Permission Denied when trying to access remote computer with VBScr

G

Guest

hello,

i'm writing a script that access WMI on a remote computer to perform certain
actions. i've tried using the GetObject as follows:


Set objWMIService = GetObject _
("winmgmts:{impersonationLevel=impersonate,(Shutdown)}\\" & _
strComputerName & "\root\cimv2")

and i've also tried using whe sWbemLocator ConnectServer method as follows:

Set objSWbemLocator = CreateObject("WbemScripting.sWbemLocator")
Set objWMIService = objSWbemLocator.ConnectServer(strComputerName, _
"\root\CIMV2", _
strUser, _
strPassword, _
"MS_409", _
"NTLMDomain:" + strComputerName)

when i use the first method, i get
error code: 800A0046
Error: Permission denied: 'GetObject'
System: the remote server has been paused or is in the process of being
started.

when i use the second method, i get:
error Code: 80070005
Error: Access is denied
Source: SWbemLocator
System: Access is denied

the remote computer is a Windows XP sp2, i'm running a network with a
windows 2003 domain controler. i'm running the script as a domain
administrator.
i have searched all around on a way to fix this. i have followed all
instructions in how to set securiy and impersonation level, and access level,
and still my scripts error out.
i suspect that some recent windows update is blocking access to local wmi
from the network.
all the variables are declared explicitly and are assigned values before
reaching this part of the code.
i have disabled the firewall on the local machines using a gpo, so it's not
a firewall issue.
if i'm locally on the machine, all the scripts run without a problem. it's
only remotely that i have a problem.

thanks and regards,
 
M

Manbinder Pal Singh [MSFT]

Since it is working on your local machine and you are getting error for
remote case and you get a 0x80070005 (DCOM ACCESS_DENIED) error
, it suggests that your settings are not properly enabled for remote
connections. Please follow the instruction at this link Connecting to WMI
Through Windows Firewall.

This posting is provided "AS IS" with no warranties, and confers no rights.
Manbinder Pal Singh[ MSFT]
Team - WMI
1. Official WMI FAQ :
http://www.microsoft.com/technet/scriptcenter/resources/wmifaq.mspx
2. Programmer Focused WMI Newsgroup - microsoft.public.wmi.programmer (
NOTE: this is a replacement to microsoft.public.win32.programmer.wmi )
3. Technet ScriptCenter Resources :
http://www.microsoft.com/technet/scriptcenter/default.mspx
 
G

Guest

I don't see the link for "Connecting to WMI Through Windows Firewall."


Manbinder Pal Singh said:
Since it is working on your local machine and you are getting error for
remote case and you get a 0x80070005 (DCOM ACCESS_DENIED) error
, it suggests that your settings are not properly enabled for remote
connections. Please follow the instruction at this link Connecting to WMI
Through Windows Firewall.

This posting is provided "AS IS" with no warranties, and confers no rights.
Manbinder Pal Singh[ MSFT]
Team - WMI
1. Official WMI FAQ :
http://www.microsoft.com/technet/scriptcenter/resources/wmifaq.mspx
2. Programmer Focused WMI Newsgroup - microsoft.public.wmi.programmer (
NOTE: this is a replacement to microsoft.public.win32.programmer.wmi )
3. Technet ScriptCenter Resources :
http://www.microsoft.com/technet/scriptcenter/default.mspx


ricardo said:
hello,

i'm writing a script that access WMI on a remote computer to perform
certain
actions. i've tried using the GetObject as follows:


Set objWMIService = GetObject _
("winmgmts:{impersonationLevel=impersonate,(Shutdown)}\\" & _
strComputerName & "\root\cimv2")

and i've also tried using whe sWbemLocator ConnectServer method as
follows:

Set objSWbemLocator = CreateObject("WbemScripting.sWbemLocator")
Set objWMIService = objSWbemLocator.ConnectServer(strComputerName, _
"\root\CIMV2", _
strUser, _
strPassword, _
"MS_409", _
"NTLMDomain:" + strComputerName)

when i use the first method, i get
error code: 800A0046
Error: Permission denied: 'GetObject'
System: the remote server has been paused or is in the process of being
started.

when i use the second method, i get:
error Code: 80070005
Error: Access is denied
Source: SWbemLocator
System: Access is denied

the remote computer is a Windows XP sp2, i'm running a network with a
windows 2003 domain controler. i'm running the script as a domain
administrator.
i have searched all around on a way to fix this. i have followed all
instructions in how to set securiy and impersonation level, and access
level,
and still my scripts error out.
i suspect that some recent windows update is blocking access to local wmi
from the network.
all the variables are declared explicitly and are assigned values before
reaching this part of the code.
i have disabled the firewall on the local machines using a gpo, so it's
not
a firewall issue.
if i'm locally on the machine, all the scripts run without a problem. it's
only remotely that i have a problem.

thanks and regards,
Click to expand...
Click to expand...
 
G

Guest

as i said, the windows firewall is disabled on my DNS domain.
the script runs locally on every machine on my network. it just doesn't run
remotely.


Manbinder Pal Singh said:
Since it is working on your local machine and you are getting error for
remote case and you get a 0x80070005 (DCOM ACCESS_DENIED) error
, it suggests that your settings are not properly enabled for remote
connections. Please follow the instruction at this link Connecting to WMI
Through Windows Firewall.

This posting is provided "AS IS" with no warranties, and confers no rights.
Manbinder Pal Singh[ MSFT]
Team - WMI
1. Official WMI FAQ :
http://www.microsoft.com/technet/scriptcenter/resources/wmifaq.mspx
2. Programmer Focused WMI Newsgroup - microsoft.public.wmi.programmer (
NOTE: this is a replacement to microsoft.public.win32.programmer.wmi )
3. Technet ScriptCenter Resources :
http://www.microsoft.com/technet/scriptcenter/default.mspx


ricardo said:
hello,

i'm writing a script that access WMI on a remote computer to perform
certain
actions. i've tried using the GetObject as follows:


Set objWMIService = GetObject _
("winmgmts:{impersonationLevel=impersonate,(Shutdown)}\\" & _
strComputerName & "\root\cimv2")

and i've also tried using whe sWbemLocator ConnectServer method as
follows:

Set objSWbemLocator = CreateObject("WbemScripting.sWbemLocator")
Set objWMIService = objSWbemLocator.ConnectServer(strComputerName, _
"\root\CIMV2", _
strUser, _
strPassword, _
"MS_409", _
"NTLMDomain:" + strComputerName)

when i use the first method, i get
error code: 800A0046
Error: Permission denied: 'GetObject'
System: the remote server has been paused or is in the process of being
started.

when i use the second method, i get:
error Code: 80070005
Error: Access is denied
Source: SWbemLocator
System: Access is denied

the remote computer is a Windows XP sp2, i'm running a network with a
windows 2003 domain controler. i'm running the script as a domain
administrator.
i have searched all around on a way to fix this. i have followed all
instructions in how to set securiy and impersonation level, and access
level,
and still my scripts error out.
i suspect that some recent windows update is blocking access to local wmi
from the network.
all the variables are declared explicitly and are assigned values before
reaching this part of the code.
i have disabled the firewall on the local machines using a gpo, so it's
not
a firewall issue.
if i'm locally on the machine, all the scripts run without a problem. it's
only remotely that i have a problem.

thanks and regards,
Click to expand...
Click to expand...
 
G

Guest

I am having a simular problem with a remote script.
I am using the following to access the Services on a remote 2000 Server.
The server is not part of a domain. The script work fine from an XP
workstation, Another standalone 2000 Server, and a 2003 AD controller. It
will not work from a 2003 server that is in a workgroup.
I get:

Error: Access is denied
Code: 80070005
Source: swbbemlocator

'//////////////////////////////////////////////////////////////////////////////
Set objSWbemLocator = CreateObject("WbemScripting.SWbemLocator")
Set objSWbemServices = objSWbemLocator.ConnectServer(strComputer,
"root\cimv2", strUser, strPassword)
objSWbemServices.Security_.authenticationLevel =
WbemAuthenticationLevelPktPrivacy

Set objSWbemObject = objSWbemServices.Get(strService)

Wscript.Echo "Name: " & objSWbemObject.Name & vbCrLf & _
"Display Name: " & objSWbemObject.DisplayName & vbCrLf & _
"Start Mode: " & objSWbemObject.StartMode & vbCrLf & _
"Pre-State: " & objSWbemObject.Stat
'//////////////////////////////////////////////////////////////////////////////
 
S

scottinthebox

Joined
Nov 13, 2007
Messages
1
Reaction score
0
80070005 Access denied (XP Solution)

Having given up with searching the internet for a solution I sat down with my four identical HP workstations. A lot of trial and error later the error message no longer occurs on them... so you may like to try this. OK, so I am repying to an old posting but this comes high on a search of the "80070005 Access denied" error.

Local Security Policies
1. Start -> Control Panel -> Administrative Tools -> Local Security Policy
2. Navigate to Security\Local Policies\Security Options
a. Network Access: Let everyone permissions apply to anonymous users - Set to Enabled
c. DCOM: Machine Access Restrictions - Add Anonymous, Everyone, Interactive, Network, System with full rights options set.
d. Network Access: Let everyone permissions apply to anonymous users - Set to Enabled
e. Network Access: Sharing security model for local accounts - Set to Classic

The last item, "Sharing Security Model", in particular appears to be important. If this still does not work then try adjusting the DCOM configuration:

DCOM Configuration
1. Click Start -> Run
2. Enter DCOMCNFG and press OK. This will open the DCOMCNFG window.
3. Browse down the tree to Console Root ' Component Services ' Computers ' My Computer
4. Right click on "My Computer" and select properties
5. Select the "Default Properties" tab
a. Enable Distributed COM on this computer - option is checked.
b. Default Authentication Level - set to Connect
c. Default Impersonation Level - Set to Identify
6. Select the "COM Security" tab
7. Click on Access Permissions ' Edit Default
a. Add "Anonymous", "Everyone", "Interactive", "Network", "System" with Local and Remote access permissions set.
8. Click on Launch and Activation Permissions ' Edit Default
a. Add "Anonymous", "Everyone", "Interactive", "Network", "System" with Local and Remote access permissions set.
9. Click on OK
10. Close the DCOMCNFG window
11. Reboot

Good luck!
 

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments. After that, you can post your question and our members will help you out.

Ask a Question

Similar Threads

Getting VBS Cpu Usage with Impersonation using alternative credentials 1
Remote WMI connect to a computer not member of a domain? (only workgroup) 2
Remote WMI connection problem 0
Remote connection issue using GetObject("winmgmts:\\" ... 8
"Access denied." for wmiprvse.exe -Embedding, on LINQ installation 0
WMI security context 0
WMI Permission denied 3
how to prevent WBEM_E_SHUTTING_DOWN(0x80041033) error 0

Top