4
0
in cmd, 'Query Session' command is returning,
Error 5 getting sessionnames
Error [5]:Access is denied
on Windows 10 Remote desktop - Administrator user.
we have set, AllowRemoteRPC 's value to 1
under this HKLM\SYSTEM\CurrentControlSet\Control\Terminal Server
But still problem persists.
Questions:
AllowRemoteRPC actually do and how it's value is being used.
Amit
Posted 2019-01-02T09:03:27.453
Reputation: 113
1
I think the problem is in the UAC remote restrictions.
Do this on the target computer:
regeditNavigate to the following registry subkey:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System
If an entry named LocalAccountTokenFilterPolicy registry entry does not exist,
create it as DWORD
Double-click LocalAccountTokenFilterPolicy and set its value to 1.
Reference:
Microsoft's Description of User Account Control and remote restrictions in Windows Vista.
harrymc
Posted 2019-01-02T09:03:27.453
Reputation: 306 093
@Amit: Any comments? – harrymc – 2019-01-11T15:29:15.703
Sorry Harry, was out these days and could not look into this thread – Amit – 2019-01-13T07:09:08.320
1
Rather than changing registry values, you could always use PSEXEC from a command prompt or Invoke-Command from a PowerShell prompt to execute QWINSTA locally. Both of these will require you have administrative rights on the remote machine (which means opening the command prompt under other credentials, including the credentials as PSEXEC switches or, in the case of PowerShell, including -Credential (Get-Credential) in the command.
Command prompt example:
PSEXEC \\MYPC cmd /c "qwinsta /server:localhost"
PowerShell example:
Invoke-Command -ComputerName MyPC -ScriptBlock { qwinsta /server:localhost }
James Younger
Posted 2019-01-02T09:03:27.453
Reputation: 11
What exactly are you doing? Did you change AllowRemoteRPC to "1" on the receiving computer? Try also in Credential Manager to add the account for the receiving computer. Another try is to disable UAC. – harrymc – 2019-01-02T09:28:14.060
@harrymc I am logging into the RDP, and in CMD I am typing command 'Query Session'. I did change 'AllowRemoteRPC' on that RDP. can you tell me how to disable UAC? – Amit – 2019-01-02T09:31:13.300
Another thing to try is connecting to a share first to establish credentials, or creating a same-named consistent user on both machines. – harrymc – 2019-01-02T09:32:53.227
@harrymc I'm sorry, but I didn't get your suggestions. Basically i want a CMD command 'Query Session' to successfully provide me sessions information. but it is giving me error 5. To solve that I tried to set 'AllowRemoteRPC' with 1. But that didn't help Either. – Amit – 2019-01-02T15:54:06.093
@PimpJuiceIT Yes I'm doing
Query Sessionon cmd. This is case in client's machine and their user is added in Administrator Group (and cmd is opened as Administrator) - So not direct local Admin. But I have tried the same on my network with guest (standard) user and command is working fine. I am doing this via connecting to the machine using remote desktop. – Amit – 2019-01-05T09:37:51.210@PimpJuiceIT we did restart after setting
AllowRemoteRPCbut didn't work. We can try other steps. But I have tested the same command in other networks. It works even in non-admin user. So i guess there must be something else we are missing. – Amit – 2019-01-06T06:04:50.700For 1) It will not be practical solution for user (yet we can try). 2) I will suggest them to perform this and after reboot try again the procedure (with and without admin user). But can you brief me what sfc /scannow does? and how it can help me? – Amit – 2019-01-06T08:44:36.077
Is it possible you are executing the 32-bit version of
– harrymc – 2019-01-07T09:07:36.800cmd.exe(found inC:\Windows\SysWow64) on a 64-bit computer? As another try, you could also disable UAC on the target computer.@harrymc No that is not the case. however we have suggested them to disable UAC for testing purpose. but that doesn't seem to be recommended thing to do for longer time. – Amit – 2019-01-09T07:16:52.050