tags:

views:

2374

answers:

3
+2  Q: 

Remote WMI with Windows XP SP3

A fresh Windows XP SP3 install does not allow remote WMI access like Windows XP SP2 does.

If I follow the steps in the "How to troubleshoot WMI-related issues in Windows XP SP2" document at http://support.microsoft.com/kb/875605 I'm unable to get SP3 to respond to a remote WMI request.

Every request, even to the built-in Administrator account, a new account in the Administrators group, or even a new account not in the Administrators group but given access to remote DCOM & the WMI namespace as described in the Microsoft document all return error code 0x80070005, Access is denied.

To verify I didn't have a goofy system configuration, I installed a fresh Windows XP SP3 image (using the .ISO image from MSDN) and performed no configuration changes save enabling RemoteAdmin through the Firewall. The Access is denied behavior was seen in this scenario as well.

What changed in Windows XP SP3 to remote DCOM / WMI access and how best to enable it?

A: 

I'm not sure if RemoteAdmin is the one you need to turn off or not in the firewall.

One suggestion would be to turn off the firewall completely first and try that. If it works, then you know it is the firewall. If this is the case, then I would try adding port tcp 135 directly and try again.

You may also try using telnet [ip address of XP_SP3 machine] 135 and see if you can establish the connection.

Hope this helps.

Tommy Hui  2009-02-20 18:57:18
Yep, RemoteAdmin is the right component for the firewall. With the firewall off the same behavior is seen. If the firewall is getting in the way I'd expect a timeout or similar error instead of an quick Access is denied error.
chadwick  2009-02-20 20:56:09
A: 

Supposedly SP3 does not check 'Enable Distributed COM on this computer'. Get into Component Services (dcomcnfg.exe) Component Services, Computers. Right click 'My Computer' and go to properties. 'Default Properties' is the tab you want. I have also heard that changing the DTC Logon account to NT AUTHORITY\NetwerkService (note the e instead of an o) will work. You can find this under the MSDTC tab, Security Configuration following the same path to My Computer.

We solved something very similar by using these tricks. Hope this helps.

Terry  2009-02-20 19:08:12
Looks like Enable Distributed COM on this computer was already enabled here. :(
chadwick  2009-02-20 21:34:33
+2  A: 

It turns out the issue wasn't specific to SP3, but rather the lack of these systems being in a domain.

If XP isn't in a domain then the "Use Simple File Sharing" option, found in the Folder Options control panel applet, works it magic. If this option is enabled (the default) all file sharing connections are done with the guest user credential, but this also is applied to incoming DCOM connections as well.

Disabling this option allows DCOM connections to be verified as expected.

chadwick  2009-02-23 19:16:13

related questions

Verifying files for testing
How do you create your own moniker (URL Protocol) on Windows systems?
Windows Equivalent of 'nice'
Is this a good way to determine OS Architecture?
Dual vs. Quadcore on a Webserver
Is there a WMI Redistributable Package?
PHP Error - Uploading a file
Ruby On Rails with Windows Vista - Best Setup?
OpenVPN Config file to prevent timeout
How can I create Debian install packages in Windows for a Visual Studio project?
How do I configure and communicate with a serial port?
What's the best setup for Mono development on Windows?
Appropriate pagefile size for SQL Server
XML Editing/Viewing Software
Linux shell equivalent on IIS
What is a better file copy alternative than the Windows default?
Windows Help files - what are the options?
Heap corruption under Win32; how to locate?
Best way to access Exchange using PHP?
Get a preview jpeg of a pdf on windows?
WinForms ComboBox data binding gotcha
How do you schedule tasks in Windows?
Register Windows program with the mailto protocol programmatically
Embedding Windows Media Player for all Browsers
Best Subversion clients for Windows Vista (64bit)