WinRM QuickConfig fail with Error number -2147024894 0x80070002 The system cannot find the file specified

Hi.

Trying to configure PS-Remoting for PowerShell on my Windows 7 x64 computer. But it always fails with following message:
D:\>winRm quickConfig
WinRM service is already running on this machine.
WSManFault
    Message
        ProviderFault
            WSManFault
                Message = Unable to check the status of the firewall.

Error number:  -2147024894 0x80070002
The system cannot find the file specified.

Open in new window


I had tried lot of options but it is still reporting the same error.

Any ideas how to fix that?

Thank you in advance,
Dmitry.
Dmitry_BondAsked:
Who is Participating?
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

becraigCommented:
Try the below:


sc config WinRM start= delayed-auto
net start WinRM
winrm create winrm/config/listener?Address=*+Transport=HTTP
netsh firewall add portopening TCP 80 "Windows Remote Management"

The final line opens the fw for winrm

Ensure you run this as administrator
0
Dmitry_BondAuthor Commented:
Tried. Not helped.
Log is enclosed.
winrm.log
0
becraigCommented:
This will resolve it for you

http://www.minasi.com/newsletters/nws1304.htm
0
Newly released Acronis True Image 2019

In announcing the release of the 15th Anniversary Edition of Acronis True Image 2019, the company revealed that its artificial intelligence-based anti-ransomware technology – stopped more than 200,000 ransomware attacks on 150,000 customers last year.

Dmitry_BondAuthor Commented:
Sorry. But for sure you mistaken!
You had read only couple of lines in the log and started to think that you know what is the problem is but that is not true.

Please see carefully - I had run there a "powershell .\fixNetwork.ps1" command which changed the "Public" network to "Work network".

And then I had run the "winrm qc" again, this time it was reported the error I stuck with - "Message = Unable to check the status of the firewall. Error number:  -2147024894 0x80070002. The system cannot find the file specified."

Only this error is the problem. The other message about Public network is not a problem at all. I'm able to solve that using the .\fixNetwork.ps1 script.

Do you have any idea how to solve the problem with the last error message in a log?
0
becraigCommented:
I am not sure what your fix network ps1 does it would help posting that so I could have a better idea of the actions.

I posted the solutions for changing the network type since the exception is firewall related due to network state. If your script changes the network state, please enable then disable your firewall and try again.  It is also worth it to run the firewall rule addition after you have changed your network setting.  

Run your fix network script verify your firewall is enabled then disabled run winrm qc   If you experience any errors restart the firewall then add the rule and run quick config again.
0
Dmitry_BondAuthor Commented:
Ok.
Restarted a firewall service (run "restart-service MpsSvc" in PS).
Tried "winrm qc" again - got exactly the same error again.

Changed FW to ON, restarted FW again.
Tried "winrm qc" again - got exactly the same error again.

Please note: I can only control FW for "Home" and "Public" networks. I cannot control FW for "Domain" network because it is controlled by domain policy. FW for "Domain" network is always OFF. So, FW for "Domain" network is disabled in Windows GUI and there is a message "For your security some settings are managed by your system administrator".

Any more ideas?
0
becraigCommented:
What was the output from the command to add the firewall rule after updating network profile ? I did not see that in your comments ?
0
becraigCommented:
Also here is some helpful information to help you understand what is being done and why. There are manual options to enable if you have group policy overrides which seem to be the case here.  
Note  The winrm quickconfig command creates a firewall exception only for the current user profile. If the firewall profile is changed for any reason, winrm quickconfig should be run to enable the firewall exception for the new profile; otherwise, the exception might not be enabled.


Give the link below a careful read before proceeding, most if not all your questions should be answered.

http://msdn.microsoft.com/en-us/library/windows/desktop/aa384372(v=vs.85).aspx
0
Dmitry_BondAuthor Commented:
>> What was the output from the command to add the firewall rule
>> after updating network profile ? I did not see that in your comments ?

Please see the original log file I had posted - the command which is adding FW rule is always generates exactly the same output despite of any type of network profile.

But specially for you I just redone the same, please see the new log enclosed.
winrm2.log
0
becraigCommented:
Ok so you need to run the following


For Windows Server 2008 with Winrm 1.1
netsh advfirewall firewall add portopening TCP 80 "Windows Remote Management"

For Windows Server 2008 R2 with Winrm 2.0
netsh advfirewall firewall add portopening TCP 5985 "Windows Remote Management"
0
Dmitry_BondAuthor Commented:
What about Windows 7 ?
As you can see - I mentioned that I need that on Windows 7.

Note: I just tried to run commands:
PS C:\> netsh firewall add portopening TCP 5985 "Windows Remote Management"

IMPORTANT: "netsh firewall" is deprecated;
use "netsh advfirewall firewall" instead.
For more information on using "netsh advfirewall firewall" commands
instead of "netsh firewall", see KB article 947709
at http://go.microsoft.com/fwlink/?linkid=121488 .


PS C:\> Restart-Service MpsSvc
PS C:\> winrm qc
WinRM service is already running on this machine.
WSManFault
    Message
        ProviderFault
            WSManFault
                Message = Unable to check the status of the firewall.

Error number:  -2147024894 0x80070002
The system cannot find the file specified.
PS C:\Users\dbondare>

Open in new window


As you can see - it is still reporting the same error.

PS. Btw, FW rules for PS I added yesterday. So, I think "netsh firewall add portopening TCP 5985 "Windows Remote Management"" command is not required.
I think the problem could be that "WinRM QC" is not able to validate FW status. So, all the FW rules already exists.
That could be a bug in "WinRM QC". Only the question - if possible to workaround it somehow?
0
becraigCommented:
First you did not run the command I posted in the last comment, your command output indicates that. Second I pasted a link on how to manually configure winrm if you are having issues with quick config.
http://msdn.microsoft.com/en-us/library/windows/desktop/aa384372(v=vs.85).aspx
0
Dmitry_BondAuthor Commented:
That is because the "netsh advfirewall firewall" command seems not exists on Win 7.

It reports:

D:\>netsh advfirewall f
irewall add portopening TCP 5985 "Windows Remote Management"
The following command was not found: advfirewall firewall add portopening TCP 59
85 "Windows Remote Management".

Open in new window

0
becraigCommented:
I am providing a link to a fw troubleshooting tool.  

http://www.pcwintech.com/shanes-toolbox

Let me know the results.  This points to your firewall as being the issue however with the service running you should be able to connect to other servers even if the fw is disabled once the service is running.
0
Dmitry_BondAuthor Commented:
Ok. I did run a "Detect Firewals" tool, it shown me following:
Scanning...
Date: 31.08.2013 Time: 18:07:55
''''''''''''''''''''''''''''''''''''''''''''''''''''''''
Done, Scan Complete.
''''''''''''''''''''''''''''''''''''''''''''''''''''''''

Open in new window


So, it shows nothing.

When I checkmark "Show Microsoft Services" it shows following:
Scanning...
Date: 31.08.2013 Time: 18:05:18
''''''''''''''''''''''''''''''''''''''''''''''''''''''''
''''''''''''''''''''''''''''''''''''''''''''''''''''''''
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Dhcp
--Description: @%SystemRoot%\system32\dhcpcore.dll,-101
--DisplayName: @%SystemRoot%\system32\dhcpcore.dll,-100
--ImagePath: C:\Windows\system32\svchost.exe -k LocalServiceNetworkRestricted
''''''''''''''''''''''''''''''''''''''''''''''''''''''''
''''''''''''''''''''''''''''''''''''''''''''''''''''''''
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Dnscache
--Description: @%SystemRoot%\System32\dnsapi.dll,-102
--DisplayName: @%SystemRoot%\System32\dnsapi.dll,-101
--ImagePath: C:\Windows\system32\svchost.exe -k NetworkService
''''''''''''''''''''''''''''''''''''''''''''''''''''''''
''''''''''''''''''''''''''''''''''''''''''''''''''''''''
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\dot3svc
--Description: @%systemroot%\system32\dot3svc.dll,-1103
--DisplayName: @%systemroot%\system32\dot3svc.dll,-1102
--ImagePath: C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted
''''''''''''''''''''''''''''''''''''''''''''''''''''''''
''''''''''''''''''''''''''''''''''''''''''''''''''''''''
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\lmhosts
--Description: @%SystemRoot%\system32\lmhsvc.dll,-102
--DisplayName: @%SystemRoot%\system32\lmhsvc.dll,-101
--ImagePath: C:\Windows\system32\svchost.exe -k LocalServiceNetworkRestricted
''''''''''''''''''''''''''''''''''''''''''''''''''''''''
''''''''''''''''''''''''''''''''''''''''''''''''''''''''
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\RasAcd
--Description: Remote Access Auto Connection Driver
--DisplayName: Remote Access Auto Connection Driver
--ImagePath: System32\DRIVERS\rasacd.sys
''''''''''''''''''''''''''''''''''''''''''''''''''''''''
''''''''''''''''''''''''''''''''''''''''''''''''''''''''
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Wlansvc
--Description: @%SystemRoot%\System32\wlansvc.dll,-258
--DisplayName: @%SystemRoot%\System32\wlansvc.dll,-257
--ImagePath: C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted
''''''''''''''''''''''''''''''''''''''''''''''''''''''''
''''''''''''''''''''''''''''''''''''''''''''''''''''''''
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\WwanSvc
--Description: @%SystemRoot%\System32\wwansvc.dll,-258
--DisplayName: @%SystemRoot%\System32\wwansvc.dll,-257
--ImagePath: C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
''''''''''''''''''''''''''''''''''''''''''''''''''''''''
Done, Scan Complete.
'''''''''''''''''''''''''''''''''''''''''''''''''''''''

Open in new window


And what then? Do you see anything interesting here?
I seems not.
0
becraigCommented:
Can you tell me the status of the following service:
MpsSvc  


I will look at what we have looked at so far to help to isolate the issue.
0
Dmitry_BondAuthor Commented:
Status of MpsSvc service is "Running".

I knew what MpsSvc service - that is Firewall. That service was never disabled on my PC.
So, it was enabled and running from beginning of my attempts to enable PS on my PC.
0
becraigCommented:
Let's look at what we have looked at:
validated winrm is configured
validated http listener is configured
applied firewall rule to allow the listener
verified the state of the firewall service.

Do you know what GPO is applied on your computer ?

Can you take a look at the GPO for your computer / user object and verify if there is a defined GPO blocking you from completing winrm configuration ?
0
Dmitry_BondAuthor Commented:
As I could see in the Local Group Policy Editor -> Computer Configuration -> Administrative Templates -> Windows Components -> Windows Remote Management (WinRM) -> all items inside "WinRM Client" and "WinRM Server" are marked as "Not configured".
So, GPO is not defining any restriction to WinRM.

Can you recommend - what also to check in GPO which could be related to this issue?
0
becraigCommented:
I take it from your response you do not inherit any GPO setting from AD and the only group policy settings expected are local policy ?
0
Dmitry_BondAuthor Commented:
Not sure.
My computer is in domain and of course - it is controlled by domain GPO.
But I'm not sure how to see what is the current domain-defined GPO.

I did think Local Group Policy Editor is showing it. So, I thought that AD GPO is way to change local GPO and there is no separate entity called AD GPO locally. Am I mistaken with it?
0
Dmitry_BondAuthor Commented:
FYI. I just found a way to check resulting GPO. I started rsop.msc to check resulting GPO.

As I can see domain GPO is only changing "Windows Automatic Updates" and "Firewall for Domain" - it is disabling FW for domain.
So, in the Computer Configuration -> Administrative Templates -> Network -> Network Connections -> Windows Firewall -> Domain Profile -> the "Windows Firewall: Protected all network connections" item is Disabled.

But I'm 100% sure this GPO option is absolutely irrelevant to this issue. Because on a new laptop which has 100% the same domain GPO I was successfully configured WinRM for remote access from PS.
So, it looks like some local issue.
0
becraigCommented:
Great, so at this point I suggest you manually create a rule in the firewall to allow traffic for the winrm listener, I assume you know how to do this so I will give you the port and a suggested name for the rule.

Port: 5985
Name: Windows Remote Management (HTTP-In)

If you have issues adding this you can stop the firewall then add the rule and restart the firewall.

Looking above we were never able to successfully add the firewall exception, so this should be your potential solution.
0

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
Dmitry_BondAuthor Commented:
Waw! It is working. Hallelujah! :-)

So, I had to do following:
run script to fix network type again (the because on every OS restart it is reseting it Public - that is how VmWare network adapters are behaving)
add the mentioned Firewall rule manually, restart MpsSvc service
Run the Enable-PsRemoting in PowerShell console again

I tested it from remote computer, it works. Nice.

Thank you for help. :)
0
Dmitry_BondAuthor Commented:
I selected some of the most informative comments.
0
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Windows 7

From novice to tech pro — start learning today.