Expiring Today—Celebrate National IT Professionals Day with 3 months of free Premium Membership. Use Code ITDAY17

x
?
Solved

WMI Not Working

Posted on 2006-11-13
13
Medium Priority
?
1,989 Views
Last Modified: 2012-06-27
I have some rather extensive WMI scripting in a VB6 application we use for inventorying our computers. Everything has worked great until last week when we started rolling some new machines out. They are Dell computers with Windows XP. The previous machines were also Dell computers with a mix and match of Windows 2000 and Windows XP. Now whenever I try to connect to one of these machines through WMI (remote) I get the error, "Access is Denied" with an error number of -2147024891.  

The connection string I am using is:
Set objWMIService = objLocator.ConnectServer(sIP, "root/cimv2", sUID, sPwd)

As I indicated, this has worked since this past February when I added WMI to the process (we can get complete inventory of resources, etc on a computer and even have a batch job that will pull all information from all computers on the network.

I have checked on a couple of the machines and the WMI service is started and running. Any suggestions/ideas????

Doug
0
Comment
Question by:dbbishop
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 5
  • 2
  • 2
  • +3
13 Comments
 
LVL 12

Expert Comment

by:jkaios
ID: 17934056
If you're encountering the problem only on Windows XP machines with SP2, then that sounds like the Firewall.  If that's the case, try turning OFF the Firewall and try again and see if it works.
0
 
LVL 15

Author Comment

by:dbbishop
ID: 17934128
It is not the firewall. It is already turned off.
0
 
LVL 67

Expert Comment

by:sirbounty
ID: 17934299
Knee-jerk reaction here - has the password changed?

Other than that, I'd say perhaps there was some policy setting that was changed on the other machines that is not the default.
Unfortunately, you can't be certain of what that is/was.
You could run the resultant policy applet:
click Start->Run->RSOP.MSC <Enter>
on both machines and compare the results.

And/or check the membership of the device in your domain (are these on a domain?)
Have the systems been added to the domain, if so?

Try this as well:
Start->Run->secpol.msc <enter>

Under Local Policies\User Rights Assignment
Check the Log on as a batch job / Log on as a service policies - compare them to a working machine...

Good luck!
~sirbounty
0
Use Case: Protecting a Hybrid Cloud Infrastructure

Microsoft Azure is rapidly becoming the norm in dynamic IT environments. This document describes the challenges that organizations face when protecting data in a hybrid cloud IT environment and presents a use case to demonstrate how Acronis Backup protects all data.

 
LVL 12

Expert Comment

by:jkaios
ID: 17934308
Are all the machines on the same domain?

Do all machines have the same username and password, ie, Administrator?

This could be a security issue.  You could easily check by following these simple steps:

1.  Go the the Command Prompt (Start->Run->cmd->OK)
2.  Type: "dir \\machine2\c$" without the quotes and press Enter where machine2 is the name of the other machine
3.  Now, examine the error message that is return by the DIR command and see If you get something like "Logon failure unknown username or bad password"
0
 
LVL 15

Author Comment

by:dbbishop
ID: 17934435
No policy changes at all that I am aware of. We set up a standard password for the administrator. We also use VNC quite extensively for user support (it still works).

No domains.

0
 
LVL 6

Expert Comment

by:tone28
ID: 17935300
Right click My Computer to go manage

Then choose WMI Control under Services and Applications go to properties

There you can see what security root and other services have. If you can't get this far (on anothers machine) then you have a permissions problem.
0
 
LVL 34

Expert Comment

by:sramesh2k
ID: 17936415
Hi Doug,

Could this be a Windows Firewall or DCOM issue? Check this.

Connecting Through Windows Firewall:
http://msdn.microsoft.com/library/default.asp?url=/library/en-us/wmisdk/wmi/connecting_through_windows_firewall.asp
0
 
LVL 34

Expert Comment

by:sramesh2k
ID: 17936421
Also:

How to troubleshoot WMI-related issues in Windows XP SP2:
http://support.microsoft.com/kb/875605
0
 
LVL 1

Accepted Solution

by:
Mythal earned 2000 total points
ID: 17936703
I belive that per default in windows xp machines outside a domain , remote logons are forced to use the guest account. Try writing secpol.msc in the runbox under local policies select security options find "Network access: Sharing and security model for local accounts" if it is set to guest only change it to classic and make a restart.

Also make sure these services are running (or set to automatic)

COM+ Event System
Remote Access Auto Connection Manager
Remote Access Connection Manager
Remote Procedure Call (RPC)
Remote Procedure Call (RPC) Locator
Remote Registry
Server
Windows Management Instrumentation
Windows Management Instrumentation Driver Extensions
WMI Performance Adapter
Workstation
0
 
LVL 15

Author Comment

by:dbbishop
ID: 17938691
Mytyhal:

Your first suggestion regarding changing the policy under Network access: Sharing and security model for local accounts fixed the problem. Now, does anyone know of a script we can force out to all users to make the change globally (we have Altiris). I am NOT a Windows programmer so would not have the foggiest idea of how to do it.

Thanks,
Doug
0
 
LVL 15

Author Comment

by:dbbishop
ID: 17938881
Better yet, does anyone know (I assume) what registry setting(s) are involved when this change is made? If it is something we could set remotely through Altrris, that would make it easy enough.

Doug
0
 
LVL 1

Expert Comment

by:Mythal
ID: 17939115
Glad it works

I belive the registry that is changing is in

HKLM\System\CurrentControlSet\Control\LSA

it is called forceguest

to turn it off change the value to 0
0
 
LVL 15

Author Comment

by:dbbishop
ID: 17940662
Thanks. Actualy, I did an export of my registry, changed the setting and did another export then compared the two files. That is the same key/value I had found.

Doug
0

Featured Post

Independent Software Vendors: We Want Your Opinion

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Can I legally transfer my OEM version of Windows to another PC?  (AKA - Can I put a new systemboard in my OEM PC?) Few of us are both IT and legal experts but we all have our own views of Microsoft's licensing rules and how they apply.  There are…
Migration of Exchange mailbox can be done with the ExProfre.exe tool. But at times, when the ExProfre.exe tool migrates the Exchange Server user profile, it results in numerous synchronization problems. Synchronization error messages appear in the e…
Two types of users will appreciate AOMEI Backupper Pro: 1 - Those with PCIe drives (and haven't found cloning software that works on them). 2 - Those who want a fast clone of their boot drive (no re-boots needed) and it can clone your drive wh…
Want to learn how to record your desktop screen without having to use an outside camera. Click on this video and learn how to use the cool google extension called "Screencastify"! Step 1: Open a new google tab Step 2: Go to the left hand upper corn…

719 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question