Re: WMI Query during sysprep mini-setup (XP SP1)
From: Torgeir Bakken \(MVP\) (Torgeir.Bakken-spam_at_hydro.com)
Date: 12/07/04
- Previous message: Peter Falz: "Re: WMI Query during sysprep mini-setup (XP SP1)"
- In reply to: Peter Falz: "Re: WMI Query during sysprep mini-setup (XP SP1)"
- Messages sorted by: [ date ] [ thread ]
Date: Tue, 07 Dec 2004 22:04:01 +0100
Peter Falz wrote:
> Hi Tristan,
>
> it looks like XP have some setting which complicates or forbidden the
> connection for WMI.
>
>
> HTH
> --------------------------
> Posting of "BP" in NG "microsoft.public.win32.programmer.wmi"
> --------------------------
> SOunds like you may be bitten by a security setting. I had a similar
> problem and one of the MS people pointed me to a default setting on XP
> workgroups.
> Open Administrative tool, Local Security Policy,Local Policies, Security
> Options
> Uner Network Access, Sharing and security model... make sure it is set to
> Classic. On XP Pro workstations in a workgroup, it defaults to "Guest"
> meaning all remote connections connect under the guest account, and you
> won't have enough secuirty level to run
>
> --------------------------
Hi,
Yes, Windows XP in a workgroup setting all connections coming from
"the network" will be authenticated as the Guest User.
This gives access problems for WMI connections and shares access,
other DCOM services and RPC services as well.
Note that for WinXP Home you cannot disable the ForceGuest behavior
(only in WinXP Pro).
A direct registry edit is also possible to change this setting:
HOWTO: Validate User Credentials on Microsoft Operating Systems
http://support.microsoft.com/default.aspx?scid=KB;EN-US;180548
<quote>
On Windows XP, the ForceGuest registry value is set to 1 by default in
the following registry key:
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa
On a Windows XP computer that is a member of a workgroup:
If ForceGuest is enabled (set to 1), SSPI will always try to log on
using the Guest account.
If the Guest account is enabled, an SSPI logon will succeed as Guest
for any user credentials.
If the Guest account is disabled, an SSPI logon will fail even for
valid credentials.
If ForceGuest is disabled (set to 0), SSPI will log on as the specified
user.
</quote>
More about ForceGuest here as well:
How to Set Security in Windows XP Professional That Is Installed
in a Workgroup
http://support.microsoft.com/default.aspx?scid=kb;en-us;290403
SMTP Authentication Configuration on Windows XP Professional Edition
http://support.microsoft.com/default.aspx?scid=kb;en-us;304707
-- torgeir, Microsoft MVP Scripting and WMI, Porsgrunn Norway Administration scripting examples and an ONLINE version of the 1328 page Scripting Guide: http://www.microsoft.com/technet/scriptcenter/default.mspx
- Previous message: Peter Falz: "Re: WMI Query during sysprep mini-setup (XP SP1)"
- In reply to: Peter Falz: "Re: WMI Query during sysprep mini-setup (XP SP1)"
- Messages sorted by: [ date ] [ thread ]
Relevant Pages
|
