"Access Denied 0x80070005" when connecting remotely via WMI using local administrator account

1

I'm working on a solution, where I want to rejoin a computer remotely to the domain if the domain trust is lost or for any other reason. In order to achieve this, I need to let WMI through the Firewall and set the needed security permissions for DCOM.

The firewall part works great, but I'm having issues with connecting to WMI using the local administrator account. I am getting an "Access Denied" error, and checking the DCOM security settings I can see that the administrator group has the correct permissions for remote administration.

Here's the current situation:

  • If I explicitily add the administrator account to the ACL list with same permissions as the administrator group it works
  • If I create a group, add the administrator account to the group and add the group to the ACL with same permissions as the administrator group it works
  • If I add another user to the administrator group and try to connect to WMI, it doesn't work
  • If I remove the administrator group from the ACL and re-add it with the same permissions it still doesn't work
  • If I create a user and add it to the ACL with same permissions as the administrator group it works.

Seems like for some reason the local administrator group does not work for setting the DCOM security permissions. Anyone seens this before and maybe have a possible solution? ;)

windows-7
windows
wmi
asked on Super User Nov 27, 2013 by Daniel Classon

0 Answers

Nobody has answered this question yet.


User contributions licensed under CC BY-SA 3.0