November 13, 2013 at 6:55 am #11426
I am trying to get a simple get-wmiobject win32_process from a machine in the domanin, but using a different credential
$credential = New-Object System.Management.Automation.PSCredential ("admsql", (Get-Content C:\scripts\securestring.txt | convertto-securestring))
Get-WmiObject win32_process -ComputerName '10.2.0.56' -Credential $credential
Also IO have tried with
Get-WmiObject win32_process -ComputerName '10.2.0.56' -Credential $credential -Impersonation Impersonate -Authentication PacketIntegrity
The admsql account in the machine is local adm and all the privilegies are in the dcomcnfg.
I have no idea what is going on. Can you help me guys ?
November 13, 2013 at 10:01 am #11434
First, let's try and simplify the problem a bit by eliminating the credential object. As a test, try doing the Get-WmiObject call, passing the "MACHINENAME\USERNAME" to -Credential. Let it prompt you for the password. Does that work?
November 13, 2013 at 10:06 am #11436
Tried and keep doing
Get-WmiObject : Access denied
At line:1 char:1
+ Get-WmiObject win32_process -ComputerName '10.2.0.56' ...
+ CategoryInfo : InvalidOperation: (:) [Get-WmiObject], ManagementException
+ FullyQualifiedErrorId : GetWMIManagementException,Microsoft.PowerShell.Commands.GetWmiObjectCommand
November 13, 2013 at 10:09 am #11437
So, just to be clear, you're doing:
Get-WmiObject -Class Win32_Process -ComputerName '10.2.0.56' -Credential 'COMPUTERNAME\admsql'
Replacing COMPUTERNAME with the machine's actual NetBIOS computer name, and "admsql" is a local Admin account on that machine. Correct?
November 13, 2013 at 10:37 am #11438
Don, found the problem.
When I use administrator it works fine. When I try to use the admsql, that is a account in the local administrator group, not works with access denied. We have Symantec endpoint in the server, but even with enabled it works with administrator account. Do you have some idea Don ?
November 13, 2013 at 10:42 am #11439
Nope, no idea.
November 13, 2013 at 10:43 am #11440
November 13, 2013 at 1:11 pm #11444
Just to update you in case you can help others in the future, I have some great help in the MSDN forum, and it was UAC. Just disabled it
November 13, 2013 at 9:04 pm #11462
You must be logged in to reply to this topic.