WMI Access Denied

This topic contains 8 replies, has 3 voices, and was last updated by  Dave Wyatt 4 years ago.

  • Author
    Posts
  • #11426

    Laerte Junior
    Participant

    Hi All,

    I am trying to get a simple get-wmiobject win32_process from a machine in the domanin, but using a different credential
    $credential = New-Object System.Management.Automation.PSCredential ("admsql", (Get-Content C:\scripts\securestring.txt | convertto-securestring))
    Get-WmiObject win32_process -ComputerName '10.2.0.56' -Credential $credential

    Also IO have tried with

    Get-WmiObject win32_process -ComputerName '10.2.0.56' -Credential $credential -Impersonation Impersonate -Authentication PacketIntegrity

    The admsql account in the machine is local adm and all the privilegies are in the dcomcnfg.

    I have no idea what is going on. Can you help me guys ?

  • #11434

    Don Jones
    Keymaster

    First, let's try and simplify the problem a bit by eliminating the credential object. As a test, try doing the Get-WmiObject call, passing the "MACHINENAME\USERNAME" to -Credential. Let it prompt you for the password. Does that work?

  • #11436

    Laerte Junior
    Participant

    Tried and keep doing

    Get-WmiObject : Access denied
    At line:1 char:1
    + Get-WmiObject win32_process -ComputerName '10.2.0.56' ...
    + ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    + CategoryInfo : InvalidOperation: (:) [Get-WmiObject], ManagementException
    + FullyQualifiedErrorId : GetWMIManagementException,Microsoft.PowerShell.Commands.GetWmiObjectCommand

    Thanks

  • #11437

    Don Jones
    Keymaster

    So, just to be clear, you're doing:

    Get-WmiObject -Class Win32_Process -ComputerName '10.2.0.56' -Credential 'COMPUTERNAME\admsql'

    Replacing COMPUTERNAME with the machine's actual NetBIOS computer name, and "admsql" is a local Admin account on that machine. Correct?

  • #11438

    Laerte Junior
    Participant

    Don, found the problem.

    When I use administrator it works fine. When I try to use the admsql, that is a account in the local administrator group, not works with access denied. We have Symantec endpoint in the server, but even with enabled it works with administrator account. Do you have some idea Don ?

  • #11439

    Don Jones
    Keymaster

    Nope, no idea.

  • #11440

    Laerte Junior
    Participant

    Thanks

  • #11444

    Laerte Junior
    Participant

    Just to update you in case you can help others in the future, I have some great help in the MSDN forum, and it was UAC. Just disabled it

  • #11462

    Dave Wyatt
    Moderator

    This thread looks familiar. 🙂 The problem and several potential solutions are described in this MSDN article, in the "Handling Remote Connections Under UAC" section.

You must be logged in to reply to this topic.