When I run
Get-WmiObject win32_SystemEnclosure -Computer hostname | select serialnumber
it works for both local and remote hosts.
When I do this for a list of hosts using
ForEach ($_ in gc u:\pub\list.txt) {
Get-WmiObject win32_SystemEnclosure -Computer $_ | select serialnumber | format-table -auto #{Label="Hostname"; Expression={$_}}, #{Label="Service Tag"; Expression={$_.serialnumber}}
}
it returns
Get-WmiObject : The RPC server is unavailable. (Exception from HRESULT: 0x800706BA)
Check that the "Windows Management Instrumentation (WMI-In)" rule is enabled in the firewall for each remote machine.
Or in an Administrative Command/Powershell prompt run:
netsh advfirewall firewall set rule group="Windows Management Instrumentation (WMI)" new enable=yes
It might be due to various issues.I cant say which one is there in your case.
Below given reasons may be there:
DCOM is not enabled in host PC or target PC or on both.
Your Firewall or even your antivirus is preventing the access.
Any WMI related service is disabled.
Some WMI related services are as given:
Remote Access Auto Connection Manager
Remote Access Connection Manager
Remote Procedure Call (RPC)
Remote Procedure Call (RPC) Locator
Remote Registry
For DCOM setting refer:
Key: HKLM\Software\Microsoft\OLE, Value: EnableDCOM
The value should be set to 'Y' .
Your code probably isn't using a correct machine name, you should double check that.
Your error is:
Get-WmiObject : The RPC server is unavailable. (Exception from HRESULT: 0x800706BA)
This is the result you get when a machine is not reachable. So the firewall suggestions are reasonable, but in this case probably not correct because you say this works:
Get-WmiObject win32_SystemEnclosure -Computer hostname
So in your case it seems when this line is executed:
Get-WmiObject win32_SystemEnclosure -Computer $_
$_ doesn't contain a proper computer name. You could check type and contents of $_. Probably there is a problem with the file contents. If the file looks right, then maybe the lines are not properly terminated. You can take a closer look using Write-Host:
ForEach ($_ in gc u:\pub\list.txt) {
Write-Host "Get-WmiObject win32_SystemEnclosure -Computer '$_'"
Get-WmiObject win32_SystemEnclosure -Computer $_ | select serialnumber | format-table -auto #{Label="Hostname"; Expression={$_}}, #{Label="Service Tag"; Expression={$_.serialnumber}}
}
I was having the same problem but only with a few machines. I found that using Invoke-Command to run the same command on the remote server worked.
So instead of:
Get-WmiObject win32_SystemEnclosure -ComputerName $hostname -Authentication Negotiate
Use this:
Invoke-Command -ComputerName $hostname -Authentication Negotiate -ScriptBlock {Get-WmiObject win32_SystemEnclosure}
If you've tried some of the suggestions in the other answers, most notably:
David Brabant's answer: confirming the Windows Management Instrumentation (WMI) inbound firewall rule is enabled
Abhi_Mishra's answer: confirming DCOM is enabled in the Registry
Then consider other common reasons for getting this error:
The remote machine is OFF
You specified an invalid computer name
There are network connectivity problems between you and the target computer
Solved.
I was running into the exact same error message when trying to execute the following script (partial) against a remote VM that was configured to be in the WORKGROUP.
Restart-Computer -ComputerName MyComputer -Authentication Default -Credential $cred -force
I noticed I could run the script from another VM in the same WORKGROUP when I disabled the firewall but still couldn't do it from a machine on the domain. Those two things along with Stackflow suggestions is what brought me to the following solution:
Note: Change these settings at your own risk. You should understand the security implications of these changes before applying them.
On the remote machine:
Make sure you re-enable your Firewall if you've disabled it during testing.
Run Enable-PSRemoting from PowerShell with success
Go into wf.msc (Windows Firewall with Advanced Security)
Confirm the Private/Public inbound 'Windows Management Instrumentation (DCOM-In)' rule is enabled AND make sure the 'Remote Address' property is 'Any' or something more secure.
Confirm the Private/Public inbound 'Windows Management Instrumentation (WMI-In)' rule is enabled AND make sure the 'Remote Address' property is 'Any' or something more secure.
Optional: You may also need to perform the following if you want to run commands like 'Enter-PSSession'.
Confirm the Private/Public inbound 'Windows Management
Instrumentation (ASync-In)' rule is enabled AND make sure the
'Remote Address' property is 'Any' or something more secure.
Open up an Inbound TCP port to 5985
IMPORTANT! - It's taking my remote VM about 2 minutes or so after it reboots to respond to the 'Enter-PSSession' command even though other networking services are starting up without problems. Give it a couple minutes and then try.
Side Note: Before I changed the 'Remote Address' property to 'Any', both of the rules were set to 'Local subnet'.
I found this blog post which suggested adding a firewall exception for "Remote Administration", and that worked for us on our Windows Server 2008 Enterprise systems.
http://mikefrobbins.com/2012/03/08/get-wmiobject-the-rpc-server-is-unavailable-exception-from-hresult-0x800706ba/
Enabling following FW rules on target system resolved the problem on Win2k16:
Windows Management Instrumentation (WMI-In)
Distribiuted Transaction Coordinator (RPC)
Distribiuted Transaction Coordinator (RPC-EPMAP)
I was having the same issue using foreach. I saved the list to $servers and used this which worked:
ForEach ($_ in $Servers) { Write-Host "Host $($_)" | Get-WmiObject win32_SystemEnclosure -Computer $_ | format-table -auto #{Label="Service Tag"; Expression={$_.serialnumber}}
}
Thought I would add that we also ran into this issue with multiple machines in our domain. I created a list of offending machines and added them all to a text file from which to run the script. I ran this from the CMD prompt using elevated privileges.
psexec #firewallFix.txt -d netsh advfirewall firewall
set rule name="Windows Management Instrumentation (WMI-In)"
profile=domain new enable=yes profile=domain
I had same issue, and for me, I was trying to use an IP Address instead of computer name.
Just adding this as one more potential solution for people finding this down the road.
I faced the similar issue on new server that I built through automated scripts via vcenter api. Looks like the "Remote Procedure Call (RPC)" service may not be running on the remote machine. you need to wait for the service to come up to use the Get-WmiObject command. Hence I simply put the script into sleep for sometime and it worked.
Below is the native PowerShell command for the most up-voted solution.
Instead of:
netsh advfirewall firewall set rule group="Windows Management Instrumentation (WMI)" new enable=yes
Use could use the slightly simpler syntax of:
Enable-NetFirewallRule -DisplayGroup "Windows Management Instrumentation (WMI-In)"
Very odd but I used the IP address (vs the hostname) and it worked for me.
Get-WmiObject -Computername MyHostName ...
[Fails: Get-WmiObject : The RPC server is unavailable. (Exception from HRESULT: 0x800706BA)]
Get-WmiObject -Computername 50.50.50.50
[Successful]
I encountered the same "Exception from HRESULT: 0x800706BA" error with get-wmiobject -computerName remoteserverName -class win32_logicaldisk. The remote server is an AWS EC2 instance in my case. The Windows server firewall has WMI ports open. SecurityGroup attached to the EC2 instance has common RPC ports (tcp/udp 135-139, 49152 - 65535) inbound allowed.
I then ran netstat -a -b |findstr remoteServerName after kick off the get-wmiobject powershell command. Turns out the command was trying hit tcp port 6402 on the remote server! After added tcp 6402 into its Security Group inbound rule, get-wmiobject works perfectly! It appears the remote server has WMI set to a fixed port!
So if you checked all usual firewall rules and stil having problem with WMI, try use netstat to identify which port the command is actually trying to hit.
I thought I would add another thing to try. If someone has multiple domains you could try using fully qualified domain names: computer1.subdomain.domain.com
Port 135 will be used by RPC client- server communication.
So Make sure that port 135 is not blocked by your local firewall. It may be one of the reasons for not working.
Here's a link that could help you: https://www.dell.com/support/kbdoc/en-in/000179474/troubleshooting-rpc-server-unavailable-errors
Turning the firewall off resolved it for me.
I was doing this mistake
ForEach ($server in $servers) {
$OS = Get-WmiObject win32_operatingsystem -ComputerName $server
}
Which, of course, couldn't be passed, because output of the server in a csv file was #{Name=hv1g.contoso.com}
I had to call the property from csv file like this $server.Name
ForEach ($server in $servers) {
$OS = Get-WmiObject win32_operatingsystem -ComputerName $server.Name
}
It fixed my issue.
I just came to the exact same issue and found the answer here: http://powershellcommunity.org/Forums/tabid/54/aft/7537/Default.aspx
I had space characters at the end of each line the input file. If your file does too, just remove them and your script should work.
Related
We are upgrading our servers and need to stop our application before we perform update and then start it back again.
I was reading online about this and most of the links talk about remoting but some of the machines don't have PSRemoting enabled and therefore I need to stick to using wmi.
Would appreciate some pointers on this ?
To terminate the process I am using something like below:
$processes=Get-WmiObject -Class Win32_Process -ComputerName $Address -Filter "name='$ProcessName'"
foreach ($process in $processes)
{
$returnval = $process.terminate()
$processid = $process.handle
if($returnval.returnvalue -eq 0) {
write-host "The process $ProcessName `($processid`) terminated successfully"
}
else {
write-host "The process $ProcessName `($processid`) termination has some problems"
}
}
You don't say what OS and PS version(s) you are trying to deal with.
You are not saying what or if you are having issues with what you posted.
Even using only WMI, you still must have Windows WMI properly configured to do this as well as know Windows is not out of the boxed configured to let you what you are after without making all the proper WinRM, WMI and firewall manual configs.
It's far simpler just to enable PSRemoting via GPO.
Otherwise, you will need tp look toward maybe winrs.exe or MS SysInternals psexec.
winrs
Windows remote Management allows you to manage and execute programs remotely.
PsExec v2.2
Also back to my what OS and PowerShell version you are using. There is the
Invoke-WmiMethod
Which can lead to stuff like this ---
Invoke-WmiMethod -ComputerName $TargetMachine -Namespace root\cimv2 -Class Win32_Process..."
I want to build a script to change and/or set up BIOS password to HP workstations.
Script i run as follows:
C:\> $computers=Get-Content -Path c:\computers.txt
C:\> foreach ($computer in $computers) {
$passChange=Get-WmiObject -computername $computer -Namespace root/hp/instrumentedBIOS -Class HP_BIOSSettingInterface
$passChange.SetBIOSSetting('Setup Password','<utf-16/>MYNEWPASSWORD','<utf-16/>')
}
Now, the following happen:
If my BIOS has no password, the script works just fine!
If my BIOS has password already, script has Return: 6. I suppose there is
a different option for changing the BIOS password?If yes, any help
is appreciated!
If i run the script for my computer, it works.
If i run the script for another computer i get the following error:
The RPC server is unavailable. (Exception from HRESULT: 0x800706BA).
Is there a way to enable an option to enable the RPC for this feature and then disable it again?
Thank you in advance
According to HP's documentation HP Client Management Interface the WMI interface supports remote interfacing.
You need to ensure all remote computers you're attempting to connect to have the HP custom WMI Namespace.
You also need to ensure the account you're running under has administrative permissions on all of the remote computers.
You may also need to explicitly set the impersonation to 3 which is impersonate.
For more information: Connecting to WMI Remotely with PowerShell
Also ensure the firewall on the remote computers is either off or has exclusions for WMI
I have a Server 2012 server with a network of windows 7 machines. I am attempting to run the following powershell code to terminate a remote process such as paint.exe:
$computer = 'some-computer'
(Get-WmiObject Win32_Process -ComputerName $computer) | ?{$_ProcessName -ilike 'mspaint*' }).Terminate()
This gives a return value of 2, which is Access Denied. I've found that this is caused by something in the GPO Baseline Windows 7 Policy because when I disable it the command works. I've tried changing dozens of GPO settings that could be related but It's like looking for a needle in a haystack. Any ideas on which policy could be blocking access, or what GPO settings would enable access? Thanks!
I'm trying to write a script that depends on knowing the names of the computers on a network segment, but all the scripts I've found depend on a DNS inquiry which only replys with the names of a few of the machines. For example:
[System.Net.Dns]::GetHostbyAddress($IPAddress)
I've also tried using
Ping -a $ipaddress
but this often fails to return the machine name as well. Is there a way to ask the host what it's name is directly and what level of permissions might be required in AD to get a response?
Thanks in advance.
[System.Net.DNS]::GetHostByAddress() (now [System.Net.DNS]::GetHostEntry()) doesn't only rely on DNS, despite it's name. It will also check the local C:\Windows\System32\Drivers\etc\hosts file for locally configured entries.
straight dns via nslookup can't find the name:
PS C:\Users\Tim> nslookup 192.168.1.50
Server: dns03
Address: 192.168.2.103
*** rpi03 can't find 192.168.1.50: Non-existent domain
yet, gethostentry() still finds the name:
PS C:\Users\Tim> [system.net.dns]::gethostentry('192.168.1.50')
HostName Aliases AddressList
-------- ------- -----------
localentry {} {192.168.1.50}
COMMAND:
wmic.exe /node:10.20.30.40 OS get CSName /format:list
BATCH FILE FOR WHOLE SUBNET:
for /L %%z in (1,1,254) do wmic.exe /node:10.20.30.%%z OS get CSName /format:list 2>NUL
You can try by using something like:
Invoke-Command -computername $computer {Get-Item HKLM:\SYSTEM\ControlSet001\Control\ComputerName\ActiveComputerName}
The active computername is equal to your DNS name (without suffix ofcourse)
I may misunderstand the problem but you can query the Win32_ComputerSystem instance using a CIM session to the remote computer and use one of those properties (Name, DNSName, etc.) Running locally it would be like
Get-CimInstance -namespace root/cimv2 -classname Win32_ComputerSystem | fl *
I'm aware that WMI might take fairly hefty permissions (e.g., domain admin) but (a) that might not be out of the question for your use case and (b) you might be able to do some limited querying with fewer permissions.
Another idea might be to query your SCCM server if you have one:
(Get-WmiObject -Query "SELECT * from SMS_R_SYSTEM WHERE IPAddresses LIKE '%$ipaddress%'" -Namespace "root\sms\site_$SiteCode" -computerName $SCCMServer).Name
Another idea using powershell:
Get-WmiObject -Class Win32_ComputerSystem -ComputerName $Computer -Property Name | ForEach-Object {$_.Name}
Where $Computer is an IP address
I have created a W10 VM (guest) running docker, pulled microsoft/nanoserver image and hosted a container of the image.
(tutorial here: https://msdn.microsoft.com/en-us/virtualization/windowscontainers/quick_start/quick_start_windows_10)
Everything runs great, even host can ping the container running under guest W10. But what i cannot do, is to connect a remote powershell to container.
Enter-PSSession -ComputerName "<container ip>" -Credential ~\Administrator
This pops up a dialog asking for user and password. I cannot leave it blank or etc - the result is access denied. Any ideas how to connect or set a password for nanoserver container ?
I've been struggling with this for a few days now. However, think my problem is slightly different though, as I'm trying to do an Enter-PSSession to a windows docker container, but from another machine, not the container host.
In this tutorial (http://dinventive.com/blog/2016/01/30/windows-server-core-hello-container/), the guy makes a nested container PSSession inside a host PSSession.
He uses this command, which is only available in the latest versions of Powershell. (not in v3)
Enter-PSSession -ContainerId "<container ID>"
Get the ID by doing :
Get-Container | fl
You also have to check your Powershell version and make an upgrade if needed.
To check PS version :
$PSVersionTable
And to download Powershell latest version : https://www.microsoft.com/en-us/download/details.aspx?id=50395
When connecting to a PS-Session using a IP address it adds some requirements, You must either have the remote device configured to use ssl or have the IP address listed in your trusted hosts.
The solution is to either try use the host name for the device, I have had great success with this. Or play with the trusted hosts list. In my experience it works consistently if you add trusted list entries on your machine and the remote machine as well. You can also specify:
Set-Item WSMan:\localhost\Client\TrustedHosts -Value "*"
This will basically set all machines to be in the trusted hosts list, It has its cons like all machines being trusted but in certain restricted networks its acceptable. Doing this on the host and client machine seems to yield best results.
When specifying -Credentials it expects a credential object, You can craft one before the cmdlet to avoid entering it every time like so:
$secpass = convertto-securestring "Password Here" -asplaintext -force
$cred = new-object -typename System.Management.Automation.PSCredential -argumentlist "Username Here", $secpass
Enter-PSSession -ComputerName "<container ip>" -Credential $cred
Coding credentials like this in a script is bad practice, You should look in to storing credentials in scripts properly, there are plenty of good resources on it.