Want to protect your cyber security and still get fast solutions? Ask a secure question today.Go Premium

x
?
Solved

Group Policy Modeling and WMI service

Posted on 2006-06-07
17
Medium Priority
?
3,111 Views
Last Modified: 2012-06-27
I'm trying to run the Group Policy Results Wizard against machines in my network to see how the policy policies are being applied.  I have picked several PCs and get the same error from all, which is:

"Failed to connect to domain name\machine name due to error listed below.  Ensure that the Windows Management Instrumentation (WMI) service is enabled on the target computer, and consult the event log of the target computer for further details.  The RPC server is unavailable."

I've looked at the of the notes in this forum related to the issue and they point to checking that RPC is running on the XP systems.  I've confirmed this is service is running by "net start rpcss".  Still no luck.  I've tried this on a couple of XP machines in the office and get the same result.  

I though the Norton Internet Security application was blocking access so I disabled it, same result.  

I've looked at the event viewer of the PCs and have no entries pointing to issues with this service.  I also tried to run MBSA and am denied access.  

Please let me know what I'm missing.

Jason
0
Comment
Question by:jtcomstock
  • 9
  • 8
17 Comments
 
LVL 74

Expert Comment

by:Jeffrey Kane - TechSoEasy
ID: 16856325
Well, troubleshooting RPC connections is explained here:  http://support.microsoft.com/kb/224370

The usual reason for this is due to workstations not being added to the SBS domain correctly with the http://<servername>/connectcomputer wizard.

If you did not add the workstations to the domain in this manner you need to correct this by following these steps:

The following needs to be done with the client machine:
1.  Log in with THAT machine's LOCAL administrator account.
2.  Unjoin the domain into a WORKGROUP
3.  Change the name of the computer
4.  Delete or rename the following directory C:\Program Files\Microsoft Windows Small Business Server\Clients if it exists
5.  Ensure that DHCP is enabled and there are  no manually configured network settings
6.  Reboot

Then on the server, from the Server Management Console:
1.  Remove the client computers if it still shows in the Client Computer screen on the Server Management Console
2.  Add the client with it's NEW name using the Add Computer wizard

Then, go back to the client machine and join the domain by opening Internet Explorer and navigating to http://servername/connectcomputer

Jeff
TechSoEasy
0
 

Author Comment

by:jtcomstock
ID: 16862929
Jeff,

I did follow the connectcomputer process and it all appeared to have gone well.  Users have not problems with Exchange.  

Took a look at the article and it doesn't appear to apply for the XP machines.

Have you seen where computers have gone through the connect computer process with no errors, but then have this type of issue.  

I'm at another customer's site and have the same problem.  All the computers here were added through connect computer.  

Jason


0
 
LVL 74

Expert Comment

by:Jeffrey Kane - TechSoEasy
ID: 16864215
Yes, I have seen it when the computer accounts have been moved from the default OU in Active Directory.  They should all be in \MyBusiness\Computers\SBSComputers.  

If you haven't moved them, then please log into one of the problem workstations and run a "gpresult" command and post the results here.

Jeff
TechSoEasy
0
Concerto's Cloud Advisory Services

Want to avoid the missteps to gaining all the benefits of the cloud? Learn more about the different assessment options from our Cloud Advisory team.

 

Author Comment

by:jtcomstock
ID: 16865658
Jeff,

I was able to RDP into the server and the users are in the default group you mentioned.  The workstations are shutdown for the night.  I'll be onsite tomorrow and will get the gpresults.

Jason
0
 
LVL 74

Expert Comment

by:Jeffrey Kane - TechSoEasy
ID: 16865714
I generally advise clients to not shut down workstations at night.  This is when they have the opportunity to get important updates, and would also be a good time if you ever needed to perform remote maintenance.  The power configuration should be set to turn off the monitor as well as the hard drives after a certain period of non-use.  However, actually shutting down the system only reduces the power it consumes in a very minimal way since computers that are plugged in are always actually "on".

Jeff
TechSoEasy
0
 

Author Comment

by:jtcomstock
ID: 16867076
Jeff,

I'm with you and I give that advice.  Some habits are hard to break.  

Jason
0
 
LVL 74

Expert Comment

by:Jeffrey Kane - TechSoEasy
ID: 16867099
Yeah, they are... but they're much easier to break with Group Policies... you can inhibit the ability to shut a machine down.  :-)  (or if they use the power switch, it can be set to power itself back on at a certain time as well!)

Jeff
TechSoEasy
0
 

Author Comment

by:jtcomstock
ID: 16867135
Good suggestion.

Do you know if there is a GPO object that enables the num lock.  I have a laptop that boots up with num lock on, which makes it challenging for the users.  I've look in the setup via F2 and cannot find a setting in there.  I looked through Group Policies and didn't find it.  

Jason
0
 
LVL 74

Expert Comment

by:Jeffrey Kane - TechSoEasy
ID: 16867229
Numlock is a BIOS setting so it needs to be set there.  If it's an IBM ThinkPad, then you will find the NumLock setting in IBM ThinkPad management tools I believe.

Okay, that's your freebie question.  :-)

Jeff
TechSoEasy
0
 

Author Comment

by:jtcomstock
ID: 16873699
Thanks Jeff,

Its a Dell, so I'll search around for the answer.  
0
 

Author Comment

by:jtcomstock
ID: 16873765
Jeff,

Here is the GPresults.  Looks like WMI is being denied, but not sure as to why.  

Microsoft Windows XP [Version 5.1.2600]
(C) Copyright 1985-2001 Microsoft Corp.

C:\Documents and Settings\Administrator.PIA>gpresult

Microsoft (R) Windows (R) XP Operating System Group Policy Result tool v2.0
Copyright (C) Microsoft Corp. 1981-2001

Created On 6/9/2006 at 4:26:58 PM


RSOP results for PIA\administrator on STATIC-PC-0 : Logging Mode
------------------------------------------------------------------------

OS Type:                     Microsoft Windows XP Professional
OS Configuration:            Member Workstation
OS Version:                  5.1.2600
Domain Name:                 PIA
Domain Type:                 Windows 2000
Site Name:                   Default-First-Site-Name
Roaming Profile:
Local Profile:               C:\Documents and Settings\Administrator.PIA
Connected over a slow link?: No


COMPUTER SETTINGS
------------------
    CN=STATIC-PC-0,OU=SBSComputers,OU=Computers,OU=MyBusiness,DC=pia,DC=o
ffice
    Last time Group Policy was applied: 6/9/2006 at 3:36:34 PM
    Group Policy was applied from:      SERVER.pia.office
    Group Policy slow link threshold:   500 kbps

    Applied Group Policy Objects
    -----------------------------
        SMB signing Disabled
        Default Domain Policy
        Small Business Server Domain Password Policy
        Small Business Server Remote Assistance Policy
        Small Business Server Windows Firewall
        Small Business Server Client Computer
        Small Business Server Lockout Policy

    The following GPOs were not applied because they were filtered out
    -------------------------------------------------------------------
        Small Business Server Internet Connection Firewall
            Filtering:  Denied (WMI Filter)
            WMI Filter: PreSP2

        Local Group Policy
            Filtering:  Not Applied (Empty)

        Small Business Server Folder Redirection
            Filtering:  Not Applied (Empty)

    The computer is a part of the following security groups:
    --------------------------------------------------------
        BUILTIN\Administrators
        Everyone
        BUILTIN\Users
        NT AUTHORITY\NETWORK
        NT AUTHORITY\Authenticated Users
        STATIC-PC-0$
        Domain Computers


USER SETTINGS
--------------
    CN=Administrator,CN=Users,DC=pia,DC=office
    Last time Group Policy was applied: 6/9/2006 at 4:25:45 PM
    Group Policy was applied from:      SERVER.pia.office
    Group Policy slow link threshold:   500 kbps

    Applied Group Policy Objects
    -----------------------------
        Default Domain Policy
        Small Business Server Folder Redirection

    The following GPOs were not applied because they were filtered out
    -------------------------------------------------------------------
        Small Business Server Internet Connection Firewall
            Filtering:  Denied (WMI Filter)
            WMI Filter: PreSP2

        Small Business Server Client Computer
            Filtering:  Not Applied (Empty)

        Small Business Server Domain Password Policy
            Filtering:  Not Applied (Empty)

        Small Business Server Lockout Policy
            Filtering:  Disabled (GPO)

        SMB signing Disabled
            Filtering:  Not Applied (Empty)

        Small Business Server Windows Firewall
            Filtering:  Not Applied (Empty)

        Local Group Policy
            Filtering:  Not Applied (Empty)

        Small Business Server Remote Assistance Policy
            Filtering:  Disabled (GPO)

    The user is a part of the following security groups:
    ----------------------------------------------------
        Domain Users
        Everyone
        Offer Remote Assistance Helpers
        BUILTIN\Users
        BUILTIN\Administrators
        REMOTE INTERACTIVE LOGON
        NT AUTHORITY\INTERACTIVE
        NT AUTHORITY\Authenticated Users
        LOCAL
        Group Policy Creator Owners
        Domain Admins
        SBS Mobile Users
        SBS Report Users
        Schema Admins
        Enterprise Admins
        Offer Remote Assistance Helpers
0
 
LVL 74

Accepted Solution

by:
Jeffrey Kane - TechSoEasy earned 1000 total points
ID: 16876464
Actually that looks perfect.  The reason the Small Business Server Internet Connection Firewall policy is filtered/denied is because that was the one for PreSP2 XP Machines.  This machine has XP SP2 so it is getting the Small Business Server Windows Firewall policy instead.

So, you are able to run GPRESULT from a workstation, but not from the server?  Try running the command line entry instead of using the wizard.  You would just add /S <hostname> to the end, so for example to get the GPRESULT for the workstation above, you would enter GPRESULT /S STATIC-PC-0.

On the numlock issue... if it's a Dell, then you just need to change it in the BIOS.

Jeff
TechSoEasy

0
 

Author Comment

by:jtcomstock
ID: 16882753
Jeff,

I ran this from the command windows of the PC to see why MBSA and Group Policy Results were being blocked.  Both tools came back with the WMI error when run from the server.  I had targetted this machine and then went to the local machine to get the results.  

For some reason, MBSA and GP modeling don't want to collect results.  

Let me know what you think.

Jason

0
 
LVL 74

Expert Comment

by:Jeffrey Kane - TechSoEasy
ID: 16882855
Would you mind posting an IPCONFIG /ALL from both the server and the workstation?  I think I have an idea, but need to review your network settings for each.

(this is one of those troubleshooting issues that I would just sit at and poke at a few things until something made sense... but I think it'll only take a couple of pokes... thanks for your patience).

Jeff
TechSoEasy
0
 

Author Comment

by:jtcomstock
ID: 16885459
Jeff,

Here is what I get when I run GPResults from the command line on the server.

C:\Documents and Settings\Administrator>GPRESULT /S STATIC-PC-0
ERROR: The RPC server is unavailable.

IPCONFIG from Server

C:\Documents and Settings\Administrator>ipconfig /all

Windows IP Configuration

   Host Name . . . . . . . . . . . . : SERVER
   Primary Dns Suffix  . . . . . . . : pia.office
   Node Type . . . . . . . . . . . . : Unknown
   IP Routing Enabled. . . . . . . . : Yes
   WINS Proxy Enabled. . . . . . . . : Yes
   DNS Suffix Search List. . . . . . : pia.office

Ethernet adapter Network Connection:

   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Broadcom NetXtreme Gigabit Ethernet #2
   Physical Address. . . . . . . . . : 00-10-18-18-CF-4F
   DHCP Enabled. . . . . . . . . . . : No
   IP Address. . . . . . . . . . . . : 192.168.168.10
   Subnet Mask . . . . . . . . . . . : 255.255.255.0
   Default Gateway . . . . . . . . . : 192.168.168.1
   DNS Servers . . . . . . . . . . . : 192.168.168.10
   Primary WINS Server . . . . . . . : 192.168.168.10

C:\Documents and Settings\Administrator>

IPCONFIG from static-pc-0

Microsoft Windows XP [Version 5.1.2600]
(C) Copyright 1985-2001 Microsoft Corp.

C:\Program Files\Windows Resource Kits\Tools>ipconfig /all

Windows IP Configuration

        Host Name . . . . . . . . . . . . : static-pc-0
        Primary Dns Suffix  . . . . . . . : pia.office
        Node Type . . . . . . . . . . . . : Hybrid
        IP Routing Enabled. . . . . . . . : No
        WINS Proxy Enabled. . . . . . . . : No
        DNS Suffix Search List. . . . . . : pia.office
                                            pia.office

Ethernet adapter Local Area Connection:

        Connection-specific DNS Suffix  . : pia.office
        Description . . . . . . . . . . . : Intel(R) PRO/100 VE Network Connecti
on
        Physical Address. . . . . . . . . : 00-13-20-4F-85-47
        Dhcp Enabled. . . . . . . . . . . : Yes
        Autoconfiguration Enabled . . . . : Yes
        IP Address. . . . . . . . . . . . : 192.168.168.19
        Subnet Mask . . . . . . . . . . . : 255.255.255.0
        Default Gateway . . . . . . . . . : 192.168.168.1
        DHCP Server . . . . . . . . . . . : 192.168.168.10
        DNS Servers . . . . . . . . . . . : 192.168.168.10
        Primary WINS Server . . . . . . . : 192.168.168.10
        Lease Obtained. . . . . . . . . . : Friday, June 09, 2006 12:08:13 PM
        Lease Expires . . . . . . . . . . : Saturday, June 17, 2006 12:08:13 PM

C:\Program Files\Windows Resource Kits\Tools>

Thanks for taking the time to explore this issue.  
0
 

Author Comment

by:jtcomstock
ID: 16912504
Jeff,

I haven't seen a reply and just want to check in on this one.

Jason
0
 
LVL 74

Expert Comment

by:Jeffrey Kane - TechSoEasy
ID: 16912753
Sorry about that, I thought I had posted back... anyhow, it's the XP firewall:
http://support.microsoft.com/kb/883611

Jeff
TechSoEasy
0

Featured Post

VIDEO: THE CONCERTO CLOUD FOR HEALTHCARE

Modern healthcare requires a modern cloud. View this brief video to understand how the Concerto Cloud for Healthcare can help your organization.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

A lot of problems and solutions are available on the net for the error message "Source server does not meet minimum requirements for migration" while performing a migration from Small Business Server 2003 to SBS 2008. This error pops up just before …
In the event you manage a Small Business Server 2003, and you are audited for PCI compliance, there are several changes you must make in order to pass the audit. I can take no credit for discovering any of these fixes or workarounds, but there is no…
Loops Section Overview
Is your OST file inaccessible, Need to transfer OST file from one computer to another? Want to convert OST file to PST? If the answer to any of the above question is yes, then look no further. With the help of Stellar OST to PST Converter, you can e…

580 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question