Error Message when running Get-WmiObject cmdlet on a Remote Machine
Get-WmiObject : The RPC server is unavailable. (Exception from HRESULT: 0x800706BA) At line:1 char:1 + Get-WmiObject win32_bios -ComputerName remotecomputername|Select PSComputerName,Manufact ... + ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ + CategoryInfo : InvalidOperation: (:) [Get-WmiObject], COMException + FullyQualifiedErrorId : GetWMICOMException,Microsoft.PowerShell.Commands.GetWmiObjectCommand
Verify DCOM Settings on Remote Machine
- The first step is to check is if the DCOM Service is enabled in the Remote Machine
- From the remote machine; From the Start Menu; type dcomcnfg
- Open Computers – Right Click My Computer – Properties
- If the checkbox for ‘Enable Distributed COM on this computer ‘ is ticked; you have got through the first step. By default this option is always enabled
Check the Windows Firewall on Remote Machine
- The next step is to check Windows Firewall. It is most likely that your firewall is enabled.
- For testing purposes, please disable the Firewall on the remote machine and test the script. I’m sure you have got the result. If not, I would sadly request you to look for answers elsewhere 😦
- It is not advisable to disable your Firewall to get this working and most of all if you are administering a network of over 100 or 1000 machines this is not practical either. So the best way is to identify the Communication Port that was blocked when running the script. So turn back your Firewall On.
Enabling Logging on Windows Firewall and Identify Blocked Port on Remote Machine
- From Advanced Settings of your Firewall; right click Windows Firewall with Advanced Security on Local Computer and select Properties
- From the Domain Profile Tab; click Customize under Logging
- Select the Yes drop-down for Log dropped packets
- Take note of the Logfile Location and filename from the name field
- Click Ok to confirm
- From your PC or a Server PC; run the Get-WmiObject cmdlet once again so as to receive the error
- From the remote machine; run Notepad as Administrator and open the pfirewall.log file
- Identify the Drop Action from the Firewall that points to the time we ran the Get-WmiObject cmdlet and the source-ip (src-ip) of the machine you ran the script from
- Take note of the Protocol TCP/UDP and Destination Port Number (dst-port) Eg: 49155
- You can enable an Inbound Rule for this your problem will solved. If you are administering a large network; apply this to a group policy instead.