I am trying to connect to a remote machine and run a script that gets me the OS-es from that machine. To do this I connect through WMI, run cmd /c bcdedit -v > bcd.txt. For some reason I keep getting access denied, the same thing as running bcdedit from a non-administrator account.
The WMI Security is set, that is running notepad or calc works perfectly. The user which is logged on, and which is used to connect to the machine is the Administrator. I'm stuck at this for days without any solution. Any workaround is welcome.
Note: OS in question is Windows 8
Note2: Workarounds tried(and failed): running another process that schedules a task with bcdedit(access denied), trying to set the process to run as administrator from the properties box(couldn't even start from WMI remotely)
Local admin account and network admin account are two different authorities.
You can access system BCD using local admin account or any account having needed access tokens.
I am not sure the information is available over SNMP.
Another way is to allow remote access to registry
and decode information from local \HKLM\BCD00000000 branch (mirrors system BCD).
Related
This was the second time this issue was happening. after a server restart, I couldn't connect to the SSAS tabular model through SSMS with neither my own username (admin) nor the service account.
However, we could all connect to the model from other servers in the network.
The icon changes to this as well :
after restarting the service a few times and restarting the server and running CHKDSK \R on all drives and getting to nowhere, it gets fixed by itself.
We are really concerned as we cannot find the root cause of the issue and don't want this to happen when we go live with the project. any idea?
Please ensure when you are trying to connect to SSAS or SQL locally that you open SSMS with Run as Administrator. My assumption is that your account has been given access through the local Windows Administrators group (rather than through direct permissions on your username or through different group permissions). When that is the case, Run as Administrator is required to utilize those local Administrators group permissions on the local server. This is not the case when connecting remotely to a server.
I tried to connect a Windows machine that exist in another domain than our TFS 2018.3 exist.
I added "SSH" task, and I created new SSH endpoint with the remote machine IP, username and password, without a private key. I configured in the remote machine access of SSH for this username & password.
In the SSH task, I configure a simple shell command: ls.
The TFS agent succeeded to connect the machine but failed with this error:
Unable to execute command or shell on remote system: Failed to Execute process.
Full log:
2019-08-15T13:22:54.1491966Z Trying to setup SSH connection to ********#myserverinanotherdomain:22
2019-08-15T13:22:54.4085564Z Successfully connected.
2019-08-15T13:22:54.8120684Z tr -d '\015' <"./sshscript_1565875374136" > "./sshscript_1565875374136._unix"
2019-08-15T13:22:54.8121422Z Unable to execute command or shell on remote system: Failed to Execute process.
2019-08-15T13:22:54.8121745Z
2019-08-15T13:22:54.8180230Z ##[error]Command tr -d '\015' <"./sshscript_1565875374136" > "./sshscript_1565875374136._unix" exited with code 4294967295.
I think because it's a Windows machine and I try to execute a shell script. If I will install Git bash, for example, it can help?
Does the SSh task support only Linux machines? if yes, how can I connect a machine that exists in another domain?
SSH being a communication protocol is agnostic of OS. It is not Linux specific. But there seems to be a limitation for using SSH task on windows machine/build agent. Take a look at this similar question here: Not able to run bash script from windows using vsts.
I haven't found a documentation that clearly declare the SSh task not support on Windows machine. But I have found a task which also uses SSH--Copy Files Over SSH task. And according to the Q&A in official link:
Is this task supported for target machines running operating systems
other than Linux?
This task is intended for target machines running Linux.
For copying files to a macOS machine, this task may be used, but authenticating with a password is not supported.
For copying files to a Windows machine, consider using Windows Machine File Copy.
Instead of SSH. You should be able to use a local account on the build server and when entering the credentials. The account must have the same password as the account in the other domain. In other works make sure build account which run on the build agent are able to connect another domain.
Also make sure there is a trust relationship between the domains.
I have been trying to run debugging within SQl server management studio and for some reason the debugger has just stopped working.
This is the message I get:
Unable to start the Transact-SQL debugger, could not connect to the
database engine instance 'server-sql'. Make sure you have enabled the
debugging firewall exceptions and are using a login that is a member
of the sysadmin fixed server role. The RPC server is unavailable.
Before this I get two messages, one requesting firewall permissions and the next says 'usage' with some text that makes little sense.
I have looked at the other similar answers on there for the same message which suggest adding the login as a sysadmin but that is already set. I also tried adding sysadmin to another account but that also didn't work.
In the end I was able to start it by right clicking and selecting run as administrator.
I encountered this issue while connected to SQL using a SQL Server Authenticated user. Once I tried using a Windows Authenticated user I was able to debug without issue. That user must also be assigned the sysadmin role.
This happened to me and I could not find the resolution anywhere. My firewall is disabled so I knew that couldn't be the issue.
According to Microsoft: Configure firewall rules before running the TSQL Debugger:
The server needs to communicate back to the client via RPC. The
account under which SQL Server service is running should have
authenticate permissions to the client.
We had a group policy that was preventing this:
Deny access to this computer from the network (Local account, Guests)
In order to resolve the issue, I had to add the SQL Server service account to the local group "Remote Desktop Users" on my desktop. Hope this helps someone else resolve this frustrating issue.
I try with the following steps, but it did not work (maybe because I'm on a PC in a office and I don't have control of the firewall). But you can try the following.
Check the users role:
IF IS_SRVROLEMEMBER ('sysadmin') = 1
print 'Current user''s login is a member of the sysadmin role'
Follow these instructions:
configure the transact-SQL Debugger
Run SQL Server Management Standard Edition 64 bits (with SQL Server Account)
In my case, I received this error message:
Unable to start the Transact-SQL debugger, could not connect to the computer "local".
I end up close the existing connection, then reconnect to my local SQL server using IP 127.0.0.1 and it works.
What helped me, was from here:
SQL Server Management Studio must be running under a Windows account that is a member of the sysadmin fixed server roll.
The Database Engine Query Editor window must be connected by using
either a Windows Authentication or SQL Server Authentication login
that is a member of the sysadmin fixed server role.
So, I've added sysadmin role to my windows account and run ssms as administrator. Debugger started working normally.
In addition to above works, what make our 2 computers remote debug able, was running: (right click on Window's Start button)
System--> Advanced System Properties-->Computer Name-->Click on Network ID... button
and running that wizard to join workgroup on both computers.
I found this solution by looking at my Windows' Event Viewer and looking for a solution to errors with NetBT Source, that is related to workgroup and computer Name.
Update: after some days, it stop working again.
I had the same problem and double checked al recommended settings. At some point I disabled the firewall on the database server and it worked like a charm. By enabling and checking the Firewall log I noticed this entry:
2019-10-31 16:07:50 DROP TCP 192.168.xxx.xxx 192.168.xxx.xxx 65231 61214 52 S 56576751 0 8192 - - - RECEIVE
When I allowed TCP port 61214 (Inbound rule) and switched the firewall back on, it worked. I don't know why this port is needed, maybe some here on SO?
Anyway, maybe the firewall log can be of help too.
Struggled through many hours and got the answer
You can do the configuration through this doc
https://learn.microsoft.com/en-us/sql/ssms/scripting/configure-firewall-rules-before-running-the-tsql-debugger?view=sql-server-ver15
(1) 2 settings need to done on the remote server where Sql server is installed
(2) 1 setting at client computer (i.e) our computer
I'd like to access a Firebird DB 2.5 from clients. Firebird is installed in Windows 2008 Server, running and operational. There's no connection problems when trying to do it in the server itself. But I'm not reaching do the same when in clients. I've opened 3050 port in Win 2008 Firewall, but nothing happens. When I test the conection using IBExpert, for example, the following erro message appears:
Attempting to connect to:
XX.XXX.XXX.XX:SuperFireBD\SuperFireDB.FDB
Connecting... Failed!
------------------------------------
Unsuccessful execution caused by a system error that precludes successful execution of subsequent statements.
I/O error during "CreateFile (open)" operation for file "SuperFireBD\SuperFireDB.FDB".
Error while trying to open file.
The system cannot find the path specified. .
Attempting to connect to services manager... Passed!
Disconnecting from database... Passed!
I'm operating over a domain, and I'm not sure wether I have all the grants of the domain's network firewall. Thus, how can I test the 3050 port without telnet? What would I doing wrong? Thanks!
It looks to me it is connecting, but Firebird cannot open your database file.
Try an absolute path like x.x.x.x:c:\SuperFireDB\SuperFireDB.FDB
If that works, I highly suggest making use of aliases.conf located in the Firebird install directory. Then, clients only have to connect to x.x.x.x:SuperFireDB or whatever you decide to name it. If you need to move the database file later, you only have to update aliases.conf and not every client.
Hope this helps! Also if you install firebird server on your machine (no need to run it), you can try to connect through Firebird's own command line client (ISQL).
Some help here: http://www.firebirdsql.org/manual/qsg10-connecting.html.
I met the same problem.
Answer is very simple: fbserver.exe process has no permissions to read/write file *.fdb.
I added read/write permissions for the user SYSTEM on file *.fdb (fbserver.exe runs as windows service as user SYSTEM) and problems disappear.
I have to run a batch job which sits in the windows server from my unix box.
Or from my local machine.
The win server has a userName/Pwd .
How do i programmatically connect to the windows machine and run the batch?
(The batch will change some file permissions in that machine)
Please let me know if there is a better way of handling this situation
A lot of this depends on how you authenticate on the windows machine, the network relation you have to it from your local and unix machine and what level of permission you will need to run the task ons the remote batch file.
I can say that in Windows, you could start by possibly creating a script that stores the username and password needed to connect to the remote machine in a variable, and in that script have it connect to the machine over a network and run the batch as that user.
How woudl you connect to the remote windows server? is it on a LAN or VPN type environment, do you connect with ssh or do you normally map it over the network?>