Note
Access to this page requires authorization. You can try signing in or changing directories.
Access to this page requires authorization. You can try changing directories.
Question
Monday, February 23, 2015 11:27 AM
hi.
I am in process to implement some group policy and some settings on local windows server through I should be able to achieve following remotely using WMI.
1. View the windows service status (i.e. running/stopped)
2. Start and stop windows service.
This needs to be achieved using Domain user ID without local administrative rights on remote server.
My first goal is achieved i.e. service status monitoring after implementing following Group policy and enforced on remote server.
But I am still not finding any specific solution which can stop/start service remotely using WMI.
GP Policy has been defined as below.
WMI setting and AD policy applied summary
- Allow RPC Dynamic Ports in Firewall for remote machine(In Bound).
- AD > Create Services OU > Create Services Policy
Add remote computer under this policy
- DCOM policy -->Computer-->My Computer-->Properties-->COM Security
In Access Permissions --Edit Limits -->Add the username(give local access, remote access)
In Launch and Activation Permissions -->Edit Limits -->Add the username(give local access, remote access, local activation, remote activation) (Default is local access, local activation)
- lWMImgmt Policy-->WMI Control (Local) -->Properties -->Security(tab) -->Security
Add user -->Advanced -->Select the user -->Edit -->Apply to: The namespace and sub namespaces -->Permissions -->
Allow(Select All) -->check(Apply these permissions to object and/or containers within this container only -->OK
Please help !!
All replies (4)
Monday, February 23, 2015 11:30 AM
hi.
I am in process to implement some group policy and some settings on local windows server through I should be able to achieve following remotely using WMI.
1. View the windows service status (i.e. running/stopped)
2. Start and stop windows service.
This needs to be achieved using Domain user ID without local administrative rights on remote server.
My first goal is achieved i.e. service status monitoring after implementing following Group policy and enforced on remote server.
But I am still not finding any specific solution which can stop/start service remotely using WMI.
GP Policy has been defined as below.
WMI setting and AD policy applied summary
- Allow RPC Dynamic Ports in Firewall for remote machine(In Bound).
- AD > Create Services OU > Create Services Policy
Add remote computer under this policy
- DCOM policy -->Computer-->My Computer-->Properties-->COM Security
In Access Permissions --Edit Limits -->Add the username(give local access, remote access)
In Launch and Activation Permissions -->Edit Limits -->Add the username(give local access, remote access, local activation, remote activation) (Default is local access, local activation)
- lWMImgmt Policy-->WMI Control (Local) -->Properties -->Security(tab) -->Security
Add user -->Advanced -->Select the user -->Edit -->Apply to: The namespace and sub namespaces -->Permissions -->
Allow(Select All) -->check(Apply these permissions to object and/or containers within this container only -->OK
Please help !!
Following error reported. (Remote Server is 192.168.1.13)
C:\xxx\wmic /Node:192.168.1.13 /User:"ex2013lab\wmi.test1" service where name="Dhcp" call stopservice
Enter the password :*********
Executing (\CAS1-PROD\ROOT\CIMV2:Win32_Service.Name="Dhcp")->stopservice()
ERROR:
Description = Provider failure
Monday, February 23, 2015 12:14 PM
Forgot to mention that through group policy, particular service (DHCP) rights given to that user (here ex2013lab\wmi.test1). I have checked locally using wmi.test1 server that service start/stop working locally.
** Need to do start/stop remotely using wmi which is not working
===Group Policy setting at AD ==
Services Policy(manulally created AD > Create Services OU > Create Services Policy)
Forest:Domain.com -->Domains --> Domain.com-->
Services-->Services (Edit)
Computer Configuration-->Policies-->Windows Settings -->
Security Setting--> System Services --> (Select DHCP Client)
--> Properties--> (check) Define this policy setting -->
(select) Automatic --> Edit Security--> Add domain user -->
select permission (all >>full control, read, start,stop and pause, write, delete)
--> Apply (ok)
Enforced the policy on remote server usng gpupdate /force
Saturday, February 28, 2015 5:09 AM
Hi Sir,
Sorry for the delay .
As a workaround please try to run following command :
wmic /node:192.168.1.13 /User:"ex2013lab\wmi.test1" process call create "cmd.exe /c net stop dhcp /y"
If the issue persists, please try to use domain admin account to run this command then check the result .
Best Regards,
Elton Ji
Please remember to mark the replies as answers if they help and unmark them if they provide no help. If you have feedback for TechNet Subscriber Support, contact [email protected] .
Saturday, February 28, 2015 6:30 AM
Have you tried looking at PSExec?