Sorry if this question is a little off topic, but I noticed people are discussing WMI here and thought that maybe this as good a forum as any, and better than most.
I wanted to configure a port for my SQL Server, and it turned out that my mis-configured or corrupt WMI installation is creating an obstacle.
I've tried numerous things to fix it, but WMIDiag reveals numerous default trustees have been removed from my system:
19078 16:07:01 (0) ** WMI namespace security for 'ROOT/RSOP': ............................................................................. MODIFIED.
19079 16:07:01 (1) !! ERROR: Default trustee 'NT AUTHORITY\SYSTEM' has been REMOVED!
19080 16:07:01 (0) ** - REMOVED ACE:
19081 16:07:01 (0) ** ACEType: &h0
19082 16:07:01 (0) ** ACCESS_ALLOWED_ACE_TYPE
19083 16:07:01 (0) ** ACEFlags: &h12
19084 16:07:01 (0) ** CONTAINER_INHERIT_ACE
19085 16:07:01 (0) ** INHERITED_ACE
19086 16:07:01 (0) ** ACEMask: &h6003F
19087 16:07:01 (0) ** WBEM_ENABLE
19088 16:07:01 (0) ** WBEM_METHOD_EXECUTE
19089 16:07:01 (0) ** WBEM_FULL_WRITE_REP
19090 16:07:01 (0) ** WBEM_PARTIAL_WRITE_REP
19091 16:07:01 (0) ** WBEM_WRITE_PROVIDER
19092 16:07:01 (0) ** WBEM_REMOTE_ACCESS
19093 16:07:01 (0) ** WBEM_WRITE_DAC
19094 16:07:01 (0) ** WBEM_READ_CONTROL
19095 16:07:01 (0) **
19096 16:07:01 (0) ** => The REMOVED ACE was part of the DEFAULT setup for the trustee.
19097 16:07:01 (0) ** Removing default security will cause some operations to fail!
19098 16:07:01 (0) ** It is possible to fix this issue by editing the security descriptor and adding the ACE.
19099 16:07:01 (0) ** For WMI namespaces, this can be done with 'WMIMGMT.MSC'.
19100 16:07:01 (0) **
19101 16:07:01 (0) ** WMI namespace security for 'ROOT/RSOP': ............................................................................. MODIFIED.
19102 16:07:01 (1) !! ERROR: Default trustee 'NT AUTHORITY\AUTHENTICATED USERS' has been REMOVED!
19103 16:07:01 (0) ** - REMOVED ACE:
19104 16:07:01 (0) ** ACEType: &h0
19105 16:07:01 (0) ** ACCESS_ALLOWED_ACE_TYPE
19106 16:07:01 (0) ** ACEFlags: &h12
19107 16:07:01 (0) ** CONTAINER_INHERIT_ACE
19108 16:07:01 (0) ** INHERITED_ACE
19109 16:07:01 (0) ** ACEMask: &h20023
19110 16:07:01 (0) ** WBEM_ENABLE
19111 16:07:01 (0) ** WBEM_METHOD_EXECUTE
19112 16:07:01 (0) ** WBEM_REMOTE_ACCESS
19113 16:07:01 (0) ** WBEM_READ_CONTROL
19114 16:07:01 (0) **
19115 16:07:01 (0) ** => The REMOVED ACE was part of the DEFAULT setup for the trustee.
19116 16:07:01 (0) ** Removing default security will cause some operations to fail!
19117 16:07:01 (0) ** It is possible to fix this issue by editing the security descriptor and adding the ACE.
19118 16:07:01 (0) ** For WMI namespaces, this can be done with 'WMIMGMT.MSC'.
19119 16:07:01 (0) **
19120 16:07:01 (0) ** WMI namespace security for 'ROOT/RSOP/USER': ........................................................................ MODIFIED.
19121 16:07:01 (1) !! ERROR: Default trustee 'NT AUTHORITY\SYSTEM' has been REMOVED!
19122 16:07:01 (0) ** - REMOVED ACE:
19123 16:07:01 (0) ** ACEType: &h0
19124 16:07:01 (0) ** ACCESS_ALLOWED_ACE_TYPE
19125 16:07:01 (0) ** ACEFlags: &h12
19126 16:07:01 (0) ** CONTAINER_INHERIT_ACE
19127 16:07:01 (0) ** INHERITED_ACE
19128 16:07:01 (0) ** ACEMask: &h6003F
19129 16:07:01 (0) ** WBEM_ENABLE
19130 16:07:01 (0) ** WBEM_METHOD_EXECUTE
19131 16:07:01 (0) ** WBEM_FULL_WRITE_REP
19132 16:07:01 (0) ** WBEM_PARTIAL_WRITE_REP
19133 16:07:01 (0) ** WBEM_WRITE_PROVIDER
19134 16:07:01 (0) ** WBEM_REMOTE_ACCESS
19135 16:07:01 (0) ** WBEM_WRITE_DAC
19136 16:07:01 (0) ** WBEM_READ_CONTROL
19137 16:07:01 (0) **
19138 16:07:01 (0) ** => The REMOVED ACE was part of the DEFAULT setup for the trustee.
19139 16:07:01 (0) ** Removing default security will cause some operations to fail!
19140 16:07:01 (0) ** It is possible to fix this issue by editing the security descriptor and adding the ACE.
19141 16:07:01 (0) ** For WMI namespaces, this can be done with 'WMIMGMT.MSC'.
19142 16:07:01 (0) **
19143 16:07:01 (0) ** WMI namespace security for 'ROOT/RSOP/USER': ........................................................................ MODIFIED.
19144 16:07:01 (1) !! ERROR: Default trustee 'NT AUTHORITY\AUTHENTICATED USERS' has been REMOVED!
19145 16:07:01 (0) ** - REMOVED ACE:
19146 16:07:01 (0) ** ACEType: &h0
19147 16:07:01 (0) ** ACCESS_ALLOWED_ACE_TYPE
19148 16:07:01 (0) ** ACEFlags: &h12
19149 16:07:01 (0) ** CONTAINER_INHERIT_ACE
19150 16:07:01 (0) ** INHERITED_ACE
19151 16:07:01 (0) ** ACEMask: &h20023
19152 16:07:01 (0) ** WBEM_ENABLE
19153 16:07:01 (0) ** WBEM_METHOD_EXECUTE
19154 16:07:01 (0) ** WBEM_REMOTE_ACCESS
19155 16:07:01 (0) ** WBEM_READ_CONTROL
19156 16:07:01 (0) **
19157 16:07:01 (0) ** => The REMOVED ACE was part of the DEFAULT setup for the trustee.
19158 16:07:01 (0) ** Removing default security will cause some operations to fail!
19159 16:07:01 (0) ** It is possible to fix this issue by editing the security descriptor and adding the ACE.
19160 16:07:01 (0) ** For WMI namespaces, this can be done with 'WMIMGMT.MSC'.
19161 16:07:01 (0) **
19162 16:07:01 (0) ** WMI namespace security for 'ROOT/RSOP/COMPUTER': .................................................................... MODIFIED.
19163 16:07:01 (1) !! ERROR: Default trustee 'NT AUTHORITY\SYSTEM' has been REMOVED!
19164 16:07:01 (0) ** - REMOVED ACE:
19165 16:07:01 (0) ** ACEType: &h0
19166 16:07:01 (0) ** ACCESS_ALLOWED_ACE_TYPE
19167 16:07:01 (0) ** ACEFlags: &h12
19168 16:07:01 (0) ** CONTAINER_INHERIT_ACE
19169 16:07:01 (0) ** INHERITED_ACE
19170 16:07:01 (0) ** ACEMask: &h6003F
19171 16:07:01 (0) ** WBEM_ENABLE
19172 16:07:01 (0) ** WBEM_METHOD_EXECUTE
19173 16:07:01 (0) ** WBEM_FULL_WRITE_REP
19174 16:07:01 (0) ** WBEM_PARTIAL_WRITE_REP
19175 16:07:01 (0) ** WBEM_WRITE_PROVIDER
19176 16:07:01 (0) ** WBEM_REMOTE_ACCESS
19177 16:07:01 (0) ** WBEM_WRITE_DAC
19178 16:07:01 (0) ** WBEM_READ_CONTROL
19179 16:07:01 (0) **
19180 16:07:01 (0) ** => The REMOVED ACE was part of the DEFAULT setup for the trustee.
19181 16:07:01 (0) ** Removing default security will cause some operations to fail!
19182 16:07:01 (0) ** It is possible to fix this issue by editing the security descriptor and adding the ACE.
19183 16:07:01 (0) ** For WMI namespaces, this can be done with 'WMIMGMT.MSC'.
19184 16:07:01 (0) **
19185 16:07:01 (0) ** WMI namespace security for 'ROOT/RSOP/COMPUTER': .................................................................... MODIFIED.
19186 16:07:01 (1) !! ERROR: Default trustee 'NT AUTHORITY\AUTHENTICATED USERS' has been REMOVED!
19187 16:07:01 (0) ** - REMOVED ACE:
19188 16:07:01 (0) ** ACEType: &h0
19189 16:07:01 (0) ** ACCESS_ALLOWED_ACE_TYPE
19190 16:07:01 (0) ** ACEFlags: &h12
19191 16:07:01 (0) ** CONTAINER_INHERIT_ACE
19192 16:07:01 (0) ** INHERITED_ACE
19193 16:07:01 (0) ** ACEMask: &h20023
19194 16:07:01 (0) ** WBEM_ENABLE
19195 16:07:01 (0) ** WBEM_METHOD_EXECUTE
19196 16:07:01 (0) ** WBEM_REMOTE_ACCESS
19197 16:07:01 (0) ** WBEM_READ_CONTROL
19198 16:07:01 (0) **
19199 16:07:01 (0) ** => The REMOVED ACE was part of the DEFAULT setup for the trustee.
19200 16:07:01 (0) ** Removing default security will cause some operations to fail!
19201 16:07:01 (0) ** It is possible to fix this issue by editing the security descriptor and adding the ACE.
19202 16:07:01 (0) ** For WMI namespaces, this can be done with 'WMIMGMT.MSC'.
While the log asserts that it can be fixed with WMIMGMT.MSC, this application provides no clear solution on how it might be possible to restore these default trustees or their privileges.
Can anyone inform me how to do this?