Workflow Runtime: Failed to run a WMI query (HRRESULT: 0x80070005, Details: Access is denied).

All replies

• 

  

  0

  Sign in to vote

  This is a permission problem.  You need to use a run-as account that has execute permission on these old converted workflows.

  Did you convert the old MOM 2005 operating system MP for these?  Just wondering, because this is coming from the backwards compat modules.

  If you are not using localsystem as your default action account, or have overridden the run-as mapping for the old MP you are using to use a domain account, you need to either check the expiry of that domain account, or use a domain account that can do the following:

  Is a member of the local administrators group

  Is able to log in locally and interactively and as a service

  Is allowed to read logs, perf counters and the WMI query.

  ---

  Microsoft Corporation

  • Proposed as answer by Blake Mengotto Wednesday, July 20, 2011 6:06 PM
  • Marked as answer by Carl-Marius Tuesday, August 23, 2011 11:25 AM

  Wednesday, July 20, 2011 5:51 PM
• 

  

  0

  Sign in to vote

  This query "NumberOfProcessors FROM Win32_ComputerSystem WHERE DomainRole >1' " is actually run in one of the core mp's as well (i think they have different where statements though), so if the default AA doesn't have permission i think you effectively have no monitoring for this server anymore (the core mp's use this query to determine clients, servers and dc's).

  My guess would be wmi and the access right to it, so try wbemtest (connect root\cimv2) and run the query manually, also try the AA account (default and maybe a configured one).

  ---

  Rob Korving
  http://jama00.wordpress.com/
  

  Thursday, July 21, 2011 7:50 AM
• 

  

  0

  Sign in to vote

  Hi Dan and Rob,

  I have tried to make a wbemtest to the server, but I get the following error:

  Number: 0x80041003

  Facility: WMI

  Desciption: Access denied.

   

  If I run wbemtest with administrator rights, I do not get the error.

   

  The SCOM service runs under the Local System account, so I cannot understand why I get the error on this server, and not on any of the other Windows 2008 servers.

   

  I have not been manipulating with any of the Management Packs, they are default from the SCOM installation.

   

  - How do I run the query manually? I do not have the name of the .vbs script to run :-(

   

  Kind regards,

  Carl-Marius

  Thursday, July 21, 2011 11:43 AM
• 

  

  0

  Sign in to vote

  Dont use wbemtest from a remote server as running remote wmi queries requires special rights... from the server itself:

  start wbemtest

  - connect root\cimv2

  - press query and run this query: SELECT NumberOfProcessors FROM Win32_ComputerSystem WHERE DomainRole >1 (if it returns nothing try <2).

   

  When you want to run this under system (AA credentials), the quick and dirty method would be to schedule a cmd.exe, mark it as interactive and use system creds to run it. The cmd that pop ups can be used to run the wbemtest under system credentials. 

  ---

  Rob Korving
  http://jama00.wordpress.com/

  Thursday, July 21, 2011 12:38 PM
• 

  

  0

  Sign in to vote

  Hi Rob,

   

  I have just tried this locally on the server, and I can connect to root\cimv2, but when I run the query, I get the following error:

  Error

  Number: 0x80041010

  Facility: WMI

  Description: Invalid class

   

  I have closed the error over a week ago in SCOM and the error has not returned since, so I think that there is still an error, but apparently not one that SCOM diagnostics as an error.

   

  Kind regards,

  Carl-Marius

  Monday, July 25, 2011 8:37 AM
• 

  

  0

  Sign in to vote

  Hi rob1974 and Dan Rogers,

   

  I have not seen the error since, so I am not sure what kind of permission error that has been the case.

   

  Thank you both for your answer!

   

  Kind regards,

  Carl-Marius 

  Tuesday, August 23, 2011 11:28 AM