Re: Error 0x80070005 on XP to XP connection ... Desperation Time Help

89 views
Skip to first unread message

Gerry Hickman

unread,
Oct 14, 2004, 6:25:22 PM10/14/04
to
Hi,

I don't understand what you're trying to do. Is this a highly advanced
specialist system you're building, or are you just trying to get
"nromal" WMI working? Are you saying that normal WMI is working fine,
but your own hand-written C++ "WMI server" is not?

dharani babu wrote:

> Hi all
> I am running a C++ DCOM based WMI Server at an XP machine SP1 . The target
> machine is the same. I checked million times that the Administrator has all
> the available rights given - like Remote Enable , Read Write ..etc in the
> wmimgmt.msc console . I have another account also in the target machine
> which
> is a normal user ( Limited User ) which also has all the rights enabled for
> WMI connection . I am able to connect to the target machine with
> wmimgmt.msc's "connect to another computer" . It connects.
> also I used wmic to check that it returns values thro query like
> c:/wmic
> /user:"wmi"
> /password:****
> /process
> IT lists all the processes etc . when I ConnectServer() to the remote
> machine also it connects . But the ExecQuery() returns with 0x80070005 which
> means I dont ha the rights to execute this query . I tried chnaging the DCOM
> configuration thro dcomcnfg and checked that all the rights ha been alloted
> to the accounts. I also switched between LocalSecurites--> Classic/Guest
> Logon . Still I Have the same problem . I am totally helpless at the way WMI
> is treating me .
> I also have another problem . When I tried connecting to a remote NT
> machine ( Sp4 ) It connected and all worked well - But when I changed the
> Administrator password of the NT machine the WMI no longer connected to that
> system . If I changed the password back to old one (the password with which
> my first WMIconnection was enabled ) it works fine .!!! Bizarre problem . I
> hope there is some registry entry of the first password with which the WMI
> connection was established first . So it seems the subsequent password
> changes have not affected the change . Some where something is stored
> persistently . I tried re starting the system etc etc . But for no avail . I
> hope and request some one to help me out of these bizzare scenario ...
>
>
>


--
Gerry Hickman (London UK)

dharani babu

unread,
Oct 15, 2004, 5:09:14 AM10/15/04
to
Ivan
Thanks for your efforts . I am herewith pasting my code

1.HRESULT hres = CoInitializeSecurity(NULL, -1, NULL, NULL,
RPC_C_AUTHN_LEVEL_DEFAULT,
RPC_C_IMP_LEVEL_IMPERSONATE,
NULL, EOAC_NONE, 0)
( This succeeds)

2. hres = CoCreateInstance ( CLSID_WbemLocator, 0,
CLSCTX_INPROC_SERVER, IID_IWbemLocator,(LPVOID *) &pLoc );
(Succeeds)
3.hres = pLoc->ConnectServer(/*bstrNamespace*/pNamespace, bstrUsername,
bstrPassword, 0, NULL, 0, 0, &pWmiServ);
(Succeeds)

4. hres = CoSetProxyBlanket(pWmiServ ,
RPC_C_AUTHN_WINNT ,
RPC_C_AUTHZ_NONE ,
NULL,
RPC_C_AUTHN_LEVEL_CALL ,
RPC_C_IMP_LEVEL_IMPERSONATE ,
NULL,
EOAC_NONE);
(Succeeds)

5. hRes = pWmiServ->ExecQuery(qLang, query,0L, NULL,&pEnumServices)) == S_OK

Fails........with 0x80070005
If I checked the LocalSecurities-->Network access: Sharing and security
model for local accounts as "Guests...." the ConnectServer() itself fails .
If I keep the value as "Classic" then ConnectServer() succeeds but
ExecQuery() fails as said above .

Could you tell me the configurations I need to do in target system ?
Thanks a lot again
with regards and thanks



"Ivan Brugiolo [MSFT]" wrote:

> Did yoy try your scenario with WbemTest ?
> It's most likely a blanket issue with the IWbemServices pointer.
> So, can you post your CoInitializeSettings, and the code that you
> between the ConnectServer and the IWbemServices::ExecQuery ?
>
> --
> This posting is provided "AS IS" with no warranties, and confers no rights.
> Use of any included script samples are subject to the terms specified at
> http://www.microsoft.com/info/cpyright.htm
>
>
> "dharani babu" <dhara...@discussions.microsoft.com> wrote in message
> news:7BA8754E-CD78-4888...@microsoft.com...
> > Well
> > To put it right ...
> > I am able to connect to the target system with wmic console and ABLE to
> > query values . But my C++ ExecQuery is nto working at the remote Xp SP1
> > machine . I am using default authentication of
> > RPC_C_AUTHN_LEVEL_DEFAULT and impersonation of
> RPC_C_IMP_LEVEL_IMPERSONATE
> > . This C++ Server worked fine just few months before with another system
> .. I
> > even checked reconfiguring dcomcnfg and flipped between forceguest "guest"
> > and "Classic" but did not work fine . Every the API ConnectServer()
> connects
> > to the remote system but ExecQuery () returns 0x80070005. I hope you can
> > guide me thro this .

dharani babu

unread,
Oct 15, 2004, 5:21:02 AM10/15/04
to
Ivan
I tested with wbemtest and the results are given below :
I connected to the remote XP machine //210.210.124.76/root/cimv2
with user :"wmi" and password for it . Now it connected ( as it does with
wmic and my application ) Now I clicked the "Enum Classes" and then choose
"Immediate Only " now it pouplated a list of classes like
--NOtifyStatus
_PARAMETERS
_SecurityRelatedClass
_SystemSecurity
StdRegProv..etc
Now I clicked "Query" and typed "Select * from Win32_LogicalDisk" Now the
result is
Number : 0x80041010
Facility:WMI
Description: Invalid Class

So I hope this error is almost similar to 0x80070005 error which also means
ACCESS DENIED right ?
Pls advise me
regards and thanks in advance

"Ivan Brugiolo [MSFT]" wrote:

Ivan Brugiolo [MSFT]

unread,
Oct 15, 2004, 5:37:52 AM10/15/04
to
Can you enumerate first all the classes, with "select * from meta_class"
under root\cimv2 ?
You should have 500-800 classes on a healthy machine.
If you have very few classes in root\cimv2, try to mof-complie Cimwin32.mof.

For the access-denied error, see the other post.

--
This posting is provided "AS IS" with no warranties, and confers no rights.
Use of any included script samples are subject to the terms specified at
http://www.microsoft.com/info/cpyright.htm


"dharani babu" <dhara...@discussions.microsoft.com> wrote in message

news:BAC8FA45-6CF4-47BE...@microsoft.com...

Ivan Brugiolo [MSFT]

unread,
Oct 15, 2004, 5:34:51 AM10/15/04
to
You MUST use at least RPC_C_AUTHN_LEVEL_PKT as
the authentication level to talk with a WinXP or above box.
This was a change made in summer 2000 to mitigate
man-in-the-middle attacks on RPC.

I would also use the default authentication service,
or RPC_C_AUTHN_GSS_NEGOTIATE ,
since limiting to NTLM is bad in general.

--
This posting is provided "AS IS" with no warranties, and confers no rights.
Use of any included script samples are subject to the terms specified at
http://www.microsoft.com/info/cpyright.htm


"dharani babu" <dhara...@discussions.microsoft.com> wrote in message

news:0776DF0D-CFCA-404A...@microsoft.com...

dharani babu

unread,
Oct 15, 2004, 6:39:06 AM10/15/04
to
Ivan
When I changed params of CoInitializeSecurity() into
1. RPC_C_AUTHN_LEVEL_PKT,
RPC_C_AUTHN_LEVEL_CONNECT,- ExecQuery() returned the same 0x80070005
Then
2. RPC_C_AUTHN_LEVEL_PKT,
RPC_C_IMP_LEVEL_IMPERSONATE, ExecQuery() returned the same 0x80070005
Then into
3.RPC_C_AUTHN_GSS_NEGOTIATE,
RPC_C_IMP_LEVEL_DEFAULT, .. CoInitializeSecurity() failed .
then into
4.RPC_C_AUTHN_GSS_NEGOTIATE,
RPC_C_IMP_LEVEL_IMPERSONATE, . CoInitializeSecurity() failed .

regds and thanks in advance
Dharani babu S

"Ivan Brugiolo [MSFT]" wrote:

> ..

> ....

dharani babu

unread,
Oct 15, 2004, 5:59:05 AM10/15/04
to
Ivan Thanks again
I executed "select * from meta_class" and got less than 100 classes only .
The details it gave are :
60 Objects
Max: batch 10
Done

Now what is meant by
"try to mof-complie Cimwin32.mof." Should I compile the mof file again ?
this is new area for me . I will try it . Give me tips about it please
regds and thanks


"Ivan Brugiolo [MSFT]" wrote:

> ....

Ivan Brugiolo [MSFT]

unread,
Oct 15, 2004, 1:05:59 PM10/15/04
to
You really need to read DCOM book.
The recomended changes apply to CoSetproxyBlanket.

The authentication level in CoInitialzieSecurity regulated
the minimum authentication level fo incoming calls, not the outgoing ones.

--
This posting is provided "AS IS" with no warranties, and confers no rights.
Use of any included script samples are subject to the terms specified at
http://www.microsoft.com/info/cpyright.htm


"dharani babu" <dhara...@discussions.microsoft.com> wrote in message

news:E0E5FAB2-1F5A-49A2...@microsoft.com...

Alex

unread,
Oct 15, 2004, 9:34:48 AM10/15/04
to
You need to call
CoSetProxyBlanket(pIEnumWbemClassObject,
RPC_C_AUTHN_WINNT,RPC_C_AUTHZ_NONE, NULL, RPC_C_AUTHN_LEVEL_DEFAULT,
RPC_C_IMP_LEVEL_IMPERSONATE, m_pAuthIdentity, EOAC_NONE);

after ExecQuery, providing valid user credentials in pAuthIdentity.
Valid meaning having access to WMI on the target box.

Alex.

dharani babu <dhara...@discussions.microsoft.com> wrote in message news:<7BA8754E-CD78-4888...@microsoft.com>...


> Well
> To put it right ...
> I am able to connect to the target system with wmic console and ABLE to
> query values . But my C++ ExecQuery is nto working at the remote Xp SP1
> machine . I am using default authentication of
> RPC_C_AUTHN_LEVEL_DEFAULT and impersonation of RPC_C_IMP_LEVEL_IMPERSONATE

> . This C++ Server worked fine just few months before with another system . I

> even checked reconfiguring dcomcnfg and flipped between forceguest "guest"
> and "Classic" but did not work fine . Every the API ConnectServer() connects
> to the remote system but ExecQuery () returns 0x80070005. I hope you can
> guide me thro this .
>
>
> "Gerry Hickman" wrote:
>

Dharani Babu S

unread,
Oct 16, 2004, 2:17:04 AM10/16/04
to
Do you mean - I have to call CoSecutiryBlanket() *after* ExecQuery() ? IN
fact I am calling it right after ConnectServer() as below

CoSetProxyBlanket(pIEnumWbemClassObject,
RPC_C_AUTHN_WINNT,RPC_C_AUTHZ_NONE, NULL, RPC_C_AUTHN_LEVEL_CALL,
RPC_C_IMP_LEVEL_IMPERSONATE, NULL, EOAC_NONE);

I will have to work out this issue of pAuthority as you have mentioned .
Thanks

Alex

unread,
Oct 18, 2004, 1:18:48 PM10/18/04
to
Yes,
You need to call it *after* ExecQuery, you see, one of the params is
pIEnumWbemClassObject which you get from ExecQuery.
You need to set the security on the interface, that's the trick :)

Every time you get ACCESS_DENIED error the first thing I would do is
to try to CoSetProxyBlanket on the returning interface.

Alex.

"Dharani Babu S" <dharan...@hotmail.com.(donotspam)> wrote in message news:<76DAB39B-F81F-4BE8...@microsoft.com>...

Dharani Babu S

unread,
Nov 16, 2004, 7:54:02 AM11/16/04
to
Alex
Sorry for replying so late- was out of station . Ok .
I found that in fact ExecQuery() suceeds but only the pEnumService-->Next()
fails . So I tried settingthe

CoSetProxyBlanket(pIEnumWbemClassObject,
RPC_C_AUTHN_WINNT,RPC_C_AUTHZ_NONE, NULL, RPC_C_AUTHN_LEVEL_DEFAULT,
RPC_C_IMP_LEVEL_IMPERSONATE, m_pAuthIdentity, EOAC_NONE);

just *after* ExecQuery() ..but I am not yet able to set m_pAuthIdentity as
mentioned in msdn and not able to get any samples also . Could u pls paste me
the code to set m_pAuthIdentity ??
regds

Dharani Babu S

unread,
Nov 19, 2004, 4:33:02 AM11/19/04
to
Alex
Million Thanks to you . It solved my problems . In fact I faced problems in
retreiving data from all systems 2000 , NT and XP ...one with each kinda
problem ..All solved with introduction of blanket with pAuthIdendity ...cool
I hope I will post this solution as a comment for others to see
most codes dont use CoSetProxyBlanket() after execquery() which I feel is a
must...
Reply all
Reply to author
Forward
0 new messages