Author Posts

November 13, 2013 at 6:55 am

Hi All,

I am trying to get a simple get-wmiobject win32_process from a machine in the domanin, but using a different credential
$credential = New-Object System.Management.Automation.PSCredential ("admsql", (Get-Content C:\scripts\securestring.txt | convertto-securestring))
Get-WmiObject win32_process -ComputerName '' -Credential $credential

Also IO have tried with

Get-WmiObject win32_process -ComputerName '' -Credential $credential -Impersonation Impersonate -Authentication PacketIntegrity

The admsql account in the machine is local adm and all the privilegies are in the dcomcnfg.

I have no idea what is going on. Can you help me guys ?

November 13, 2013 at 10:01 am

First, let's try and simplify the problem a bit by eliminating the credential object. As a test, try doing the Get-WmiObject call, passing the "MACHINENAME\USERNAME" to -Credential. Let it prompt you for the password. Does that work?

November 13, 2013 at 10:06 am

Tried and keep doing

Get-WmiObject : Access denied
At line:1 char:1
+ Get-WmiObject win32_process -ComputerName '' ...
+ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+ CategoryInfo : InvalidOperation: (:) [Get-WmiObject], ManagementException
+ FullyQualifiedErrorId : GetWMIManagementException,Microsoft.PowerShell.Commands.GetWmiObjectCommand


November 13, 2013 at 10:09 am

So, just to be clear, you're doing:

Get-WmiObject -Class Win32_Process -ComputerName '' -Credential 'COMPUTERNAME\admsql'

Replacing COMPUTERNAME with the machine's actual NetBIOS computer name, and "admsql" is a local Admin account on that machine. Correct?

November 13, 2013 at 10:37 am

Don, found the problem.

When I use administrator it works fine. When I try to use the admsql, that is a account in the local administrator group, not works with access denied. We have Symantec endpoint in the server, but even with enabled it works with administrator account. Do you have some idea Don ?

November 13, 2013 at 1:11 pm

Just to update you in case you can help others in the future, I have some great help in the MSDN forum, and it was UAC. Just disabled it

November 13, 2013 at 9:04 pm

This thread looks familiar. 🙂 The problem and several potential solutions are described in this MSDN article, in the "Handling Remote Connections Under UAC" section.