Reputation: 343
Remote process spawned via WMI cannot access Net.Tcp Port sharing
Our application needs to spawn a process on a remote machine (under the same domain as the client machine) as the current (non-admin) user and have that remote process communicate back to the client via WCF. We are using the WMI classes under System.Management to launch the remote process. My problem is that, when launched this way, the remote process encounters an access denied error when trying to use the Net.Tcp port sharing service. We are fairly experienced with the issues surrounding WCF and TCP port sharing under Windows and know about the various pitfalls you can encounter when trying to modify SMSvcHost.exe.config. The same process, run manually on the same machine as the same user, works fine. It is only when launched via WMI that the problem occurs. The exact exception is:
System.ServiceModel.CommunicationException: The service endpoint failed to listen on the URI 'net.tcp://localhost/blah' because access was denied. Verify that the current user is granted access in the appropriate allowAccounts section of SMSvcHost.exe.config. ---> System.ComponentModel.Win32Exception: Access is denied
I realize this is the same exception you would get if port sharing is not configured correctly for the current user, so I'd just like to stress again that port sharing has been configured and so would like to avoid answers that refer me to links explaining how to set it up. Both the individual user account SID and several of its groups have been added. This problem specifically has to do with a process that is spawned remotely via WMI. I assume that the WMI-spawned process must have some slightly different security context that is preventing it from accessing port sharing but I can't determine what the critical difference is.
Here is the code on the client side that spawns the remote process:
private void SpawnRemoteService(string host, string cmd, string args)
{
ManagementScope scope = new ManagementScope(@"\\" + host + @"\root\cimv2");
var path = new ManagementPath("Win32_Process");
using (var proc = new ManagementClass(scope, path, null))
{
using (var start = new ManagementClass("Win32_ProcessStartup"))
{
using (var createParams = proc.GetMethodParameters("Create"))
{
createParams["CommandLine"] = String.Format("{0} {1}", cmd, args);
createParams["ProcessStartupInformation"] = start;
using (var ret = proc.InvokeMethod("Create", createParams, null)) ;
}
}
}
}
The remote process starts, but when it tries to create the ServiceHost object, it gets the above exception and dies.
Upvotes: 4
Views: 254
Answers (0)
Related Questions
- Start process with WMI on remote machine from a share on another remote machine
- Executing Process on a remote Machine c#
- C# - Windows Service - Remote WMI query throws error: RPC not found
- C# - WMI InvalidOperationException when trying to run a script on a remote machine
- Access denied when reading / writing to network location as a remote process
- Win32_Process create on remote machine with the target on a share
- Connect to WMI of remote machine when running as a service
- Specify that a remote process created by wmi should interact with the desktop
- Remote process creation using WMI and Win32_Process
- Issues with launching a remote process from C#