Google Groups no longer supports new Usenet posts or subscriptions. Historical content remains viewable.
Dismiss

RpcPing and workstations?

568 views
Skip to first unread message

Gerry Hickman

unread,
Nov 13, 2009, 7:16:26 AM11/13/09
to
Hi,

I've been working with RpcPing to test machine availability for use with
WMI.

If I issue the RpcPing command without parameters related to security, it
works on all my servers, even across forests and domains.

RpcPing -s myserver
Completed 1 calls in 15ms
66 T/S or 15.000 ms/T

BUT

If I issue RpcPing against any workstation in any domain without security
related parameters, it fails, and yet I can issue WMI queries against these
machines.

RpcPing -s myworkstation
Exception 5 (0x00000005)
Number of records is: 1
ProcessID is 600
System Time is: 11/13/2009 12:5:29:180
Generating component is 2
Status is 0x5, 5
Detection location is 1750
Flags is 0
NumberOfParameters is 1
Long val: 0x5

So I'm trying to understand why I'm getting different results with RpcPing.

--
Gerry Hickman
London (UK)

Rong-Chun Zhang [MSFT]

unread,
Nov 16, 2009, 5:15:55 AM11/16/09
to
Hello Gerry,

Thank you for contacting Microsoft Support.

I can repro this issue with Windows WorkStations(Windows Vista and Windows
7). I am now discussing this issue with product team and I will be back to
you as soon as possible.

Best regards,
Rongchun Zhang (v-rz...@online.microsoft.com, remove 'online.')
Microsoft Online Community Support

Delighting our customers is our #1 priority. We welcome your comments and
suggestions about how we can improve the support we provide to you. Please
feel free to let my manager know what you think of the level of service
provided. You can send feedback directly to my manager at:
msd...@microsoft.com.

==================================================
Get notification to my posts through email? Please refer to
http://msdn.microsoft.com/en-us/subscriptions/aa948868.aspx#notifications.

Note: The MSDN Managed Newsgroup support offering is for non-urgent issues
where an initial response from the community or a Microsoft Support
Engineer within 1 business day is acceptable. Please note that each follow
up response may take approximately 2 business days as the support
professional working with you may need further investigation to reach the
most efficient resolution. The offering is not appropriate for situations
that require urgent, real-time or phone-based interactions or complex
project analysis and dump analysis issues. Issues of this nature are best
handled working with a dedicated Microsoft Support Engineer by contacting
Microsoft Customer Support Services (CSS) at
http://support.microsoft.com/select/default.aspx?target=assistance&ln=en-us.
==================================================
This posting is provided "AS IS" with no warranties, and confers no rights.

Gerry Hickman

unread,
Nov 16, 2009, 9:35:59 AM11/16/09
to
Hello Rong-Chun,

Thank you very much for the help with this. I look forward to better
understanding of the RPC mechanism, and why we get different results on
clients and servers.

--
Gerry Hickman
London (UK)

"Rong-Chun Zhang [MSFT]" <v-rz...@online.microsoft.com> wrote in message
news:8SEOQXqZ...@TK2MSFTNGHUB02.phx.gbl...

Rong-Chun Zhang [MSFT]

unread,
Nov 17, 2009, 7:08:55 AM11/17/09
to

Hello Gerry,

By discussing with product team, the reason why we cannot rpcping a
workstation without security related parameters is that Workstations don�t
allow anonymous RPC calls by default.

Regards,


Rongchun Zhang (v-rz...@online.microsoft.com, remove 'online.')
Microsoft Online Community Support

=================================================


Delighting our customers is our #1 priority. We welcome your comments and
suggestions about how we can improve the support we provide to you. Please
feel free to let my manager know what you think of the level of service
provided. You can send feedback directly to my manager at:
msd...@microsoft.com.

This posting is provided "AS IS" with no warranties, and confers no rights.
=================================================

Gerry Hickman

unread,
Nov 17, 2009, 4:03:06 PM11/17/09
to
Rong-Chun Zhang [MSFT] wrote:

> By discussing with product team, the reason why we cannot rpcping a

> workstation without security related parameters is that Workstations don�t


> allow anonymous RPC calls by default.

Interesting! Thank you for this update - it's very helpful. Can you tell
me more information:

1. Where do we find the setting to allow/deny anonymous RPC calls?
2. What is the correct syntax of rpcping to use when checking a remote
machine for WMI readiness?

Thanks.

> Regards,
> Rongchun Zhang (v-rz...@online.microsoft.com, remove 'online.')
> Microsoft Online Community Support
>
> =================================================
> Delighting our customers is our #1 priority. We welcome your comments and
> suggestions about how we can improve the support we provide to you. Please
> feel free to let my manager know what you think of the level of service
> provided. You can send feedback directly to my manager at:
> msd...@microsoft.com.
>
> This posting is provided "AS IS" with no warranties, and confers no rights.
> =================================================
>


--
Gerry Hickman (London UK)

Rong-Chun Zhang [MSFT]

unread,
Nov 19, 2009, 7:14:11 AM11/19/09
to
Hello Gerry,

Thanks for your feedback.

> Where do we find the setting to allow/deny anonymous RPC calls?

I've tried to set the following group policy, but it did work.
Computer Configuration\ Administrative Templates\System\Remote Procedure
Call\Restrictions for Unauthenticated RPC Clients

I will continue discussing with product team and get back to you as soon as
possible.

> What is the correct syntax of rpcping to use when checking a remote
machine for WMI readiness?

After discussing with product team, they suggest to use WMIC.EXE instead of
rpcping.exe.

Gerry Hickman

unread,
Nov 19, 2009, 3:03:39 PM11/19/09
to

Rong-Chun Zhang [MSFT] wrote:

> I've tried to set the following group policy, but it did work.
> Computer Configuration\ Administrative Templates\System\Remote Procedure
> Call\Restrictions for Unauthenticated RPC Clients
>
> I will continue discussing with product team and get back to you as soon as
> possible.

OK thanks. I'm just a bit confused about why it's different for servers
and clients and how to turn it on and off. I understand DCOM
permissions, but I think RPC is something different and I don't know how
to change RPC settings...

>> What is the correct syntax of rpcping to use when checking a remote
> machine for WMI readiness?
>
> After discussing with product team, they suggest to use WMIC.EXE instead of
> rpcping.exe.

The problem with using WMIC (or simply connecting to WMI) is that many
people have reported a long delay before receiving "The RPC server is
unavailable". When working with thousands of machines, we don't want
this delay. I do have a system that uses ICMP ping, but with the latest
Microsoft firewall settings, it's no longer useful.

I want to understand the security settings required by rpcping for WMI
operations, so I can create small "rpcping" application, something like
this:

RPC_STATUS status;
unsigned short *StringBinding;
RPC_BINDING_HANDLE BindingHandle;
status = RpcStringBindingCompose(NULL, // Object UUID
L"ncacn_ip_tcp", // Protocol sequence to use
L"MyServer.MyCompany.com", // Server DNS or Netbios Name
NULL,
NULL,
&StringBinding);
// Error checking ommitted. If no error, we proceed below
status = RpcBindingFromStringBinding(StringBinding, &BindingHandle);

// free string regardless of errors from RpcBindingFromStringBinding
RpcStringFree(&StringBinding);

the idea is to use lightweight code to test the communication channel
before starting calls to WMI...

Gerry Hickman

unread,
Nov 20, 2009, 4:31:58 AM11/20/09
to
"Gerry Hickman" <gerry...@newsgroup.nospam> wrote in message
news:OrRFkNVa...@TK2MSFTNGP05.phx.gbl...

> OK thanks. I'm just a bit confused about why it's different for servers
> and clients and how to turn it on and off.

I think I've worked out where the setting resides; it appears to be in the
DCOM access permissions list. On servers I see ANONYMOUS has "remote
access", but on clients it's "Local Only".

Rong-Chun Zhang [MSFT]

unread,
Nov 24, 2009, 6:55:30 AM11/24/09
to

Hello Gerry,

Thanks for your updates. I've send you a message to your mail box. Please
check and let me know if you've received it.

Gerry Hickman

unread,
Nov 24, 2009, 4:00:06 PM11/24/09
to

Rong-Chun Zhang [MSFT] wrote:
> Hello Gerry,
>
> Thanks for your updates. I've send you a message to your mail box. Please
> check and let me know if you've received it.

Thank you Rong-Chun, yes I received your message. As I mentioned above,
I have now found the setting that controls the ANONYMOUS access, so this
is now solved. In order to access client and server we must supply
security parameters.

> Regards,
> Rongchun Zhang (v-rz...@online.microsoft.com, remove 'online.')
> Microsoft Online Community Support
>
> =================================================
> Delighting our customers is our #1 priority. We welcome your comments and
> suggestions about how we can improve the support we provide to you. Please
> feel free to let my manager know what you think of the level of service
> provided. You can send feedback directly to my manager at:
> msd...@microsoft.com.
>
> This posting is provided "AS IS" with no warranties, and confers no rights.
> =================================================
>

scamb

unread,
Dec 18, 2009, 6:27:57 PM12/18/09
to
Hi All, hello Gerry!

I followed this thread with interest [I am fighting with wmi connections
since wmi appears :-( ]. Please allow me a question, I do not have any
clue about RPC programming.

The code, you demonstrated, connects it really to a remote machine via
RPC or is at just "fumbling" some strings/value to make such a call
possible? It it is the latter, do you have possibly some more code,
which makes really a connection? I am very interested and would need
to port such code to the C# language.

That woule be like the RpcPing you showed [but I would need
C# code].

Anyway, thanks a lot!

br--sca-mb

0 new messages