Can't connect to a 2003 server via WMI remotely, other 2003 servers work fine, local WMI bind works. RRS feed

  • General discussion

  • I attempt to issue the following to bind to WMI remotely:

    Set objWMIService = GetObject("winmgmts:{impersonationlevel=impersonate}!//bad2003Server/root/cimv2")


    "test.vbs(1, 1) Microsoft VBScript runtime error: The remote server machine does not exist or is unavailable: 'GetObject'"

    I can ping/browse/rdp into that machine fine. When I attempt to run the following line locally on that same machine it's fine:

    Set objWMIService = GetObject("winmgmts:{impersonationlevel=impersonate}!//localhost/root/cimv2")

    It's only this one 2003 server that has this issue. 

    Please help

    • Changed type Bill_Stewart Monday, March 12, 2018 9:09 PM
    • Moved by Bill_Stewart Monday, March 12, 2018 9:09 PM Off-topic
    Tuesday, January 30, 2018 8:42 PM

All replies

  • Just because you can ping/browse/rdp to the machine does not mean it accepts WMI connections.

    You need to adjust the firewall on the problem machine or fix WMI on it. We can't troubleshoot that for you from afar in a forum.

    -- Bill Stewart [Bill_Stewart]

    Tuesday, January 30, 2018 8:44 PM
  • Hi Bill,

    Firewall isn't enabled on the server. I probably should have just said that instead of mentioning pin/rdp/file system access (really mentioned that to rule out DNS). I figured I would have to fix WMI, however, MS recommends only reinstalling WMI as a last resort, so I was hoping someone might have run into similar or could offer some useful advice here.

    Any other ideas?

    • Edited by KCSteele Wednesday, January 31, 2018 1:11 PM
    Wednesday, January 31, 2018 1:09 PM
  • I was mistaken. Windows firewall is enabled here, however, there should have been an exception for the local subnet to allow all ports/protocols. Unfortunately since that GPO setting was configured only with the newer firewall settings for > vista, it was never applying to this 2003 server.

    My next problem is that it seems impossible to add an exception for all ports / protocols to the local subnet on the legacy firewall. IIRC WMI on 2003 is similar to passive FTP, opens a secondary port after the initial connection over 135 (uses tcp 1025 - 5000). So I guess my only options here are to either add individual rules for each of the potential ports that WMI could choose (not happening), try and figure out a way to force WMI to use only 4 or 5 ports in that range and then configure the firewall appropriately, or just turn off the firewall altogether.

    Unless someone knows of a way to add an exception for all ports/protocls on the local subnet for the legact firewall (2003/xp). Doesn't seem to be possible but would loved to be corrected.

    Wednesday, January 31, 2018 3:11 PM
  • Again: Not a scripting question/issue. You need to ask about Windows firewall and GPO configuration elsewhere.

    -- Bill Stewart [Bill_Stewart]

    Wednesday, January 31, 2018 3:13 PM
  • My apologies.
    Wednesday, January 31, 2018 3:26 PM