Re: Security woes
From: Kirk (Kirk.Mccann_at_NAV-INTERNATIONAL.com)
Date: 04/29/04
- Next message: ioda: "Re: Win32_Process and ExecutablePath"
- Previous message: Torgeir Bakken \(MVP\): "Re: WMI Ping help"
- In reply to: [MS] Scott McNairy: "Re: Security woes"
- Messages sorted by: [ date ] [ thread ]
Date: 29 Apr 2004 14:18:21 -0700
What was the final resolution for this issue?
I'm an attempting to do the same thing
Thanks,
Kirk
"[MS] Scott McNairy" <scotmc@online.microsoft.com> wrote in message news:<40871db9$1@news.microsoft.com>...
> Yes, a Moniker like you were using prior will execute as the user account
> who is executing the script. Or the WMI client.
>
> Ok, what you are hitting is most likely expected. The reason is that WMI
> enables all sorts of usages of the computer including rebooting, Logging
> off, creating file shares etc... this is why the Users group is not enabled
> remotely by default.
>
> However, you can enable a user on each computer that you want to if they are
> a member of the Users group on that computer. All you have to do is the
> following.
> right click "My Computer" on the target machine
> select "Manage"
> expand "Services and Applications"
> right click "WMI Control"
> select "properties"
> select "Security" tab
> Expand the "Root" node to the node that you want to apply security too and
> add that local user account to that machine. To access wmi from a remote
> location, you will need "remote enable" and "enable account" permissions to
> that namespace.
>
> An administrator should be able to connect to the box no matter what.
>
> --
> [MS] Scott McNairy
> WMI Test Engineer
> This posting is provided "As Is" with no warranties, and confers no rights.
> Use of included script samples are subject to the terms specified at
> http://www.microsoft.com/info/cpyright.htm
>
>
>
> "Hugo M. Ranea" <hmranea@shaw.ca> wrote in message
> news:uKtd%23B$JEHA.556@tk2msftngp13.phx.gbl...
> > [MS] Scott McNairy wrote:
> >
> > >From what I see, you are trying to use a moniker for remote access using
> a
> > >local user account correct?
> > >
> > >If that is the case, you will want to use the SWbemServices.ConnectServer
> > >call instead.
> > >
> > >set lctr = createObject("wbemScripting.SwbemLocator")
> > >set svc = lctr.ConnectServer("remotemachine", "remotemachine\user",
> > >"password")
> > >
> > >The security settings for domain users will need to be applied to each
> > >computer that you want to grant them access too.
> > >
> > >
> > >
> > Well, so far no luck, using ConnectServer I got the same problem in
> > different line:
> >
> > loService = loLocator.ConnectServer(lcComputer,
> > '\root\cimv2', lcDomain + "\" + lcUser, lcPassword)
> >
> > If I run the program everything goes fine, I can query my computer or
> > any other computer in the network without a problem, but, as soon as we
> > run the program in my co-worker's computer the loService line posted
> > fails misserably, although the User, Domain and Password are all right
> > (He can not even get it to work in his local computer this way,
> > something that worked with the other way)
> >
> > I am completely lost :(
> >
- Next message: ioda: "Re: Win32_Process and ExecutablePath"
- Previous message: Torgeir Bakken \(MVP\): "Re: WMI Ping help"
- In reply to: [MS] Scott McNairy: "Re: Security woes"
- Messages sorted by: [ date ] [ thread ]
Relevant Pages
|
