Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

Register Log in
  • Congratulations strongm on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

Remote Computer Management 1

Status
Not open for further replies.
slichtenberg

slichtenberg

IS-IT--Management
Jan 9, 2002
2
US
Everyone, here's my problem.

I've got a network of approx. 200 users running a mixture of 2000 and XP. We used to remotely administer local workstation passwords using Computer Management. Since we've started rolling out XP I cannot connect to those machines with XP to change passwords. Says "Unable to access the computer "computer-name". The error was access is denied." I've tried the IP and it was still a no go.

Also, we are converting to a full site-to-site VPN for our remote offices and after some testing, we found that the same problem occurs when trying to contact it across the VPN. The VPN appliance is even set to allow everything to come accross.

Any idea on why this is happening? Thanks for the help

Scott
 
Sort by date Sort by votes
Are you saying that you CAN use computer management for 2000 machines? But not for XP machines? If that's the case, it MIGHT have something to do with the IPC$ share not sticking around? WinXP seems to like dropping shares. If that's the case, there is a registry enrty that will fix that, but I don't have it in front of me right now. If nothing works right now, and also for your vpn connections, it is probably something to do with the RPC call. Many people started blocking these as a result of blaster, but you need that internally to manage the other computers.

The above is based on a bit of a sketch knowledge of things so it all might be a bit off base, but those are the first thoughts that came to mind.

Good luck!
 
Upvote 0 Downvote
Have you tried diabling the XP firewall?? Its on by default. It blocks most things - its a real pain.

Cheers
 
Upvote 0 Downvote
You need to have a local Administrator account on the desktops to be able to access them remotely as you want.

 
Upvote 0 Downvote
bacstner is correct--provided the systems are not a part of a domain. You may also want to check the <b>Remote</b> settings under <b>System Properties:Remote</b>...enable remote desktop and verify that your user group that does remote administration is listed as having permission to connect remotely.

Dallas S. Kelsey, III
DKelsey-at-CHGLaw-dot-com
Cox, Hodgman, & Giarmarco, P.C.
Troy MI 48084
 
Upvote 0 Downvote
Our XP machines do not have the firewall enabled and we do have an administrative user on each machine.

What we do is run Computer Management using &quot;Run As&quot;, log in using the administrative account, then connect to the remote machine.

I'll check the remote administration feature in XP on those machines, but as for 2000 across the VPN I'm still coming up short.

Scott
 
Upvote 0 Downvote
I've run across the same problem here, but is only on machines that were upgraded from Windows 2000. Machines that had a clean install all work as expected.
 
Upvote 0 Downvote
jleste - same problem here, any documented fix for this, i've got to imagine importing the security policy from a clean install or using one of the templates would fix it, please let me know!
 
Upvote 0 Downvote
OK guys, I found the fix for the flaw in upgraded from 2000 SP4 to XP boxes only, thanks to google!


This documents a couple of flaws that seem to exist from an upgrade installation of 2000 SP4 to XP. Those of you too lazy to open the link, here it is:

------------- Problem 2 -------------
The second problem I've run into is that the remote management features are
all but disabled on these systems.

If you try to edit a remote system's registry after it has been upgraded you
do not have access to the HKEY_LOCAL_MACHINE or HKEY_CURRENT_USERS hives.

Also, if you try to connect to one of the remote systems through computer
managment you will be able to connect but not perform many functions at all.
If you try to view the event log, system summary, performance logs/alerts,
or device manager you will get an error stating that &quot;Access is denied&quot;

The resolution to both of these problems is to log in to the systems locally
and grant &quot;LOCAL SERVICE&quot; read permissions to the following registry key.

HKEY_LOCAL_MACHINE\System\CurrentControl
Set\Control\SecurePipeServers\Winreg

Once the LOCAL SERVICE has read access to this key all of the remote
management and remote registry editing features work correctly. Once again,
upgrades from Windows 2000 SP3 or below already have this registry
permission set and all is well.

-------------------------------------

Works like a charm, Cheers!
 
Upvote 0 Downvote
Status
Not open for further replies.

Similar threads

Keyboy
  • Locked
  • Question
Computer freezing up
Replies
3
Views
1K
Rick998
Rick998
acfreema
  • Locked
  • Question
Offline/standalone Google Chrome management
Replies
0
Views
171
acfreema
acfreema
Flinx
  • Locked
  • Question
the SAGA of trying to get a computer to sleep and wake up on a schedule
Replies
1
Views
581
Flinx
Flinx
jjjthird333
  • Locked
  • Question
rename a doamin computer when it is offline?
Replies
3
Views
231
goombawaho
goombawaho
xarzu
  • Locked
  • Question
How is remote debugging allowed on Microsoft SQL Management studio?
Replies
2
Views
184
xarzu
xarzu

Part and Inventory Search

Sponsor

Back
Top