Access denied for remote access via WMI

Asked

Viewed 291 times

1

Hello!

I am trying to perform a remote access via WMI on a server with domain other than my machine, but when I try to access the following code is returned: Access denied. (0x80070005 (E_ACCCESSDENIED)).

Someone can help me?

Remembering that there are other servers in the same domain as me and in them I can perform remote access normally.

Follows the code:

public class Serviços
{
    Coleções.Serviços _serviçosCol;
    Objetos.Serviço _serviçoObj;

    private System.ServiceProcess.ServiceController[] _serviçosSC;

    public Coleções.Serviços Carregar(string ip, string login, string senha)
    {
        try
        {
            ConnectionOptions options = new ConnectionOptions();
            options.Password = senha;
            options.Username = login;
            options.Authentication = AuthenticationLevel.Connect;
            options.EnablePrivileges = true;
            options.Impersonation = ImpersonationLevel.Identify;

            ManagementScope scope = new ManagementScope("\\\\" + ip + "\\root\\cimv2", options);
            scope.Connect();

            _serviçosCol = new Coleções.Serviços();
            _serviçosSC = System.ServiceProcess.ServiceController.GetServices(ip);

            for (int i = 0; i < _serviçosSC.Length; i++)
            {
                _serviçoObj = new Objetos.Serviço();
                _serviçoObj.Nome = _serviçosSC[i].ServiceName;
                _serviçoObj.Status = _serviçosSC[i].Status.ToString();

                _serviçosCol.Adicionar(_serviçoObj);
            }

            return _serviçosCol;
        }
        catch (Exception _erro)
        {
            throw _erro;
        }

    }

}

1 answer

2



Remote access has to be enabled on the station by a configuration that is done locally, not just send an access request and/or a command, the other stations where (in another domain or not) your command has worked, is the result of a configuration applied when previously required.

This restriction came by default from Windows Vista, allowing remote (filtered) access to only admin group members local.

Via perform a reg query in the key below and check if it returns to you:

EnableLUA REG_DWORD 0x1     or     EnableLUA REG_DWORD 0x0


reg query "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System" | findstr "EnableLUA"
Rem :: EnableLUA    REG_DWORD    0x1
 
rem ::  Então adicione a entrada/valor 0
reg add "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System" /v EnableLUA /t REG_DWORD /d 0 /f

In short:

Check in the destination station, if this key exists and if it is enabled(0x1):

reg query "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\system" | find "LocalAccountTokenFilterPolicy" | find "0x1"

If it exists and is enabled, the command returns to you:

LocalAccountTokenFilterPolicy    REG_DWORD    0x1

In case it does not exist or the value differs from 0x1, use this command to add/enable:

reg add "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\system" /v LocalAccountTokenFilterPolicy /t REG_DWORD /d 1 /f

If it still doesn’t work, try following this how to:

enable remote wmi access for a Domain user Account: /en

allow WMI remote access to a domain user account: /pt google translation

Browser other questions tagged

You are not signed in. Login or sign up in order to post.