Logo Questions Linux Laravel Mysql Ubuntu Git Menu
 

Remote WMI connection

Tags:

c#

wmi

I want to connect to remote PC running Windows 7, from another PC using ManagementScope on a local network. On remote PC I've created a new user account "Samuel" without password and set as administrator.

ConnectionOptions options = new ConnectionOptions();
options.Username = "Samuel";
options.Password = "";

ManagementScope scope = new ManagementScope("\\\\192.168.0.2\\root\\cimv2", options);          
scope.Connect();

The Error I get:

Access is denied. (Exception from HRESULT: 0x80070005 (E_ACCESSDENIED))

Update:
After setting password for the use, I get new error:

The RPC server is unavailable. (Exception from HRESULT: 0x800706BA)

like image 506
shlomjmi Avatar asked Jul 20 '10 11:07

shlomjmi


People also ask

What ports does remote WMI use?

What Ports Does WMI Use? WMI uses TCP port 135 and a range of dynamic ports: 49152-65535 (RPC dynamic ports – Windows Vista, 2008 and above), TCP 1024-65535 (RPC dynamic ports – Windows NT4, Windows 2000, Windows 2003), or you can set up WMI to use a custom range of ports.

What is WMI and how it works?

Windows Management Instrumentation (WMI) is a set of specifications from Microsoft for consolidating the management of devices and applications in a network from Windows computing systems. WMI provides users with information about the status of local or remote computer systems.

What is WMI communication?

The Windows Management Instrumentation (WMI) Remote Protocol is used to communicate management data conforming to Common Information Model (CIM), as specified in [DMTF-DSP0004].


2 Answers

Maybe it's the missing 'EnablePrivileges':

scope.Options.EnablePrivileges = true;

From MSDN (ConnectionOptions.EnablePrivileges Property):

Gets or sets a value indicating whether user privileges need to be enabled for the connection operation. This property should only be used when the operation performed requires a certain user privilege to be enabled (for example, a machine restart).

Edit: If it doesn't work, try setting the ImpersonationLevel to 'Impersonate':

scope.Options.Impersonation = System.Management.ImpersonationLevel.Impersonate;

ImpersonationLevel Impersonate: Impersonate-level COM impersonation level that allows objects to use the credentials of the caller. This is the recommended impersonation level for WMI calls.

like image 68
weberph Avatar answered Oct 05 '22 22:10

weberph


  • According to the WMI FAQ on TechNet, the 0x80070005 error indicates a DCOM issue:

    0x80070005 (DCOM ACCESS_DENIED)
    This error occurs when the connected user is not recognized or is restricted in some fashion by the remote server (for example, the user might be locked out). This happens most often when accounts are in different domains. Recent changes to WMI security can also cause this error to occur:

    • Blank passwords, formerly permitted, are not allowed in Windows XP and Windows Server 2003.

    • WMI does not allow asynchronous callbacks to a Windows 98 client. A call like SWbemServices.ExecNotificationQueryAsync from a Windows 98 computer to a Windows XP computer will result in an Access Denied error returned to the Windows 98 machine.

    • The DCOM configuration access setting might have been changed.

    • If the target computer is running Windows XP, the Forceguest value under the registry key HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa might be set to force the Guest account off (value is zero).

    (Although Windows XP is mentioned, this may be applied to Windows 7 as well.)

  • The 0x800706BA error, in its rurn, indicates a firewall issue:

    0x800706xx (DCOM RPC error)
    This often occurs when a firewall is configured on the remote computer. You will need to open the appropriate ports on the firewall to permit remote administration using DCOM.

    Try enabling the Remote administration exception in Windows Firewall on the remote computer and see if it helps. To do this from the command line, run the following command in the elevated command prompt:

    netsh advfirewall firewall set rule group="remote admin" new enable=yes
    


    You can also find the DCOM, UAC, Windows Firewall and other settings required for remote WMI access in the Connecting to WMI Remotely Starting with Windows Vista article on MSDN.

  • Also, since Samuel is a nondomain account, you need to grant this account DCOM Remote Access, Remote Launch and Remote Activation permissions on the remote computer as described here.

like image 35
Helen Avatar answered Oct 06 '22 00:10

Helen