• No results found

Troubleshooting Guide

N/A
N/A
Info
Download
Protected

Academic year: 2021

Share "Troubleshooting Guide"

Copied!
12
0
0

Loading.... (view fulltext now)

Download now ( 12 Page )

Full text

(1)
(2)

© Copyright 2001-2012 EMCO Software

emcosoftware.com

Enable WMI after applying SP2 for XP

This tutorial will guide you on enabling WMI after applying Service Pack 2 for windows XP. For this you will have to configure Firewall on a machine on which you want to use WMI. Windows XP service Pack 2 comes up with a built in firewall that is enabled by default to minimize the chance of attacks on your machine.

The Windows Firewall that comes up with SP2 for Windows XP and DCOM (Distributed Component Object Model) can cause access denied errors when remote computers and accounts used for remote connections are not properly configured.

When obtaining data from a remote machine, WMI must establish a DCOM connection from local Computer to remote Computer. To establish this connection, both Windows Firewall and DCOM on Computer B must be configured correctly, to avoid access denial errors. The configuration must be done locally on remote machine by changing Group Policy settings, by executing NETSH commands, or by executing a script. Windows Firewall does not support any remote configuration.

The Windows Firewall service is dependent on WMI Winmgmt service. If WMI is stopped and restarted then you must restart Windows Firewall service. For example, you may need to stop WMI to rebuild a corrupted repository. To successfully connect from local machine to a remote machine when the Windows Firewall is enabled on remote machine, some configuration of DCOM security settings is necessary on both machines.

To enable WMI after installing SP2 on Windows XP

1. Ensure that the user account is a local administrator on remote machine.

2. Enable "Allow Remote Administration" for the user account. See the next section for more details on enabling "Allow Remote Administration".

3. If the user is not an administrator but has Remote Enable permission on remote machine, then the user also must be given DCOM Remote Launch privilege on remote machine by running Dcomcnfg.exe at command line. The 0x80070005 error occurs when this privilege is not set.

4. Enable Windows Firewall remote administration. See the last section at the end of this document for more details.

Enabling "Allow Remote Administration"

There are two different ways to enable "Allow Remote Administration". We will discuss both methods one by one.

Way I

(3)

3. Type cmd in the Open textbox.

4. Now click OK button.

5. Command Prompt will appear on the screen

6. Type in netsh firewall set service RemoteAdmin in command line.

Way II

Follow the steps use the Group Policy editor (Gpedit.msc) to enable "Allow Remote Administration". 1. Click the Run menu item shown under Start menu on your desktop.

(4)

© Copyright 2001-2012 EMCO Software

emcosoftware.com

3. Type Gpedit.msc in the Open textbox to launch Group Policy Editor.

4. Now click OK button.

5. Group Policy Editor Dialog box will appear on the screen.

6. Under the Local Computer Policy heading, open the Computer Configuration folder. 7. Open the Administrative Templates folder.

8. Open the Network folder.

(5)

10. Open the Windows Firewall folder.

11. If the computer is in the domain, then open the Domain Profile folder, otherwise open the Standard Profile folder.

12. Click on the Windows Firewall: Allow remote administration exception item. 13. Click on the Action menu and select Properties.

14. Select Enable radio button.

(6)

© Copyright 2001-2012 EMCO Software

emcosoftware.com

Enabling Windows Firewall remote administration

To enable Windows Firewall remote administration, perform the following steps. 1. Move to Control Panel.

(7)

3. Windows Firewall dialog box will appear on the screen. 4. Switch to the General Tab.

(8)

© Copyright 2001-2012 EMCO Software

emcosoftware.com

6. Switch to Exceptions tab.

7. Check the File and Printer Sharing checkbox.

(9)

9. Add Program dialog box will appear on the screen.

10. Click the Browse button.

11. File open dialog box will appear on the screen.

(10)

© Copyright 2001-2012 EMCO Software

emcosoftware.com

13. Click Change Scope button.

14. Change Scope dialog box will appear on the screen. 15. Click the My network (subnet) only radio button.

16. Click OK button.

(11)

18. Click Add Port button.

(12)

© Copyright 2001-2012 EMCO Software

emcosoftware.com

20. Type RPC\DCOM in the Port Name textbox. 21. Type 135 in the Port Number textbox. 22. Click TCP radio button to select it.

23. Click Change Scope button to set the scope of this port.

24. Change Scope dialog box will appear on the screen. 25. Click the My network (subnet) only radio button.

26. Click OK button.

References

Download now ( PDF - 12 Page - 521.87 KB )

Related documents

Before deploying SiteAudit it is recommended to review the information below. This will ensure efficient installation and operation of SiteAudit.

If Windows Firewall is enabled on Microsoft Windows XP, it must be configured to allow SiteAudit access to RIP, ICMP, SNMP, SQL Server, and the remote hosts for directly.

Setting up DCOM for Windows XP. Research

21 Expand the My Computer node on the Component Services dialog and select DCOM Config. If any DCOM Configuration warnings are displayed, click Yes to take the

AN-022 Protégé Client / Server DCOM Configuration Windows XP SP2

Service Pack 2 for Windows XP has also made some security enhancements to DCOM; two in particular need to be taken into consideration when using Protégé System Management Suite on

Configuring Windows Firewall for Remote Connection in Windows XP SP2:

Once you have completed entering the 4 Alnet Systems Ports above, your Exceptions window should look something like this.. Your Windows Firewall is now configured to accept

Configuring the Windows XP SP2/Vista Firewall for UserLock

In order to deploy Windows Firewall settings for these computers, you must add the Windows Firewall policy template (the Wfnt.adm file), configure Windows Firewall settings, and

Microsoft Windows DCOM Configuration. Windows XP SP3 and Server 2003 SP2 Configuration Guide

Ensure that the following Users / Groups are added and that all have Local and Remote Access allowed (this is the same as the Access permission configuration in the Default

Windows XP SP2 configuration

application-specific launch permission Access Control List needs to give the appropriate users activation rights so application and Windows components that use DCOM do not fail..

DCOM Configuration for Windows NT4, Windows 2000, Windows XP, and Windows XP Service Pack 2

‰ Under the Permissions for ANONYMOUS LOGON make sure that both Local Access and Remote Access Allow option are checked.. Chapter 5 – Windows XP DCOM Setup (Client &