I need to get CDDrive info and execute setup file on remote guest VM in vmware without enabling winrm service in remote machine. I have tried to access using powercli command invoke-VMScript too. I doesn't work
PowerCLI D:\Program Files\PowerCli> Get-WmiObject -Query "select * From WIn32_CDROMDrive" -ComputerName "nalb00cava1" | Format-List
Get-WmiObject : Access is denied. (Exception from HRESULT: 0x80070005(E_ACCESSDENIED))
At line:1 char:1
+ Get-WmiObject -Query "select * From WIn32_CDROMDrive" -ComputerName "VM1 ...
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+ CategoryInfo : NotSpecified: (:) [Get-WmiObject], UnauthorizedAccessException
+ FullyQualifiedErrorId : System.UnauthorizedAccessException,Microsoft.PowerShell.Commands.GetWmiObjectCommand
PowerCLI D:\Program Files\PowerCli> Get-WmiObject -Query "select * From WIn32_CDROMDrive" -ComputerName "VM1.xxx.com" | Format-List
Get-WmiObject : Access is denied. (Exception from HRESULT: 0x80070005(E_ACCESSDENIED))
At line:1 char:1
+ Get-WmiObject -Query "select * From WIn32_CDROMDrive" -ComputerName "VM1 ...
+ CategoryInfo : NotSpecified: (:) [Get-WmiObject], UnauthorizedAccessException
+ FullyQualifiedErrorId : System.UnauthorizedAccessException,Microsoft.PowerShell.Commands.GetWmiObjectCommand
help would be appreciated.....
It looks like you are taking this approach for your use case.
Tip: Work Remotely with Windows PowerShell without using Remoting or WinRM
Some cmdlets have a –ComputerName parameter that lets you work with a remote computer without using Windows PowerShell remoting. This means you can use the cmdlet on any computer that is running Windows PowerShell, even if the computer is not configured for Windows PowerShell remoting. These cmdlets include the following:
Because these cmdlets don’t use remoting, you can run any of these cmdlets on a remote computer in a domain simply by specifying the name of one or more remote computers in the –ComputerName parameter. However, Windows policies and configuration settings must allow remote connections, and you must still have the appropriate credentials.
However, relative to WMI, additional setup is needed for success.
Access is denied.
Which permissions/rights does a user need to have WMI access on remote machines?
The following works on Window 2003 R2 SP 2, Windows Server 2012 R2
- Add the user(s) in question to the Performance Monitor Users group
- Under Services and Applications, bring up the properties dialog of WMI Control (or run wmimgmt.msc). In the Security tab, highlight Root/CIMV2, click Security; add Performance Monitor Users and enable the options : Enable Account and Remote Enable
Run dcomcnfg. At Component Services > Computers > My Computer, in the COM security tab of the Properties dialog click "Edit Limits" for both Access Permissions and Launch and Activation Permissions. Add Performance Monitor Users and allow remote access, remote launch, and remote activation.
Select Windows Management Instrumentation under Component Services > Computers > My Computer > DCOM Config and give Remote Launch and Remote Activation privileges to Performance Monitor Users Group.
Notes:
- As an alternatively to step 3 and 4, one can assign the user to the group Distributed COM Users (Tested on Windows Server 2012 R2)
- If the user needs access to all the namespaces, you can set the settings in 2. at the Root level, and recurse the permissions to the
sub-namespaces via the Advanced window in Security
Lastly, you don't say what your environment is, domain, where your machine and VM are in the same domain or if you are in workgroup mode. If it is the latter, then that is a different can of worms to deal with.