filtering:  Not Applied (Empty)

    The computer is a part of the following security groups:
    --------------------------------------------------------
        BUILTIN\Administrators
        Everyone
        BUILTIN\Users
        NT AUTHORITY\NETWORK
        NT AUTHORITY\Authenticated Users
        STATIC-PC-0$
        Domain Computers


USER SETTINGS
--------------
    CN=Administrator,CN=Users,DC=pia,DC=office
    Last time Group Policy was applied: 6/9/2006 at 4:25:45 PM
    Group Policy was applied from:      SERVER.pia.office
    Group Policy slow link threshold:   500 kbps

    Applied Group Policy Objects
    -----------------------------
        Default Domain Policy
        Small Business Server Folder Redirection

    The following GPOs were not applied because they were filtered out
    -------------------------------------------------------------------
        Small Business Server Internet Connection Firewall
            Filtering:  Denied (WMI Filter)
            WMI Filter: PreSP2

        Small Business Server Client Computer
            Filtering:  Not Applied (Empty)

        Small Business Server Domain Password Policy
            Filtering:  Not Applied (Empty)

        Small Business Server Lockout Policy
            Filtering:  Disabled (GPO)

        SMB signing Disabled
            Filtering:  Not Applied (Empty)

        Small Business Server Windows Firewall
            Filtering:  Not Applied (Empty)

        Local Group Policy
            Filtering:  Not Applied (Empty)

        Small Business Server Remote Assistance Policy
            Filtering:  Disabled (GPO)

    The user is a part of the following security groups:
    ----------------------------------------------------
        Domain Users
        Everyone
        Offer Remote Assistance Helpers
        BUILTIN\Users
        BUILTIN\Administrators
        REMOTE INTERACTIVE LOGON
        NT AUTHORITY\INTERACTIVE
        NT AUTHORITY\Authenticated Users
        LOCAL
        Group Policy Creator Owners
        Domain Admins
        SBS Mobile Users
        SBS Report Users
        Schema Admins
        Enterprise Admins
        Offer Remote Assistance Helpers
0
 
jtcomstockAuthor Commented:
Jeff,

I ran this from the command windows of the PC to see why MBSA and Group Policy Results were being blocked.  Both tools came back with the WMI error when run from the server.  I had targetted this machine and then went to the local machine to get the results.  

For some reason, MBSA and GP modeling don't want to collect results.  

Let me know what you think.

Jason

0
 
Jeffrey Kane - TechSoEasyPrincipal ConsultantCommented:
Would you mind posting an IPCONFIG /ALL from both the server and the workstation?  I think I have an idea, but need to review your network settings for each.

(this is one of those troubleshooting issues that I would just sit at and poke at a few things until something made sense... but I think it'll only take a couple of pokes... thanks for your patience).

Jeff
TechSoEasy
0
 
jtcomstockAuthor Commented:
Jeff,

Here is what I get when I run GPResults from the command line on the server.

C:\Documents and Settings\Administrator>GPRESULT /S STATIC-PC-0
ERROR: The RPC server is unavailable.

IPCONFIG from Server

C:\Documents and Settings\Administrator>ipconfig /all

Windows IP Configuration

   Host Name . . . . . . . . . . . . : SERVER
   Primary Dns Suffix  . . . . . . . : pia.office
   Node Type . . . . . . . . . . . . : Unknown
   IP Routing Enabled. . . . . . . . : Yes
   WINS Proxy Enabled. . . . . . . . : Yes
   DNS Suffix Search List. . . . . . : pia.office

Ethernet adapter Network Connection:

   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Broadcom NetXtreme Gigabit Ethernet #2
   Physical Address. . . . . . . . . : 00-10-18-18-CF-4F
   DHCP Enabled. . . . . . . . . . . : No
   IP Address. . . . . . . . . . . . : 192.168.168.10
   Subnet Mask . . . . . . . . . . . : 255.255.255.0
   Default Gateway . . . . . . . . . : 192.168.168.1
   DNS Servers . . . . . . . . . . . : 192.168.168.10
   Primary WINS Server . . . . . . . : 192.168.168.10

C:\Documents and Settings\Administrator>

IPCONFIG from static-pc-0

Microsoft Windows XP [Version 5.1.2600]
(C) Copyright 1985-2001 Microsoft Corp.

C:\Program Files\Windows Resource Kits\Tools>ipconfig /all

Windows IP Configuration

        Host Name . . . . . . . . . . . . : static-pc-0
        Primary Dns Suffix  . . . . . . . : pia.office
        Node Type . . . . . . . . . . . . : Hybrid
        IP Routing Enabled. . . . . . . . : No
        WINS Proxy Enabled. . . . . . . . : No
        DNS Suffix Search List. . . . . . : pia.office
                                            pia.office

Ethernet adapter Local Area Connection:

        Connection-specific DNS Suffix  . : pia.office
        Description . . . . . . . . . . . : Intel(R) PRO/100 VE Network Connecti
on
        Physical Address. . . . . . . . . : 00-13-20-4F-85-47
        Dhcp Enabled. . . . . . . . . . . : Yes
        Autoconfiguration Enabled . . . . : Yes
        IP Address. . . . . . . . . . . . : 192.168.168.19
        Subnet Mask . . . . . . . . . . . : 255.255.255.0
        Default Gateway . . . . . . . . . : 192.168.168.1
        DHCP Server . . . . . . . . . . . : 192.168.168.10
        DNS Servers . . . . . . . . . . . : 192.168.168.10
        Primary WINS Server . . . . . . . : 192.168.168.10
        Lease Obtained. . . . . . . . . . : Friday, June 09, 2006 12:08:13 PM
        Lease Expires . . . . . . . . . . : Saturday, June 17, 2006 12:08:13 PM

C:\Program Files\Windows Resource Kits\Tools>

Thanks for taking the time to explore this issue.  
0
 
jtcomstockAuthor Commented:
Jeff,

I haven't seen a reply and just want to check in on this one.

Jason
0
 
Jeffrey Kane - TechSoEasyPrincipal ConsultantCommented:
Sorry about that, I thought I had posted back... anyhow, it's the XP firewall:
http://support.microsoft.com/kb/883611

Jeff
TechSoEasy
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.