You don't say which application you're using, but this is likely a permissions issue, not a WMI issue (and would explain the absence of WMI errors in the logs).
You say that wbemtest
works fine on the target, so it looks like your account has permissions on the target machine. However, the application you're using might not be presenting your credentials to the target when it executes WMI commands. It could be using a service account or your own computer's NetworkService account. These wouldn't be trusted automatically. It could also be using a non-standard port and is therefore being blocked by the remote host's firewall (although this isn't likely unless the application requires an agent on the target). This could also be an issue with DCOM permissions as well.
Some things you could do to the target computer to verify:
NOTE These are for troubleshooting pusposes -- please do this in a controlled environment and don't leave the computer like this!
- Add the 'Everyone' user to the local admins group. Note that the 'Everyone' user is a local security principal, not an actual user, so you have to fiddle with the scope in the Add Users dialog box to add it successfully.
- Modify the local security policy of the machine (
secpol.msc
) to add Anonymous users to the Everyone group (it's under Local Policies -> Security Options -> Network Access: Let Everyone permissions apply to anonymous users).
- Disable the firewall.
- Configure DTC security and COM security (both accessed from the Component Services control panel) to enable network access and add the Everyone group full control here too.
- Also check the security logs for access denied entries (although I have no idea what account context they'd be logged under).
- If UAC is enabled on your own PC, make sure you're running the application as an administrator. This shouldn't matter to the target but you never know.
If any of this solves your problem, then it's simply a matter of figuring out what security credentials are being provided to the target, and making sure that account has the permissions it needs.
Do you have an error code for the failure? – harrymc – 2016-11-28T19:11:28.470
Please answer . – harrymc – 2016-12-01T20:34:32.587
@harrymc: Sorry, didn't notice that. No, I don't. Actually the problem turned out to be that J-Interop does not support IPv6 properly. It works some of the time, but it's just because going through the wrong code path sometimes chooses a working binding to the host. There's a lot of proprietary magic involved. – JohnEye – 2017-03-24T15:04:04.037