I try to display the WMI properties of several computers in our domain (Windows XP, Windows Vista, Windows 7, Windows 10), and I get some error messages :
- "Failed to connect server. RPC service is unavailbale n'est pas disponible. Error code : -2147023174
- "Failed to connect server. Access denied. Error code : -2147024831.
However, the WMI connexion works fine on other computers ...
What can I do ?
- If you get the "RPC server unavailable. Error code : -2147023174" error, it is probably an issue with services or security. Please check the following points on the remote computer :
- "Remote Procedure Call (RPC)" (RpcSs) service must be started.
- "DCOM Server Process Launcher" (DcomLaunch) service must be started.
- "Windows Management Instrumentation" (Winmgmt) service must be started.
- Windows firewall (or another one) may also block the WMI connection.
Open "Exceptions" tab, then check "Windows Management Instrumentation (WMI)" and apply the rule.
Another solution may consist in opening the DCOM port (TCP port 135), or to run the following command : netsh firewall set service RemoteAdmin enable.
This command can be directly executed from our software, by right clicking the remote host, then "Command Prompt".
- If you get the "Access denied : Error code : -2147024891" error, it is probably an issue with access rights / privileges. Please check the following points on the remote computer :
- If the remote host runs Windows Vista, Windows Server 2008, or Windows 7 and that UAC is enabled, WMI requests sent throught network can not be executed with elevated administration privileges.
You can disable the User Account Control or disable UAC only for remote access (recommended). Open the registry base with "regedit", then open "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\system". Create (if it does not exist) the following DWORD value : LocalAccountTokenFilterPolicy and set it to 1. To enable again UAC for remote access, just delete this value or set it to 0.
- - If the remote host is in the same domain as yours, our software must be launched with administrative rights (you should be a member of the "Administrators"/"Domain Admins" group).
- If the remote host is in another domain, then the user account and the password used on your administrative computer (the one where our software is installed), must identically exist on the remote computer, and be a member of the local "Administrators" group.