远程 WMI 连接

发布于 2024-09-10 18:16:32 字数 581 浏览 5 评论 0原文

我想使用本地网络上的 ManagementScope 从另一台电脑连接到运行 Windows 7 的远程电脑。在远程 PC 上，我创建了一个没有密码的新用户帐户“Samuel”，并设置为管理员。

ConnectionOptions options = new ConnectionOptions();
options.Username = "Samuel";
options.Password = "";

ManagementScope scope = new ManagementScope("\\\\192.168.0.2\\root\\cimv2", options);          
scope.Connect();

我得到的错误：

访问被拒绝。（例外情况来自 HRESULT：0x80070005（E_ACCESSDENIED））

更新：
设置使用密码后，出现新错误：

RPC 服务器不可用。（HRESULT 异常：0x800706BA）

原文

I want to connect to remote PC running Windows 7, from another PC using ManagementScope on a local network.
On remote PC I've created a new user account "Samuel" without password and set as administrator.

ConnectionOptions options = new ConnectionOptions();
options.Username = "Samuel";
options.Password = "";

ManagementScope scope = new ManagementScope("\\\\192.168.0.2\\root\\cimv2", options);          
scope.Connect();

The Error I get:

Access is denied. (Exception from
HRESULT: 0x80070005 (E_ACCESSDENIED))

Update:
After setting password for the use, I get new error:

The RPC server is unavailable.
(Exception from HRESULT: 0x800706BA)

分享到QQ

分享到微博

如果你对这篇内容有疑问，欢迎到本站社区发帖提问参与讨论，获取更多帮助，或者扫码二维码加入 Web 技术交流群。

发布评论

需要登录才能够评论，你可以免费注册一个本站的账号。

兰花执着 2024-09-17 18:16:32

也许是缺少“EnablePrivileges”：

scope.Options.EnablePrivileges = true;

来自 MSDN (ConnectionOptions. EnablePrivileges 属性）：

获取或设置一个值，指示
是否需要用户权限
启用连接操作。
该属性仅应在以下情况下使用
执行的操作需要一个
启用某些用户权限
（例如，机器重新启动）。

编辑：
如果不起作用，请尝试将 ImpersonationLevel 设置为“Impersonate”：

scope.Options.Impersonation = System.Management.ImpersonationLevel.Impersonate;

ImpersonationLevel 模拟：
模拟级 COM 模拟
允许对象使用的级别
调用者的凭据。这是
推荐的模拟级别
WMI 调用。

Maybe it's the missing 'EnablePrivileges':

scope.Options.EnablePrivileges = true;

From MSDN (ConnectionOptions.EnablePrivileges Property):

Gets or sets a value indicating
whether user privileges need to be
enabled for the connection operation.
This property should only be used when
the operation performed requires a
certain user privilege to be enabled
(for example, a machine restart).

Edit:
If it doesn't work, try setting the ImpersonationLevel to 'Impersonate':

scope.Options.Impersonation = System.Management.ImpersonationLevel.Impersonate;

ImpersonationLevel Impersonate:
Impersonate-level COM impersonation
level that allows objects to use the
credentials of the caller. This is the
recommended impersonation level for
WMI calls.

回复收藏 0 原文

红墙和绿瓦 2024-09-17 18:16:32

根据 TechNet 上的 WMI 常见问题解答，0x80070005 错误表示DCOM 问题：
<块引用>
0x80070005（DCOM ACCESS_DENIED）
当连接的用户无法识别或受到远程服务器以某种方式限制（例如，用户可能被锁定）时，会发生此错误。当帐户位于不同域时，这种情况最常发生。最近对 WMI 安全性的更改也可能导致发生此错误：
- Windows XP 和 Windows Server 2003 中不允许使用以前允许的空白密码。
- WMI 不允许对 Windows 98 客户端进行异步回调。从 Windows 98 计算机到 Windows XP 计算机的 SWbemServices.ExecNotificationQueryAsync 调用将导致 Windows 98 计算机返回“拒绝访问”错误。
- DCOM 配置访问设置可能已更改。
- 如果目标计算机运行的是 Windows XP，则注册表项 HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa 下的 Forceguest 值可能会设置为强制关闭来宾帐户（值为零）。
（虽然提到了 Windows XP，但这也可能适用于 Windows 7。）
0x800706BA 错误在其运行中表示防火墙问题：
<块引用>
0x800706xx（DCOM RPC 错误）
当远程计算机上配置了防火墙时，通常会发生这种情况。您需要在防火墙上打开适当的端口以允许使用 DCOM 进行远程管理。
尝试在远程计算机上的 Windows 防火墙中启用远程管理例外，看看是否有帮助。要从命令行执行此操作，请在提升的命令提示符中运行以下命令：
```
netsh advfirewall 防火墙设置规则组=“远程管理”新启用=yes
```
您还可以在 MSDN 上的“从 Windows Vista 开始远程连接到 WMI”文章。
此外，由于 Samuel 是非域帐户，因此您需要授予此帐户 DCOM 远程访问、远程启动 和 <远程计算机上的远程激活权限，如此处< /a>.

According to the WMI FAQ on TechNet, the 0x80070005 error indicates a DCOM issue:
0x80070005 (DCOM ACCESS_DENIED)
This error occurs when the connected user is not recognized or is restricted in some fashion by the remote server (for example, the user might be locked out). This happens most often when accounts are in different domains. Recent changes to WMI security can also cause this error to occur:
- Blank passwords, formerly permitted, are not allowed in Windows XP and Windows Server 2003.
- WMI does not allow asynchronous callbacks to a Windows 98 client. A call like SWbemServices.ExecNotificationQueryAsync from a Windows 98 computer to a Windows XP computer will result in an Access Denied error returned to the Windows 98 machine.
- The DCOM configuration access setting might have been changed.
- If the target computer is running Windows XP, the Forceguest value under the registry key HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa might be set to force the Guest account off (value is zero).
(Although Windows XP is mentioned, this may be applied to Windows 7 as well.)
The 0x800706BA error, in its rurn, indicates a firewall issue:
0x800706xx (DCOM RPC error)
This often occurs when a firewall is configured on the remote computer. You will need to open the appropriate ports on the firewall to permit remote administration using DCOM.
Try enabling the Remote administration exception in Windows Firewall on the remote computer and see if it helps. To do this from the command line, run the following command in the elevated command prompt:
```
netsh advfirewall firewall set rule group="remote admin" new enable=yes
```
You can also find the DCOM, UAC, Windows Firewall and other settings required for remote WMI access in the Connecting to WMI Remotely Starting with Windows Vista article on MSDN.
Also, since Samuel is a nondomain account, you need to grant this account DCOM Remote Access, Remote Launch and Remote Activation permissions on the remote computer as described here.

回复收藏 0 原文

甜中书 2024-09-17 18:16:32

您收到“访问被拒绝”的信息。因为您无法仅使用用户名查询作用域连接。您有 2 个选项：用户名和密码为 null 或输入用户名和密码。

您收到“RPC 服务器不可用”。因为防火墙不允许您查询该机器。您有 2 个选择：禁用防火墙或向其添加远程管理例外。

您可以在cmd中像这样添加防火墙例外：
较旧的 Windows 版本：

netsh 防火墙设置服务类型=远程管理模式=启用

较新的 Windows 版本：

netsh advfirewall 防火墙设置规则组=“Windows 远程管理”新启用=yes

如果您尝试使用域用户登录，请将用户名更改为domainName\username或设置连接属性connection.Authority =“ ntlmdomain:域名"。

回复收藏 0 原文

少女的英雄梦 2024-09-17 18:16:32

您确定可以在没有密码的情况下与帐户建立远程 WMI 连接吗？

此类帐户无法执行许多操作（例如共享文件、远程桌面）。尝试设置密码，看看是否有影响。

回复收藏 0 原文

像极了他 2024-09-17 18:16:32

您可能需要检查远程 Windows 7 PC 上的 WMI 安全设置。
右键单击计算机>管理>服务和应用> WMI控制>安全选项卡
并确保您使用的用户帐户具有 necc 权限。

回复收藏 0 原文

要走就滚别墨迹 2024-09-17 18:16:32

不确定是否因为 WMI 引擎未在远程计算机上侦听而被拒绝，或者是否存在其他登录/连接问题。

这是我用来连接到远程计算机的代码，它运行良好。也许它会对您有所帮助：

ConnectionOptions oConn = new ConnectionOptions();
ManagementScope oScope = null;

oConn.Username = txtLogin;
oConn.Password = txtPassword;
oConn.Authority = "ntlmdomain:" + txtDomain;

oScope = new ManagementScope("\\\\" + txtHostName + "\\root\\CIMV2", oConn);

oScope.Connect();

如果我的域名/登录名/密码三重奏被接受，那么 Connect() 将起作用。否则，Connect() 会引发异常。只要指定的凭据在该计算机上具有权限，您就应该关闭并运行。

Not sure if it is denied because the WMI engine isn't listening on the remote machine, or if you have other login/connection issues.

Here's the code I used to connect to my remote machine, and it is working perfectly. Maybe it will help you:

ConnectionOptions oConn = new ConnectionOptions();
ManagementScope oScope = null;

oConn.Username = txtLogin;
oConn.Password = txtPassword;
oConn.Authority = "ntlmdomain:" + txtDomain;

oScope = new ManagementScope("\\\\" + txtHostName + "\\root\\CIMV2", oConn);

oScope.Connect();

If my domain/login/password trio are accepted, then Connect() will work. Otherwise, Connect() throws an exception. As long as the specified credentials have permission on that machine, you should be off and running.

回复收藏 0 原文

丧 2024-09-17 18:16:32

尝试在用户名前添加域名或计算机名称（例如@“mshome\Samuel”）。

回复收藏 0 原文

你与昨日 2024-09-17 18:16:32

使用“net view \\servername”的解决方案

我知道使用控制台命令并对输出执行一些字符串操作不是很理想，但另一方面它确实有效并且不是很理想或者，至少对我来说，必须修改 DCOM 默认设置才能让 WMI 方式工作（至少在 Win7s 上）。

已在 Win7 和 XP 客户端以及 MS 和 Linux 服务器上进行了测试。

Function GetShares(ServerName As String) As List(Of String)
    Try
        Dim P As New Process
        Dim Read As Boolean = False
        Dim Str As String
        Dim Shares As New List(Of String)

        With P.StartInfo
            .FileName = "net"
            .Arguments = "view " & ServerName
            .RedirectStandardOutput = True
            .RedirectStandardError = True
            .CreateNoWindow = True
            .UseShellExecute = False
        End With
        P.Start()
        P.WaitForExit()

        If P.ExitCode <> 0 Then
            MsgBox(P.StandardError.ReadToEnd, MsgBoxStyle.OkOnly, "Error")
        Else
            Do Until P.StandardOutput.EndOfStream = True
                If Read = True Then
                    Str = P.StandardOutput.ReadLine
                    If Str = "The command completed successfully." Then Exit Do
                    Str = Strings.RTrim(Str) 'Removes any trailing spaces
                    Str = Strings.Mid(Str, 1, Strings.InStrRev(Str, " ")) 'remove Type
                    Str = Strings.RTrim(Str) ''Removes any trailing spaces
                    Shares.Add(Str)
                Else
                    If Strings.Left(P.StandardOutput.ReadLine, 10) = "----------" Then Read = True
                End If
            Loop
        End If
        Return Shares
    Catch ex As Exception
        MsgBox("Error in """ & System.Reflection.MethodInfo.GetCurrentMethod.Name & """: " & vbCr & ex.Message, MsgBoxStyle.OkOnly, "Runtime error")
        Debug.Print("--------------------------" & vbCr & "Error: " & ex.Message & vbCr & ex.StackTrace)
        Return Nothing
    End Try
End Function

Solution using "net view \\servername"

I know it's not very desirable to use a console command and do some string-gymnastic on the output, but on the other hand it does work and it's not very desirable either, at least for me, to have to mess around with the DCOM default settings to to get the WMI way to work (at least on Win7s).

Has been tested on Win7 and XP clients and MS- and linux server.

Function GetShares(ServerName As String) As List(Of String)
    Try
        Dim P As New Process
        Dim Read As Boolean = False
        Dim Str As String
        Dim Shares As New List(Of String)

        With P.StartInfo
            .FileName = "net"
            .Arguments = "view " & ServerName
            .RedirectStandardOutput = True
            .RedirectStandardError = True
            .CreateNoWindow = True
            .UseShellExecute = False
        End With
        P.Start()
        P.WaitForExit()

        If P.ExitCode <> 0 Then
            MsgBox(P.StandardError.ReadToEnd, MsgBoxStyle.OkOnly, "Error")
        Else
            Do Until P.StandardOutput.EndOfStream = True
                If Read = True Then
                    Str = P.StandardOutput.ReadLine
                    If Str = "The command completed successfully." Then Exit Do
                    Str = Strings.RTrim(Str) 'Removes any trailing spaces
                    Str = Strings.Mid(Str, 1, Strings.InStrRev(Str, " ")) 'remove Type
                    Str = Strings.RTrim(Str) ''Removes any trailing spaces
                    Shares.Add(Str)
                Else
                    If Strings.Left(P.StandardOutput.ReadLine, 10) = "----------" Then Read = True
                End If
            Loop
        End If
        Return Shares
    Catch ex As Exception
        MsgBox("Error in """ & System.Reflection.MethodInfo.GetCurrentMethod.Name & """: " & vbCr & ex.Message, MsgBoxStyle.OkOnly, "Runtime error")
        Debug.Print("--------------------------" & vbCr & "Error: " & ex.Message & vbCr & ex.StackTrace)
        Return Nothing
    End Try
End Function

回复收藏 0 原文

眸中客 2024-09-17 18:16:32

我也遇到了这个问题。我试图编写 C# 代码来从远程 PC 获取 WMI 信息和文件。并遇到了两个访问被拒绝错误：

长话短说，我必须对远程电脑进行更改。见下文：

0x80070005：访问被拒绝：
https://social.msdn.microsoft.com/Forums/vstudio/en-US/6229334e-d5ef-4016-9e7e-1c8718be8d43/access-is-拒绝异常来自 hresult-0x80070005-eaccessdenied-in-vbnet?forum=netfxbcl
System.Management：访问被拒绝：“使用 System.Management 和 WMI”部分：
https://support。 microsoft.com/en-us/help/317012/process-and-request-identity-in-asp.net