Solved

WMI Not Working

Posted on 2006-11-13
13
1,938 Views
Last Modified: 2012-06-27
I have some rather extensive WMI scripting in a VB6 application we use for inventorying our computers. Everything has worked great until last week when we started rolling some new machines out. They are Dell computers with Windows XP. The previous machines were also Dell computers with a mix and match of Windows 2000 and Windows XP. Now whenever I try to connect to one of these machines through WMI (remote) I get the error, "Access is Denied" with an error number of -2147024891.  

The connection string I am using is:
Set objWMIService = objLocator.ConnectServer(sIP, "root/cimv2", sUID, sPwd)

As I indicated, this has worked since this past February when I added WMI to the process (we can get complete inventory of resources, etc on a computer and even have a batch job that will pull all information from all computers on the network.

I have checked on a couple of the machines and the WMI service is started and running. Any suggestions/ideas????

Doug
0
Comment
Question by:dbbishop
  • 5
  • 2
  • 2
  • +3
13 Comments
 
LVL 12

Expert Comment

by:jkaios
ID: 17934056
If you're encountering the problem only on Windows XP machines with SP2, then that sounds like the Firewall.  If that's the case, try turning OFF the Firewall and try again and see if it works.
0
 
LVL 15

Author Comment

by:dbbishop
ID: 17934128
It is not the firewall. It is already turned off.
0
 
LVL 67

Expert Comment

by:sirbounty
ID: 17934299
Knee-jerk reaction here - has the password changed?

Other than that, I'd say perhaps there was some policy setting that was changed on the other machines that is not the default.
Unfortunately, you can't be certain of what that is/was.
You could run the resultant policy applet:
click Start->Run->RSOP.MSC <Enter>
on both machines and compare the results.

And/or check the membership of the device in your domain (are these on a domain?)
Have the systems been added to the domain, if so?

Try this as well:
Start->Run->secpol.msc <enter>

Under Local Policies\User Rights Assignment
Check the Log on as a batch job / Log on as a service policies - compare them to a working machine...

Good luck!
~sirbounty
0
 
LVL 12

Expert Comment

by:jkaios
ID: 17934308
Are all the machines on the same domain?

Do all machines have the same username and password, ie, Administrator?

This could be a security issue.  You could easily check by following these simple steps:

1.  Go the the Command Prompt (Start->Run->cmd->OK)
2.  Type: "dir \\machine2\c$" without the quotes and press Enter where machine2 is the name of the other machine
3.  Now, examine the error message that is return by the DIR command and see If you get something like "Logon failure unknown username or bad password"
0
 
LVL 15

Author Comment

by:dbbishop
ID: 17934435
No policy changes at all that I am aware of. We set up a standard password for the administrator. We also use VNC quite extensively for user support (it still works).

No domains.

0
 
LVL 6

Expert Comment

by:tone28
ID: 17935300
Right click My Computer to go manage

Then choose WMI Control under Services and Applications go to properties

There you can see what security root and other services have. If you can't get this far (on anothers machine) then you have a permissions problem.
0
Enabling OSINT in Activity Based Intelligence

Activity based intelligence (ABI) requires access to all available sources of data. Recorded Future allows analysts to observe structured data on the open, deep, and dark web.

 
LVL 34

Expert Comment

by:sramesh2k
ID: 17936415
Hi Doug,

Could this be a Windows Firewall or DCOM issue? Check this.

Connecting Through Windows Firewall:
http://msdn.microsoft.com/library/default.asp?url=/library/en-us/wmisdk/wmi/connecting_through_windows_firewall.asp
0
 
LVL 34

Expert Comment

by:sramesh2k
ID: 17936421
Also:

How to troubleshoot WMI-related issues in Windows XP SP2:
http://support.microsoft.com/kb/875605
0
 
LVL 1

Accepted Solution

by:
Mythal earned 500 total points
ID: 17936703
I belive that per default in windows xp machines outside a domain , remote logons are forced to use the guest account. Try writing secpol.msc in the runbox under local policies select security options find "Network access: Sharing and security model for local accounts" if it is set to guest only change it to classic and make a restart.

Also make sure these services are running (or set to automatic)

COM+ Event System
Remote Access Auto Connection Manager
Remote Access Connection Manager
Remote Procedure Call (RPC)
Remote Procedure Call (RPC) Locator
Remote Registry
Server
Windows Management Instrumentation
Windows Management Instrumentation Driver Extensions
WMI Performance Adapter
Workstation
0
 
LVL 15

Author Comment

by:dbbishop
ID: 17938691
Mytyhal:

Your first suggestion regarding changing the policy under Network access: Sharing and security model for local accounts fixed the problem. Now, does anyone know of a script we can force out to all users to make the change globally (we have Altiris). I am NOT a Windows programmer so would not have the foggiest idea of how to do it.

Thanks,
Doug
0
 
LVL 15

Author Comment

by:dbbishop
ID: 17938881
Better yet, does anyone know (I assume) what registry setting(s) are involved when this change is made? If it is something we could set remotely through Altrris, that would make it easy enough.

Doug
0
 
LVL 1

Expert Comment

by:Mythal
ID: 17939115
Glad it works

I belive the registry that is changing is in

HKLM\System\CurrentControlSet\Control\LSA

it is called forceguest

to turn it off change the value to 0
0
 
LVL 15

Author Comment

by:dbbishop
ID: 17940662
Thanks. Actualy, I did an export of my registry, changed the setting and did another export then compared the two files. That is the same key/value I had found.

Doug
0

Featured Post

Why You Should Analyze Threat Actor TTPs

After years of analyzing threat actor behavior, it’s become clear that at any given time there are specific tactics, techniques, and procedures (TTPs) that are particularly prevalent. By analyzing and understanding these TTPs, you can dramatically enhance your security program.

Join & Write a Comment

We have adopted the strategy to use Computers in Student Labs as the bulletin boards. The same target can be achieved by using a Login Notice feature in Group policy but it’s not as attractive as graphical wallpapers with message which grabs the att…
When you start your Windows 10 PC and got an "Operating system not found" error or just saw  "Auto repair for startup". After a while, you have entered a loop for Auto repair which does not fix anything and you will be in a  panic as all your work w…
Excel styles will make formatting consistent and let you apply and change formatting faster. In this tutorial, you'll learn how to use Excel's built-in styles, how to modify styles, and how to create your own. You'll also learn how to use your custo…
This video gives you a great overview about bandwidth monitoring with SNMP and WMI with our network monitoring solution PRTG Network Monitor (https://www.paessler.com/prtg). If you're looking for how to monitor bandwidth using netflow or packet s…

706 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

12 Experts available now in Live!

Get 1:1 Help Now