Todd R. Jacobs
2007-03-27 14:21:58 UTC
Hi, (Sorry for posting this separately but I was not aware of the group
until today)
I would like to replace some IWbem event consumer code with
System::Management::ManagementEventWatcher code.
But I am getting an Access is denied. (Exception from HRESULT: 0x80070005
(E_ACCESSDENIED)) after the call to ManagementEventWatcher->Start() I know
the authentication credentials are valid because they still work using the
old code. Here are some code snips that might help show what I am trying to
do. Warning; error checking removed and code taken out of class scope for
brevity.
TIA,
Todd
===========================================================
Old working C++ code snips to show connection logic
===========================================================
HRESULT hres;
// Step 1: --------------------------------------------------
// Initialize COM. ------------------------------------------
hres = CoInitializeEx(0, COINIT_MULTITHREADED);
// Step 2: --------------------------------------------------
// Set general COM security levels --------------------------
hres = CoInitializeSecurity(
NULL,
-1, // COM authentication
NULL, // Authentication services
NULL, // Reserved
RPC_C_AUTHN_LEVEL_DEFAULT, // Default authentication
RPC_C_IMP_LEVEL_IMPERSONATE, // Default Impersonation
NULL, // Authentication info
EOAC_NONE, // Additional capabilities
NULL // Reserved
);
// Step 3: ---------------------------------------------------
// Obtain the initial locator to WMI -------------------------
hres = CoCreateInstance(
CLSID_WbemLocator,
0,
CLSCTX_INPROC_SERVER,
IID_IWbemLocator, (LPVOID *) &pLoc);
// Step 4: -----------------------------------------------------
// Connect to WMI through the IWbemLocator::ConnectServer method
hres = pLoc->ConnectServer(
_bstr_t(L"\\\\myserver\\root\\cimv2"),
_bstr_t(L"myusername"), // User name
_bstr_t(L"mypassword"), // User password
_bstr_t(L"MS_409"), // Locale
NULL, // Security flags
_bstr_t(L"ntlmdomain:mydomain"), // Authority
0, // Context object
&pSvc // IWbemServices proxy
);
// Set this here it is used for both the Connection and Enumerator security
proxy
COAUTHIDENTITY cId;
ZeroMemory( &cId, sizeof(cId) );
cId.User = (USHORT*)L"myusername";
cId.UserLength = (ULONG)wcslen( (wchar_t*)cId.User );
cId.Domain = (USHORT*)L"mydomain";
cId.DomainLength = (ULONG)wcslen( (wchar_t*)cId.Domain );
cId.Password = (USHORT*)L"mypassword";
cId.PasswordLength = (ULONG)wcslen( (wchar_t*)cId.Password );
cId.Flags = SEC_WINNT_AUTH_IDENTITY_UNICODE;
// Step 5: --------------------------------------------------
// Set security levels on a WMI connection ------------------
hres = CoSetProxyBlanket(
pSvc, // Indicates the proxy to set
RPC_C_AUTHN_WINNT, // RPC_C_AUTHN_xxx
RPC_C_AUTHZ_NONE, // RPC_C_AUTHZ_xxx
NULL, // Server principal name
RPC_C_AUTHN_LEVEL_CALL, // RPC_C_AUTHN_LEVEL_xxx
RPC_C_IMP_LEVEL_IMPERSONATE, // RPC_C_IMP_LEVEL_xxx
&cId, // client identity
EOAC_NONE // proxy capabilities
);
// Step 6: --------------------------------------------------
// Use the IWbemServices pointer to make requests of WMI ----
hres = pSvc->ExecNotificationQuery(
_bstr_t("WQL"),
_bstr_t("SELECT * "
"FROM __InstanceCreationEvent WITHIN 1 "
"WHERE TargetInstance ISA 'Win32_NTLogEvent'"
"AND TargetInstance.Logfile = 'System'"),
WBEM_FLAG_FORWARD_ONLY | WBEM_FLAG_RETURN_IMMEDIATELY,
NULL, &pEnumerator);
// Step 7: -------------------------------------------------
// Get the data from the query in step 6 -------------------
hres = CoSetProxyBlanket(
pEnumerator, // Indicates the proxy to set
RPC_C_AUTHN_WINNT, // RPC_C_AUTHN_xxx
RPC_C_AUTHZ_NONE, // RPC_C_AUTHZ_xxx
NULL, // Server principal name
RPC_C_AUTHN_LEVEL_CALL, // RPC_C_AUTHN_LEVEL_xxx
RPC_C_IMP_LEVEL_IMPERSONATE, // RPC_C_IMP_LEVEL_xxx
&cId, // client identity
EOAC_NONE // proxy capabilities
);
while ( pEnumerator)
{
HRESULT hr = pEnumerator->Next(WBEM_INFINITE, 1, &pclsObj, &uReturn);
if(0 == uReturn)
{
break;
}
else
{
.....
===========================================================
New System::Management C++ code snips connection logic
===========================================================
ManagementEventWatcher^ watcher;
ManagementScope^ watcherScope;
ConnectionOptions^ options = gcnew ConnectionOptions();
options->Locale = "MS_409";
options->Username = "myusername";
options->Password = "mypassword";
options->Authority = "ntlmdomain:mydomain";
options->Impersonation =
System::Management::ImpersonationLevel::Impersonate;
options->Authentication = System::Management::AuthenticationLevel::Call;
options->EnablePrivileges = true;
options->Timeout = System::TimeSpan::MaxValue;
String^ sSevNamespacePath = "\\\\myserver\\root\\cimv2";
String^ sQueryString =
"SELECT * " +
"FROM __InstanceCreationEvent " +
"WITHIN 1 " +
"WHERE TargetInstance ISA 'Win32_NTLogEvent'" +
"AND TargetInstance.Logfile = 'System'";
EventQuery^ query = gcnew EventQuery(sQueryString);
watcherScope = gcnew ManagementScope(sSevNamespacePath, options);
watcherScope->Connect();
watcher = gcnew ManagementEventWatcher( watcherScope, query );
watcher->EventArrived += gcnew
EventArrivedEventHandler(this,&MyNewService::MyNewServiceWinService::HandleEvent);
watcher->Start();
System::Threading::Thread::Sleep(1000);
private:
void HandleEvent(Object^ sender, EventArrivedEventArgs^ e)
{
Trace::WriteLine( DateTime::Now.ToLongTimeString() + " - Event arrived !",
"HandleEvent" );
}
until today)
I would like to replace some IWbem event consumer code with
System::Management::ManagementEventWatcher code.
But I am getting an Access is denied. (Exception from HRESULT: 0x80070005
(E_ACCESSDENIED)) after the call to ManagementEventWatcher->Start() I know
the authentication credentials are valid because they still work using the
old code. Here are some code snips that might help show what I am trying to
do. Warning; error checking removed and code taken out of class scope for
brevity.
TIA,
Todd
===========================================================
Old working C++ code snips to show connection logic
===========================================================
HRESULT hres;
// Step 1: --------------------------------------------------
// Initialize COM. ------------------------------------------
hres = CoInitializeEx(0, COINIT_MULTITHREADED);
// Step 2: --------------------------------------------------
// Set general COM security levels --------------------------
hres = CoInitializeSecurity(
NULL,
-1, // COM authentication
NULL, // Authentication services
NULL, // Reserved
RPC_C_AUTHN_LEVEL_DEFAULT, // Default authentication
RPC_C_IMP_LEVEL_IMPERSONATE, // Default Impersonation
NULL, // Authentication info
EOAC_NONE, // Additional capabilities
NULL // Reserved
);
// Step 3: ---------------------------------------------------
// Obtain the initial locator to WMI -------------------------
hres = CoCreateInstance(
CLSID_WbemLocator,
0,
CLSCTX_INPROC_SERVER,
IID_IWbemLocator, (LPVOID *) &pLoc);
// Step 4: -----------------------------------------------------
// Connect to WMI through the IWbemLocator::ConnectServer method
hres = pLoc->ConnectServer(
_bstr_t(L"\\\\myserver\\root\\cimv2"),
_bstr_t(L"myusername"), // User name
_bstr_t(L"mypassword"), // User password
_bstr_t(L"MS_409"), // Locale
NULL, // Security flags
_bstr_t(L"ntlmdomain:mydomain"), // Authority
0, // Context object
&pSvc // IWbemServices proxy
);
// Set this here it is used for both the Connection and Enumerator security
proxy
COAUTHIDENTITY cId;
ZeroMemory( &cId, sizeof(cId) );
cId.User = (USHORT*)L"myusername";
cId.UserLength = (ULONG)wcslen( (wchar_t*)cId.User );
cId.Domain = (USHORT*)L"mydomain";
cId.DomainLength = (ULONG)wcslen( (wchar_t*)cId.Domain );
cId.Password = (USHORT*)L"mypassword";
cId.PasswordLength = (ULONG)wcslen( (wchar_t*)cId.Password );
cId.Flags = SEC_WINNT_AUTH_IDENTITY_UNICODE;
// Step 5: --------------------------------------------------
// Set security levels on a WMI connection ------------------
hres = CoSetProxyBlanket(
pSvc, // Indicates the proxy to set
RPC_C_AUTHN_WINNT, // RPC_C_AUTHN_xxx
RPC_C_AUTHZ_NONE, // RPC_C_AUTHZ_xxx
NULL, // Server principal name
RPC_C_AUTHN_LEVEL_CALL, // RPC_C_AUTHN_LEVEL_xxx
RPC_C_IMP_LEVEL_IMPERSONATE, // RPC_C_IMP_LEVEL_xxx
&cId, // client identity
EOAC_NONE // proxy capabilities
);
// Step 6: --------------------------------------------------
// Use the IWbemServices pointer to make requests of WMI ----
hres = pSvc->ExecNotificationQuery(
_bstr_t("WQL"),
_bstr_t("SELECT * "
"FROM __InstanceCreationEvent WITHIN 1 "
"WHERE TargetInstance ISA 'Win32_NTLogEvent'"
"AND TargetInstance.Logfile = 'System'"),
WBEM_FLAG_FORWARD_ONLY | WBEM_FLAG_RETURN_IMMEDIATELY,
NULL, &pEnumerator);
// Step 7: -------------------------------------------------
// Get the data from the query in step 6 -------------------
hres = CoSetProxyBlanket(
pEnumerator, // Indicates the proxy to set
RPC_C_AUTHN_WINNT, // RPC_C_AUTHN_xxx
RPC_C_AUTHZ_NONE, // RPC_C_AUTHZ_xxx
NULL, // Server principal name
RPC_C_AUTHN_LEVEL_CALL, // RPC_C_AUTHN_LEVEL_xxx
RPC_C_IMP_LEVEL_IMPERSONATE, // RPC_C_IMP_LEVEL_xxx
&cId, // client identity
EOAC_NONE // proxy capabilities
);
while ( pEnumerator)
{
HRESULT hr = pEnumerator->Next(WBEM_INFINITE, 1, &pclsObj, &uReturn);
if(0 == uReturn)
{
break;
}
else
{
.....
===========================================================
New System::Management C++ code snips connection logic
===========================================================
ManagementEventWatcher^ watcher;
ManagementScope^ watcherScope;
ConnectionOptions^ options = gcnew ConnectionOptions();
options->Locale = "MS_409";
options->Username = "myusername";
options->Password = "mypassword";
options->Authority = "ntlmdomain:mydomain";
options->Impersonation =
System::Management::ImpersonationLevel::Impersonate;
options->Authentication = System::Management::AuthenticationLevel::Call;
options->EnablePrivileges = true;
options->Timeout = System::TimeSpan::MaxValue;
String^ sSevNamespacePath = "\\\\myserver\\root\\cimv2";
String^ sQueryString =
"SELECT * " +
"FROM __InstanceCreationEvent " +
"WITHIN 1 " +
"WHERE TargetInstance ISA 'Win32_NTLogEvent'" +
"AND TargetInstance.Logfile = 'System'";
EventQuery^ query = gcnew EventQuery(sQueryString);
watcherScope = gcnew ManagementScope(sSevNamespacePath, options);
watcherScope->Connect();
watcher = gcnew ManagementEventWatcher( watcherScope, query );
watcher->EventArrived += gcnew
EventArrivedEventHandler(this,&MyNewService::MyNewServiceWinService::HandleEvent);
watcher->Start();
System::Threading::Thread::Sleep(1000);
private:
void HandleEvent(Object^ sender, EventArrivedEventArgs^ e)
{
Trace::WriteLine( DateTime::Now.ToLongTimeString() + " - Event arrived !",
"HandleEvent" );
}