Invoke-WmiMethod : Access denied when sending message to EC2 instances


I have a PowerShell script that stops all running instances, I want to add a message that pops up inside the instance to notify the user that the instance is shutting down and if possible accept or deny that. This is the complete code (as of right know only stops):

Get-EC2InstanceStatus | Out-File -filepath C:\Users\AGOJSO\Desktop\xd.txt
select-string -path "C:\Users\AGOJSO\Desktop\xd.txt" -Pattern 'i-.*$' | select line | out-file "C:\Users\AGOJSO\Desktop\xaxa.txt"
(Get-Content C:\Users\AGOJSO\Desktop\xaxa.txt) | ForEach-Object { $_ -replace 'InstanceId       :' } > C:\Users\AGOJSO\Desktop\xaxa.txt
(Get-Content C:\Users\AGOJSO\Desktop\xaxa.txt) | ForEach-Object { $_ -replace 'Line' } > C:\Users\AGOJSO\Desktop\xaxa.txt
(Get-Content C:\Users\AGOJSO\Desktop\xaxa.txt) | ForEach-Object { $_ -replace '----' } > C:\Users\AGOJSO\Desktop\xaxa.txt

foreach ($line in [System.IO.File]::ReadLines("C:\Users\AGOJSO\Desktop\xaxa.txt")) {
    Write-Host "$line"

$instanceIDArray = "i-0159d9e5a717cfb73", "i-012fef2b144ea0476"

( (Get-EC2Instance | ? { $_.instances.tag.value -match $instanceIDArray} ).Instances).InstanceID | Stop-EC2Instance $instanceIDArray

So now I need to interact via message with the user, I have tried it with this code with no luck, only works if I type localhost intead of the @IP:

$name = ""
$msg = "Enter your message "
Invoke-WmiMethod -Path Win32_Process -Name Create -ArgumentList "msg * $msg" -ComputerName $name

Error received:

Invoke-WmiMethod : Access denied. (Exeption HRESULT: 0x80070005 (E_ACCESSDENIED))

Thanks (:

asked on Stack Overflow Oct 25, 2018 by Jorge Luís Segura Oñate • edited Oct 25, 2018 by John Rotenstein

1 Answer


This is not unique to what you are doing with AWS instances. WMI security can get a bit finicky.

Well, that and The big drawback to the WMI cmdlets is that they use DCOM to access remote machines. DCOM isn’t firewall friendly, can be blocked by networking equipment, and gives some arcane errors when things go wrong.

Which is why in in the last few releases of Windows, CIM is being pushed.

Since PowerShellv3 CIM was the focus (it uses WSMAN vs DCOM) (PSv2 and below was all WMI), though many still continued to use WMI out of habit or the need to support v2 or below.

Even with MS Online, it's all PSCore (so learn to use it as well), and CIM focused. So, try and use Invoke-CimMethod instead.

So, give this a shot using Invoke-CimMethod instead of Invoke-WmiMethod, since DCOM requires additional host and firewall configurations in many cases.

See details on this error code here:

WMI troubleshooting

Access Denied errors that are reported by scripts and applications that access WMI namespaces and data generally fall into three categories. The following table lists the three categories of errors along with issues that might cause the errors and possible solutions.

0x80070005 – E_ACCESS_DENIED Access denied by DCOM security. The user does not have remote access to the computer through DCOM. Typically, DCOM errors occur when connecting to a remote computer with a different operating system version.

Give the user Remote Launch and Remote Activation permissions in dcomcnfg. Right-click My Computer-> Properties Under COM Security, click "Edit Limits" for both sections. Give the user you want remote access, remote launch, and remote activation. Then go to DCOM Config, find "Windows Management Instrumentation", and give the user you want Remote Launch and Remote Activation. For more information, see Connecting Between Different Operating Systems

answered on Stack Overflow Oct 25, 2018 by postanote

User contributions licensed under CC BY-SA 3.0