Welcome to OStack Knowledge Sharing Community for programmer and developer-Open, Learning and Share
Welcome To Ask or Share your Answers For Others

Categories

0 votes
1.7k views
in Technique[技术] by (71.8m points)

powershell - "get-wmiobject win32_process -computername" gets error "Access denied , code 0x80070005"

i'm trying to find processes on 3 terminal servers which have certain words in its $_.commandline property. Under my domain admin account, it worked OK. But I want this script to be usable for domain users, and doamin users get an error when runing this script.

What should i do, so that domain users can run this script just like domain admins? Thanks in advance!

Error:

Get-WmiObject : Access is denied. (Exception from HRESULT: 0x80070005 (E_ACCESS DENIED))
At N:FindWhoIsUsingFindWhoIsUsing.ps1:7 char:18
get-wmiobject <<<<  win32_process -computername $server -EnableAllPrivileges|
CategoryInfo          : NotSpecified: (:) [Get-WmiObject], UnauthorizedAccessException
FullyQualifiedErrorId : System.UnauthorizedAccessException,Microsoft.PowerShell.Commands.GetWmiObjectCommand

Powershell Code:

Write-host "Who is using this profile?"
$profile = Read-host "specify profile name" 
$servers = @("server-01","server-02","server-03")
Foreach($server in $servers)
{
    Write-host $server
    get-wmiobject win32_process -computername $server -EnableAllPrivileges|
    where{$_.name -like "*Processname*" -and
    $_.CommandLine -like "*$profile*"}|
    select @{n="Server";e={$server}},@{n="User";e={$_.getowner().user}},@{n="ProcessID";e= {$_.ProcessID}},{$_.CommandLine}|fl
}
Write-host "DONE Searching!"
See Question&Answers more detail:os

与恶龙缠斗过久,自身亦成为恶龙;凝视深渊过久,深渊将回以凝视…
Welcome To Ask or Share your Answers For Others

1 Answer

0 votes
by (71.8m points)

Ok here are the steps:

  1. Launch "wmimgmt.msc"
  2. Right-click on "WMI Control (Local)" then select Properties
  3. Go to the "Security" tab and select "Security" then "Advanced" then "Add"
  4. Select the user name(s) or group(s) you want to grant access to the WMI and click ok
  5. Grant the required permissions, I recommend starting off by granting all permissions to ensure that access is given, then remove permissions later as necessary.
  6. Ensure the "Apply to" option is set to "This namespace and subnamespaces"
  7. Save and exit all prompts
  8. Add the user(s) or group(s) to the Local "Distributed COM Users" group. Note: The "Authenticated Users" and "Everyone" groups cannot be added here, so you can alternatively use the "Domain Users" group.

与恶龙缠斗过久,自身亦成为恶龙;凝视深渊过久,深渊将回以凝视…
Welcome to OStack Knowledge Sharing Community for programmer and developer-Open, Learning and Share
Click Here to Ask a Question

...