none
Access Denied - get-wmiobject win32_service (Powershell)

    Question

  • Getting this error when doing get-wmiobject win32_service on the local computer, but not on a remote computer.
    This happens only when running under Windows Task Scheduler and a domain account; works fine when I run it interactively.

    11/13/2013 11:35:37 TRCW1 using local computer 11/13/2013 11:35:37 TRCE1 System.Management.ManagementException: Access denied at System.Management.ManagementException.ThrowWithExtendedInfo(ManagementStatus errorCode) at System.Management.ManagementObjectCollection.ManagementObjectEnumerator.MoveNext() at Microsoft.PowerShell.Commands.GetWmiObjectCommand.BeginProcessing()

    in PowerShell Code (the following is looping through a collection of servers and servicenames. 


    $error.clear()  #clear any prior errors, otherwise same error may repeat over-and-over in trace 
    if ($LocalServerName -eq $line.ServerName)
        {
           # see if not using -ComputerName on local computer avoids the "service not found" error 
           Add-Content $TraceFilename "$myDate TRCW1 using local computer " 
           $Service = (get-wmiobject win32_service -filter "name = '$($line.ServiceName)'")
        }
    else 
        {
           Add-Content $TraceFilename "$myDate TRCW2 using remote computer $($line.ServerName) not eq $LocalServerName" 
           $Service = (get-wmiobject win32_service -ComputerName $line.ServerName -filter "name = '$($line.ServiceName)'")
        }
    
    if ($error -ne $null) 
    {
        Write-Host "----> $($error[0].Exception) " 
        Add-Content $TraceFilename "$myDate TRCE1 $($error[0].Exception)" 
    }

    I'm reading a CSV of server names. I finally added the exception logic, to find I'm getting an "Access Denied". This was only happening on the local server. Seems almost backwards, the local server fails, whereas the remote servers work fine. I even changed logic to test to see if it was the local server, then tried leaving off the -ComputerName parms on the WMI (as shown in code above), and still getting error.

    So far, my research shows the answer may lie with

    set-item trustedhosts

    But my main question is whether trustedhosts is applicable to local servers, or only remote servers. Wouldn't a computer always trust itself? Does it still use remoting to talk to itself?

    This server apparently was part of a cluster a long time before I got here, and now it's not.

    I'm also suspicious of that.

    When I run interactively the script works fine, it's only when I schedule it and run it under a service account that it fails with the access denied. The Service Account is local Admin on that box.

    I'm using get-wmiobject win32_service instead of get-service because it returns extra info I need to lookup the process, and date/time the service was started using another WMI call.

    Running on Win 2008/R2. I have just verified that the problem happens on more than one server. [I took the scripts and ran them on another server.] My CSV input includes a list of servers to monitor. The ones outside of my own server always return results. The ones to my own server, that omit the -ComputerName fail. (I have tried with and without the -ComputerName parm for the local server).


    Thanks,
    Neal Walters



    • Edited by Neal Walters Thursday, November 14, 2013 4:19 PM
    Thursday, November 14, 2013 4:18 PM

Answers

All replies