I was getting the error "Could not read the Windows event log (NT_STATUS_ACCESS_DENIED). Check your username/password settings and verify network connectivity. " repeatedly on a few Windows Server 2008 machines.
I tested from a remote machine with wbemtest and received the message "Number: 0x80070005 Facility: Win32 Description: Access is denied.".
The user I was attempting to login with was a local administrator.
The culprit? User Account Control. After disabling UAC and restarting the server, I was able to use WMI remotely. It appears that UAC was authenticating the user at a non-elevated level, causing the security issue.
The idea of UAC is nice, but the execution is ugly.
Tuesday, April 3, 2012
Subscribe to:
Comments (Atom)