I have been writing an application to get the details of remote machine like OS Name, Logon User Name etc using WMI Classes.
In our network we have machines with Windows XP, Windows Vista Windows 7.
I am able to get the informations for all windows 7 and windows vista machines.
But the problem here is i am not able to get the informations for windows XP machines.
Every time i am getting the following exception
Access is denied. (Exception from HRESULT: 0x80070005 (E_ACCESSDENIED))
I have gone through the net but no help. I have done all the steps mentioned in the following link
http://support.microsoft.com/kb/875605.
But no luck still i am not able to solve the problem.
I have domain username with administrator privilages.
Below is the code that i have used. (C#)
private void GetRemoteComputerInfo(string compName)
{
ObjectGetOptions oc = new ObjectGetOptions();
try {
ConnectionOptions connOptions = new ConnectionOptions();
connOptions.Username = "domain\\domainUserName";
connOptions.Password = "domainUserPass";
connOptions.Authority = "kerberos:domain\\" + compName;
connOptions.Impersonation = ImpersonationLevel.Impersonate;
connOptions.EnablePrivileges = true;
ManagementScope msc;
if (compName == Environment.MachineName)
msc = new ManagementScope("\\\\" + compName + "\\root\\cimv2");
else
msc = new ManagementScope("\\\\" + compName + "\\root\\cimv2", connOptions);
msc.Connect();
ManagementClass mc = new ManagementClass("Win32_ComputerSystem");
mc.Scope = msc;
//collection to store all management objects
ManagementObjectCollection moc = mc.GetInstances();
if (moc.Count != 0) {
foreach (ManagementObject mo in mc.GetInstances()) {
Console.WriteLine(string.Format("\nMachine Make: {0}\nMachine Model: {1} System Type: {2} Host Name: {3} Logon User Name: {4}{5}",
mo["Manufacturer"].ToString(),
mo["Model"].ToString(),
mo["SystemType"].ToString(),
mo["DNSHostName"].ToString(),
mo["UserName"].ToString(),
Environment.NewLine));
}
}
}
catch (Exception e) {
Console.WriteLine("{0}: {1}", e.GetType().Name, e.Message);
}
}
Please help me to solve the problem.
Prasad, in the past i have a similar issue related to the WMI DCOM permission, and was resolved following the instructions of these these two links.
Troubleshooting Error Code 80070005 - Access Denied
Securing a Remote WMI Connection
Related
I created a small application which has only one mission to make. It's to get remote computer's information. It works on release & debugs modes very fine. When I use it inside a ".net core" project the application gives "Access denied" error.
What I found so far.
If the cmd.exe run as SYSTEM, the application gives "Access denied" error, but in user mode, it works.
How can I use WMI in SYSTEM mode? What I do wrong?
ConnectionOptions options = new ConnectionOptions
{
Impersonation = ImpersonationLevel.Impersonate,
Authentication = AuthenticationLevel.PacketIntegrity,
EnablePrivileges = true,
SecurePassword = the_secure_password_of_remote_computer,
Username = the_username_of_remote_computer
};
var scope = new ManagementScope(#"\\" + the_ip_address_of_remote_computer +
#"\root\cimv2", options);
try
{
scope.Connect();
if (scope.IsConnected)
{
return true;
}
else
{
false;
}
} catch(Exception exception)
{
// I got the exception here.
Console.WriteLine("Exception|{0}", exception.Message);
return false;
}
I used Marshalling to solve this.
Here: http://rzander.azurewebsites.net/create-a-process-as-loggedon-user/
I use the Microsoft.Management.Infrastructure namespace to connect to remote computers to get WMI information and it works. But when I try to connect to a non-domain PC it does not work. Can anyone pinpoint what I am doing wrong.
Here is the code:
string computer = "Computer_B";
string domain = "WORKGROUP";
string username = ".\\LocalAdminUserName";
string plaintextpassword;
Console.WriteLine("Enter password:");
plaintextpassword = Console.ReadLine();
SecureString securepassword = new SecureString();
foreach (char c in plaintextpassword)
{
securepassword.AppendChar(c);
}
CimCredential Credentials = new
CimCredential(PasswordAuthenticationMechanism.Default, domain,
username,securepassword);
WSManSessionOptions SessionOptions = new WSManSessionOptions();
SessionOptions.AddDestinationCredentials(Credentials);
CimSession Session = CimSession.Create(computer, SessionOptions);
var allVolumes = Session.QueryInstances(#"root\cimv2", "WQL", "SELECT * FROM Win32_LogicalDisk");
// Loop through all volumes
foreach (CimInstance oneVolume in allVolumes)
{
Console.Writeline(oneVolume.CimInstanceProperties["SystemName"].Value.ToString());
}
I am not sure what to take as paramaters for domain and username for a local computer. I have already done/tryed the following:
run winrm quickconfig on the remote local computer
use PasswordAuthenticationMechanism.Negotiate cause I have read Kerberos only
works for domain users and password
added the computer I run the code on to the TrustedHosts on the local computer with winrm config. Also tryed adding * to the TrustedHosts
Used for username="computer_B\LocalAdminUserName". I have also tryed with domain=""
Any suggestions what I am doing wrong?
The error I keep getting is: WinRM cannot process the request. The following error with error code 0x8009030e occurred while using Negotiate authentication: A specified logon session does not exist. It may already have been terminated.
This can occur if the provided credentials are not valid on the target server, or if the server identity could not be verified. If you trust the server identity, add the server name to the TrustedHosts list, and then retry the request. Use winrm.cmd to view or edit the TrustedHosts list. Note that computers in the TrustedHosts list might not be authenticated. For more information about how to edit the TrustedHosts list, run the following command: winrm help config.
Try out the code below, this is working on impersonation logic.
ConnectionOptions cOption = new ConnectionOptions();
ManagementScope scope = null;
Boolean isLocalConnection = isLocalhost(machine);
if (isLocalConnection)
{
scope = new ManagementScope(nameSpaceRoot + "\\" + managementScope, cOption);
}
else
{
scope = new ManagementScope("\\\\" + machine + "\\" + nameSpaceRoot + "\\" + managementScope, cOption);
}
if (!String.IsNullOrEmpty(ACTIVE_DIRECTORY_USERNAME) && !String.IsNullOrEmpty(ACTIVE_DIRECTORY_PASSWORD) && !isLocalConnection)
{
scope.Options.Username = ACTIVE_DIRECTORY_USERNAME;
scope.Options.Password = ACTIVE_DIRECTORY_PASSWORD;
}
scope.Options.EnablePrivileges = true;
scope.Options.Authentication = AuthenticationLevel.PacketPrivacy;
scope.Options.Impersonation = ImpersonationLevel.Impersonate;
scope.Connect();
I am trying to create an application that uses WMI to retrieve information about a computer on my local network. When I run it, I get an access denied error. Here is the code:
private void GetHDDdetails()
{
ConnectionOptions options = new ConnectionOptions();
options.Username = "username";
options.Password = "password";
options.Impersonation = ImpersonationLevel.Impersonate;
ManagementScope oMs = new ManagementScope("\\\\remoteHostName\\root\\cimv2", options);
ObjectQuery oQuery = new ObjectQuery("SELECT Size FROM Win32_DiskDrive");
ManagementObjectSearcher oSearcher = new ManagementObjectSearcher(oMs, oQuery);
ManagementObjectCollection oCollection = oSearcher.Get();
foreach (ManagementObject obj in oCollection)
{
hddBox.Text = obj["Size"].ToString();
}
}
I have replaced some of the info above, such as user name and password, with placeholders for this post.
Some of the things I have tried is this: Disabling firewall on both machines, making sure TCP NetBIOS service and RCP and WMI services are running on both. The account I am using is an administrator on the local computer. Everything I have found online tells me to check these, but it is obviously something else.
If someone can point me in the right direction, that would be great.
Please check using wbemtest that you can access the information from remote machine. And i hope you are replacing remoteHostName properly.
And make changes to authentication level, if you can.
scope.Options.EnablePrivileges = true;
scope.Options.Authentication = AuthenticationLevel.PacketPrivacy;
I want to open process pon remote machine, this remote machine is inside local network.
I try this command and in the remote machine nothing happen, this user that i connect with have administrators rights.
Both machines running Windows 7
static void Main(string[] args)
{
try
{
//Assign the name of the process you want to kill on the remote machine
string processName = "notepad.exe";
//Assign the user name and password of the account to ConnectionOptions object
//which have administrative privilege on the remote machine.
ConnectionOptions connectoptions = new ConnectionOptions();
connectoptions.Username = #"MyDomain\MyUser";
connectoptions.Password = "12345678";
//IP Address of the remote machine
string ipAddress = "192.168.0.100";
ManagementScope scope = new ManagementScope(#"\\" + ipAddress + #"\root\cimv2", connectoptions);
//Define the WMI query to be executed on the remote machine
SelectQuery query = new SelectQuery("select * from Win32_process where name = '" + processName + "'");
object[] methodArgs = { "notepad.exe", null, null, 0 };
using (ManagementObjectSearcher searcher = new
ManagementObjectSearcher(scope, query))
{
foreach (ManagementObject process in searcher.Get())
{
//process.InvokeMethod("Terminate", null);
process.InvokeMethod("Create", methodArgs);
}
}
Console.ReadLine();
}
catch (Exception ex)
{
//Log exception in exception log.
//Logger.WriteEntry(ex.StackTrace);
Console.WriteLine(ex.StackTrace);
}
}
you are not opening a process with that code but you are enumerating all the running process named "iexplore.exe" and close them.
I think an easier, better way is to use SysInternals PsExec or the Task Scheduler API
If you want to use WMI your code should look like this:
object theProcessToRun = { "YourFileHere" };
ManagementClass theClass = new ManagementClass(#"\\server\root\cimv2:Win32_Process");
theClass.InvokeMethod("Create", theProcessToRun);
----------In reply to your comment------------------
First of all you need to change your attitude and approach to coding and read the code that your are copy/pasting.
Then you should study a little more about programming languages.
No I will not write the code for you. I gave you an hint to point to the right direction. now it is your turn to develop it. Have fun!!
This is script that i did for my company before this using vbs script. can search the net to convert it to C# or etc. Fundamental of the steps and how to start a service using WMI. Have a nice coding and have fun.
sUser = "TESTDomain\T-CL-S"
sPass = "Temp1234"
Set ServiceSet = GetObject("winmgmts:").ExecQuery("Select * from Win32_Service where Name = 'netlogon'")
For Each Service In ServiceSet
Service.StopService
Service.Change "netlogon",Service.PathName, , ,"Automatic",false,sUser,sPass
Service.StartService
Next
Set Service = Nothing
Set ServiceSet = Nothing
I am developing a C# program to remotely uninstall an application. It works fine but the problem is that it does not list all of the installed products on a particular selected computer.
The code for listing the installed product using WMI is :
void ListAllProducts()
{
try
{
ConnectionOptions connection = new ConnectionOptions();
connection.Username = Connect.UserName;
connection.Password = Connect.Password;
connection.Authority = "ntlmdomain:MSHOME";
ManagementScope scope = new ManagementScope("\\\\"+ Connect.MachineName +"\\root\\CIMV2", connection);
scope.Connect();
ObjectQuery query = new ObjectQuery("SELECT * FROM Win32_Product");
ManagementObjectSearcher searcher = new ManagementObjectSearcher(scope, query);
System.Threading.Thread.Sleep(5000);
foreach (ManagementObject queryObj in searcher.Get())
{
listBox4.Items.Add(queryObj["Name"].ToString());
listBox2.Items.Add (queryObj["Name"].ToString ());
listBox1.Items.Add(queryObj["IdentifyingNumber"].ToString());
listBox3.Items.Add(queryObj["Version"].ToString());
}
}
catch (ManagementException e)
{
MessageBox.Show("An error occurred while querying for WMI data: " + e.Message);
}
}
The code for uninstalling all product is :
void UninstallProduct()
{
try
{
ConnectionOptions connection = new ConnectionOptions();
connection.Username = Connect.UserName;
connection.Password = Connect.Password;
connection.Authority = "ntlmdomain:MSHOME";
ManagementScope scope = new ManagementScope("\\\\"+Connect.MachineName +"\\root\\CIMV2", connection);
scope.Connect();
ManagementObject classInstance = new ManagementObject(scope, new ManagementPath ("Win32_Product.IdentifyingNumber='"+listBox1.Text +"',Name='"+listBox2.Text+"',Version='"+ listBox3.Text+"'"),null);
// no method in-parameters to define
// Execute the method and obtain the return values.
ManagementBaseObject outParams =
classInstance.InvokeMethod("Uninstall", null, null);
// List outParams
MessageBox.Show ("Uninstallation Starts");
}
catch(ManagementException err)
{
MessageBox.Show("An error occurred while trying to execute the WMI method: " + err.Message);
}
}
Please help me out to list all the products installed on the selected machine and to uninstall it without the consent of the user of that selected machine.
I believe your question relates to knowing which applications are installed on a remote machine. Once you know that, you can use your code to uninstall them. With that being the case, here is a link to an article on how to list all of the applications (with their uninstall information) on a remote computer:
http://mdb-blog.blogspot.com/2010/12/c-check-if-programapplication-is.html
The WMI Win32_Product only represents products that are installed by Windows Installer. To get a list of all installed products, you need to enumerate the subkeys of the SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall registry key. To do this remotely, you can use the WMI registry class StdRegProv class. TechNet includes sample scripts that show how this can be done, and which you can adapt to your particular needs:
How do I list all the installed applications on a given machine?
List Installed Software