Reputation: 31
Windows command wmic give Access is denied
A Windows server 2008 R2 with the name "delta" use Workgroup "WORKGROUP" (So is not a member of a domain). On system "delta", beside account "administrator", another account "sysadmin" is created with account type Administrator. The other Windows system has the name "gamma". It is possible to access the system "delta" from system "gamma" with remote desktop. This access succeeds both with the accounts "administrator" and "sysadmin" and the corresponding passwords. From system "gamma", with the command, "wmic" data can be requested from system "delta". This works correctly with account "administrator".
C:>wmic
wmic:root\cli>/node:delta /user:administrator /password:xxxxx cpu get name
Name
Intel(R) Xeon(R) CPU E3-1220 V2 @ 3.10GHz
For account "sysadmin" the command "Dcomcnfg" is started on system "delta". Expand Component Service – Computers – My computer Open the properties of My Computer and select “COM Security” tab. Under COM Security, click "Edit Limits" for "Access Permissions". The account "sysadmin" got "Remote Access". Click "Edit Limits" for "Launch and Activation Permissions". The account "sysadmin" got "Remote Launch" and "Remote Activation" permissions.
Expand Component Service – Computers – My computer - CDOM Config Open the properties of "Windows Management and Instrumentation". Choice tab "Security" Click "Edit" for "Launch and Activation Permissions". The account "sysadmin" got "remote Launch" and "Remote Activation" permissions. Click "Edit" for "Access Permissions". The account "sysadmin" got "Remote Access" permissions.
Still, I get "Access is denied" with wmic from system "gamma" to system "delta".
C:>wmic
wmic:root\cli>/node:delta /user:sysadmin /password:yyyyy cpu get name
Node - delta
ERROR: Description = Access is denied
How can I solve this problem?
Upvotes: 1
Views: 10044
Answers (1)
Reputation: 31
I solved this problem by adding permission to account "sysadmin" on system "delta" with the tools "dcomcnfg" and "wmimgmt.msc".
DCOM permission
- Open Dcomcnfg
- Expand Component Service -> Computers -> My computer
- Go to the properties of My Computer
- Select the COM Security Tab
- Click on "Edit Limits" under Access Permissions.
- Click "Add" and add user "sysadmin".
- Give user "sysadmin" the "Local Access" and "Remote Access" permission.
- Click on the "Edit Limit" for the launch and activation permissions,
- Click "Add" and add user "sysadmin".
Give user "sysadmin" the "Remote Launch" and "Remote Activation" permission.
Open WMImgmt.msc
- Go to the Properties of WMI Control
- Go to the Security Tab
- Select "Root" "CIMV2" and open "Security"
- Add user "sysadmin"
- Ensure "sysadmin" has "Execute Methods", "Provider Write" and "Enable Account" right; ensure Administrators has all permission.
Upvotes: 2
Related Questions
- Access is denied. (Exception from HRESULT: 0x80070005 (E_ACCESSDENIED)
- C# with WMIC command
- WMIC return No Instance(s) Available when run directly .cmd file
- Windows 10 - WMIC/WMI Remote Access denied with local administrator
- Access is denied with (Win32PrioritySeparation)
- How to run wmic command in a batch file
- "Access is denied" Exception with WMI
- using wmic to create a process on localhost as a different user
- Access-Denied error upon using start-process
- Access Denied Problem in WMI for Windows XP only