Reputation: 928
Access denied on wmi query to root\MicrosoftIISV2 with Administrator
I'm doing a wmi query to check whether a IIS pool is running. Via powershell, the query works
Get-WmiObject `
-Credential (Get-Credential) `
-ComputerName MyMachine `
-Namespace root\MicrosoftIISV2 `
-Query "select * from IISApplicationPoolSetting where Name='W3SVC/APPPOLLS/MyPool'"
Via C#, I get a ManagementException with the ErrorCode AccessDenied
var ms = new ManagementScope($@"\\{myMachine}\root\MicrosoftIISV2", new ConnectionOptions
{
Username = $".\\Administrator",
SecurePassword = Secure("adminPwd")
});
var query = "SELECT * FROM IISApplicationPoolSetting where name='W3SVC/APPPOLLS/MyPool'";
using (var searcher = new ManagementObjectSearcher(ms, new SelectQuery(query)))
{
var objects = searcher.Get(); // throws here
}
The user in both cases is the machine Administrator account. I'm hoping this won't be necessary by setting the correct permissions.
I'm also checking the status of windows services by doing a query to the root\cimv2 namespace and the Win32_Service class and it works perfectly in both aproaches.
Before I could get any approach working, I had to disable remote UAC.
Set-ItemProperty `
-Path HKLM:\Software\Microsoft\Windows\CurrentVersion\Policies\System `
-Name LocalAccountTokenFilterPolicy -Value 1 -Type DWORD
My questions are related to permissions/privileges:
- Why do I get the AccessDenied Exception with the Administrator user? How can I debug this?
- Is disabling the remote UAC strictly necessary?
- Is using the Administrator account or an user in the Administrators group unavoidable?
Upvotes: 2
Views: 1535
Answers (1)
Reputation: 928
I think I got a part of it.
new ConnectionOptions
{
Username = ".\\localAdministrator",
SecurePassword = Secure("localAdminPwd"),
Authentication = AuthenticationLevel.PacketPrivacy
}
With the PacketPrivacy option, there is no exception no more, and I can use a local administrator (just a user in the Administrators group).
I'm not sure what this option does and why it's needed but it solved my main problem. If anyone understands this well enough to explain I still can mark the answer as accepted.
I'll keep exploring about the permissions to find out exactly what permissions are needed.
Upvotes: 1
Related Questions
- Access is denied. (Exception from HRESULT: 0x80070005 (E_ACCESSDENIED)
- "get-wmiobject win32_process -computername" gets error "Access denied , code 0x80070005"
- Windows 10 - WMIC/WMI Remote Access denied with local administrator
- WMI - 'Access Denied' exception thrown while reading IIS applications in remote domain machine
- "Access is denied" Exception with WMI
- Suppressing fatal error (access denied)
- How to troubleshoot "Get-WmiObject : Access is denied."?
- Why do Powershell queries on remote machine throwing access denied errors?
- Access-Denied error upon using start-process
- WMI access denied error when query remote computer from ASP.NET