Remote WMI connection
I want 开发者_高级运维to connect to remote PC running Windows 7, from another PC using ManagementScope on a local network. On remote PC I've created a new user account "Samuel" without password and set as administrator.
ConnectionOptions options = new ConnectionOptions();
options.Username = "Samuel";
options.Password = "";
ManagementScope scope = new ManagementScope("\\\\192.168.0.2\\root\\cimv2", options);
scope.Connect();
The Error I get:
Access is denied. (Exception from HRESULT: 0x80070005 (E_ACCESSDENIED))
Update:
After setting password for the use, I get new error:The RPC server is unavailable. (Exception from HRESULT: 0x800706BA)
Maybe it's the missing 'EnablePrivileges':
scope.Options.EnablePrivileges = true;
From MSDN (ConnectionOptions.EnablePrivileges Property):
Gets or sets a value indicating whether user privileges need to be enabled for the connection operation. This property should only be used when the operation performed requires a certain user privilege to be enabled (for example, a machine restart).
Edit: If it doesn't work, try setting the ImpersonationLevel to 'Impersonate':
scope.Options.Impersonation = System.Management.ImpersonationLevel.Impersonate;
ImpersonationLevel Impersonate: Impersonate-level COM impersonation level that allows objects to use the credentials of the caller. This is the recommended impersonation level for WMI calls.
According to the WMI FAQ on TechNet, the 0x80070005 error indicates a DCOM issue:
0x80070005 (DCOM ACCESS_DENIED)
This error occurs when the connected user is not recognized or is restricted in some fashion by the remote server (for example, the user might be locked out). This happens most often when accounts are in different domains. Recent changes to WMI security can also cause this error to occur:Blank passwords, formerly permitted, are not allowed in Windows XP and Windows Server 2003.
WMI does not allow asynchronous callbacks to a Windows 98 client. A call like SWbemServices.ExecNotificationQueryAsync from a Windows 98 computer to a Windows XP computer will result in an Access Denied error returned to the Windows 98 machine.
The DCOM configuration access setting might have been changed.
If the target computer is running Windows XP, the Forceguest value under the registry key HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa might be set to force the Guest account off (value is zero).
(Although Windows XP is mentioned, this may be applied to Windows 7 as well.)
The 0x800706BA error, in its rurn, indicates a firewall issue:
0x800706xx (DCOM RPC error)
This often occurs when a firewall is configured on the remote computer. You will need to open the appropriate ports on the firewall to permit remote administration using DCOM.Try enabling the Remote administration exception in Windows Firewall on the remote computer and see if it helps. To do this from the command line, run the following command in the elevated command prompt:
netsh advfirewall firewall set rule group="remote admin" new enable=yes
You can also find the DCOM, UAC, Windows Firewall and other settings required for remote WMI access in the Connecting to WMI Remotely Starting with Windows Vista article on MSDN.
Also, since Samuel is a nondomain account, you need to grant this account DCOM Remote Access, Remote Launch and Remote Activation permissions on the remote computer as described here.
You got "Access is denied." because you cannot query scope connection with username only. You have 2 options: null for username and password or enter username and password.
You got "The RPC server is unavailable." because firewall doesn't let you query that machine. You have 2 options: disable firewall or add remote administration exception to it.
You can add firewall exception like this in cmd: Older windows versions:
netsh firewall set service type = remoteadmin mode = enable
Newer windows versions:
netsh advfirewall firewall set rule group="Windows Remote Management" new enable=yes
If you try to login with domain user, change username to domainName\username or set connection property connection.Authority = "ntlmdomain:domainName".
Are you sure you can make remote WMI connections to accounts without passwords?
There are a number of things such accounts can't do (share files, remote desktop, for example). Try setting a password and see if that makes a difference.
You may want to check to WMI Security Settings on the Remote Windows 7 PC. Right Click Computer > Manage > Services and Applications > WMI Control > Security Tab and make sure the user account you are using has the necc permissions.
Not sure if it is denied because the WMI engine isn't listening on the remote machine, or if you have other login/connection issues.
Here's the code I used to connect to my remote machine, and it is working perfectly. Maybe it will help you:
ConnectionOptions oConn = new ConnectionOptions();
ManagementScope oScope = null;
oConn.Username = txtLogin;
oConn.Password = txtPassword;
oConn.Authority = "ntlmdomain:" + txtDomain;
oScope = new ManagementScope("\\\\" + txtHostName + "\\root\\CIMV2", oConn);
oScope.Connect();
If my domain/login/password trio are accepted, then Connect() will work. Otherwise, Connect() throws an exception. As long as the specified credentials have permission on that machine, you should be off and running.
Try to add domain or computer name before the username (e.g. @"mshome\Samuel").
Solution using "net view \\servername"
I know it's not very desirable to use a console command and do some string-gymnastic on the output, but on the other hand it does work and it's not very desirable either, at least for me, to have to mess around with the DCOM default settings to to get the WMI way to work (at least on Win7s).
Has been tested on Win7 and XP clients and MS- and linux server.
Function GetShares(ServerName As String) As List(Of String)
Try
Dim P As New Process
Dim Read As Boolean = False
Dim Str As String
Dim Shares As New List(Of String)
With P.StartInfo
.FileName = "net"
.Arguments = "view " & ServerName
.RedirectStandardOutput = True
.RedirectStandardError = True
.CreateNoWindow = True
.UseShellExecute = False
End With
P.Start()
P.WaitForExit()
If P.ExitCode <> 0 Then
MsgBox(P.StandardError.ReadToEnd, MsgBoxStyle.OkOnly, "Error")
Else
Do Until P.StandardOutput.EndOfStream = True
If Read = True Then
Str = P.StandardOutput.ReadLine
If Str = "The command completed successfully." Then Exit Do
Str = Strings.RTrim(Str) 'Removes any trailing spaces
Str = Strings.Mid(Str, 1, Strings.InStrRev(Str, " ")) 'remove Type
Str = Strings.RTrim(Str) ''Removes any trailing spaces
Shares.Add(Str)
Else
If Strings.Left(P.StandardOutput.ReadLine, 10) = "----------" Then Read = True
End If
Loop
End If
Return Shares
Catch ex As Exception
MsgBox("Error in """ & System.Reflection.MethodInfo.GetCurrentMethod.Name & """: " & vbCr & ex.Message, MsgBoxStyle.OkOnly, "Runtime error")
Debug.Print("--------------------------" & vbCr & "Error: " & ex.Message & vbCr & ex.StackTrace)
Return Nothing
End Try
End Function
I had this problem too.I was trying to write C# code to get WMI information and files from a remote PC. And ran into two Access Denied errors:
To keep a long story short, I had to make changes to the remote PC. See below:
0x80070005: Access is Denied: https://social.msdn.microsoft.com/Forums/vstudio/en-US/6229334e-d5ef-4016-9e7e-1c8718be8d43/access-is-denied-exception-from-hresult-0x80070005-eaccessdenied-in-vbnet?forum=netfxbcl
System.Management: Access Denied: Section "Using System.Management and WMI": https://support.microsoft.com/en-us/help/317012/process-and-request-identity-in-asp.net
加载中,请稍侯......
精彩评论