Logo Questions Linux Laravel Mysql Ubuntu Git Menu
 

"get-wmiobject win32_process -computername" gets error "Access denied , code 0x80070005"

i'm trying to find processes on 3 terminal servers which have certain words in its $_.commandline property. Under my domain admin account, it worked OK. But I want this script to be usable for domain users, and doamin users get an error when runing this script.

What should i do, so that domain users can run this script just like domain admins? Thanks in advance!

Error:

Get-WmiObject : Access is denied. (Exception from HRESULT: 0x80070005 (E_ACCESS DENIED))
At N:\FindWhoIsUsing\FindWhoIsUsing.ps1:7 char:18
get-wmiobject <<<<  win32_process -computername $server -EnableAllPrivileges|
CategoryInfo          : NotSpecified: (:) [Get-WmiObject], UnauthorizedAccessException
FullyQualifiedErrorId : System.UnauthorizedAccessException,Microsoft.PowerShell.Commands.GetWmiObjectCommand

Powershell Code:

Write-host "Who is using this profile?"
$profile = Read-host "specify profile name" 
$servers = @("server-01","server-02","server-03")
Foreach($server in $servers)
{
    Write-host $server
    get-wmiobject win32_process -computername $server -EnableAllPrivileges|
    where{$_.name -like "*Processname*" -and
    $_.CommandLine -like "*$profile*"}|
    select @{n="Server";e={$server}},@{n="User";e={$_.getowner().user}},@{n="ProcessID";e= {$_.ProcessID}},{$_.CommandLine}|fl
}
Write-host "DONE Searching!"
like image 986
bookends Avatar asked Feb 19 '13 08:02

bookends


1 Answers

Ok here are the steps:

  1. Launch "wmimgmt.msc"
  2. Right-click on "WMI Control (Local)" then select Properties
  3. Go to the "Security" tab and select "Security" then "Advanced" then "Add"
  4. Select the user name(s) or group(s) you want to grant access to the WMI and click ok
  5. Grant the required permissions, I recommend starting off by granting all permissions to ensure that access is given, then remove permissions later as necessary.
  6. Ensure the "Apply to" option is set to "This namespace and subnamespaces"
  7. Save and exit all prompts
  8. Add the user(s) or group(s) to the Local "Distributed COM Users" group. Note: The "Authenticated Users" and "Everyone" groups cannot be added here, so you can alternatively use the "Domain Users" group.
like image 149
Musaab Al-Okaidi Avatar answered Oct 12 '22 10:10

Musaab Al-Okaidi