You can use the below batch script to repair WMI @echo off REM WMI Repair Title WMI Repair script running on the client machines %windir%\system32\wbem\winmgmt /clearadap %windir%\system32\wbem\winmgmt /kill %windir%\system32\wbem\winmgmt /unregserver %windir%\system32\wbem\winmgmt /reserver %windir%\system32\wbem\winmgmt /resyncperf net stop winmgmt /y if exist %windir%\system32\wbem\repository.old rmdir /s /q %windir%\system32\wbem\repository.old ren %windir%\system32\wbem\repository repository.old regsvr32 /s %systemroot%\system32\scecli.dll regsvr32 /s %systemroot%\system32\userenv.dll for /f %%s in (‘dir /b /s %windir%\system32\wbem\*.dll’) do regsvr32 /s %%s for /f %%s in (‘dir /b /s %windir%\system32\wbem\*.mof’) do mofcomp %%s for /f %%s in (‘dir /b %windir%\system32\wbem\*.mfl’) do mofcomp %%s net start winmgmt %windir%\system32\wbem\wmiprvse /regserver Via http://eskonr.com/2009/03/how-to-troubleshoot-the-systems-which-has-wmi-issues-rebuild-wmi-repository///Eswar Koneti @ www.eskonr.com

Hello - Have you seen the below article? http://blogs.msdn.com/b/wmi/archive/2006/05/12/wmi-diagnosis-tool-general-questions.aspxAnoop C Nair

but the script above will remove \Repository folder will there be any data loss for WMI then?---Packie

Hi, I have this error on execmgr.log that causing my Advertised program not successfully received by a computer. Failed to open to WMI namespace '\\.\root\ccm\Policy\Machine' (8007045b) execmgr 2/7/2011 9:16:35 AM 4144 (0x1030) Failed to ConnectSettings for ICcmPolicyAgent in CSoftDistPolicyNamespace::ConnectToNamespace execmgr 2/7/2011 9:16:35 AM 4144 (0x1030) Failed to ConnectToNamespace in CSoftDistPolicyNamespace::GetMachinePolicy execmgr 2/7/2011 9:16:35 AM 4144 (0x1030) Failed to connect to machine policy name space. 0x8007045b execmgr 2/7/2011 9:16:35 AM 4144 (0x1030) Failed to connect to user policy name space execmgr 2/7/2011 9:16:35 AM 4144 (0x1030) CSoftwareDistPolicyMgr::GetSWDistSiteSettings failed to connect to machine namespace execmgr 2/7/2011 9:16:35 AM 4144 (0x1030) Failed to instantiate UI Server {C2F23AE4-82D8-456F-A4AF-A2655D8CA726} with error 8000401a execmgr 2/7/2011 9:16:35 AM 4144 (0x1030) Failed to instantiate UI Server 2 {E8425D59-451B-4978-A2AB-641470EB7C02} with error 8000401a execmgr 2/7/2011 9:16:35 AM 4144 (0x1030) Failed to instantiate Updates UI Server {2D023958-73D0-4542-8AD6-9A507364F70E} with error 8000401a execmgr 2/7/2011 9:16:35 AM 4144 (0x1030) Failed to instantiate VApp UI Server {00AAB372-0D6D-4976-B5F5-9BC7605E30BB} with error 0x8000401A execmgr 2/7/2011 9:16:35 AM 4144 (0x1030) I'm sure if i slam the WMI repository again I will receive the Advertised program, but then when a new program assigned, the same issue will reoccur. What will be the best method to fix this? Thanks in advanced for any help :)---Packie

Thanks, Torsten. It worries me that step #1 mentioned that it need to be done from the server itself. Perhaps someone can alert the author to make it clear. I will try this on client. Thanks again.---Packie

Let me quote http://blogs.technet.com/b/configmgrteam/archive/2009/05/08/wmi-troubleshooting-tips.aspx: "Don't delete the repository (though it may make problems seem to go away)." That article also lists some other things to try before killing the repository.

Did you see this right after a reboot? There's some normal errors like this right after reboots. If not, sure you can rebuild WMI and that will likely fix the issue. John Marcum | http://myitforum.com/cs2/blogs/jmarcum/|

Done on client. It is now receiving a new software advertisement :)---Packie

rebooted & still seeing the error. WMIdiag.exe results as below: 37356 11:15:16 (0) ** WMIDiag v2.0 started on Tuesday, February 08, 2011 at 10:53. 37357 11:15:16 (0) ** 37358 11:15:16 (0) ** Copyright (c) Microsoft Corporation. All rights reserved - January 2007. 37359 11:15:16 (0) ** 37360 11:15:16 (0) ** This script is not supported under any Microsoft standard support program or service. 37361 11:15:16 (0) ** The script is provided AS IS without warranty of any kind. Microsoft further disclaims all 37362 11:15:16 (0) ** implied warranties including, without limitation, any implied warranties of merchantability 37363 11:15:16 (0) ** or of fitness for a particular purpose. The entire risk arising out of the use or performance 37364 11:15:16 (0) ** of the scripts and documentation remains with you. In no event shall Microsoft, its authors, 37365 11:15:16 (0) ** or anyone else involved in the creation, production, or delivery of the script be liable for 37366 11:15:16 (0) ** any damages whatsoever (including, without limitation, damages for loss of business profits, 37367 11:15:16 (0) ** business interruption, loss of business information, or other pecuniary loss) arising out of 37368 11:15:16 (0) ** the use of or inability to use the script or documentation, even if Microsoft has been advised 37369 11:15:16 (0) ** of the possibility of such damages. 37370 11:15:16 (0) ** 37371 11:15:16 (0) ** 37372 11:15:16 (0) ** ---------------------------------------------------------------------------------------------------------------------------------- 37373 11:15:16 (0) ** ----------------------------------------------------- WMI REPORT: BEGIN ---------------------------------------------------------- 37374 11:15:16 (0) ** ---------------------------------------------------------------------------------------------------------------------------------- 37375 11:15:16 (0) ** 37376 11:15:16 (0) ** ---------------------------------------------------------------------------------------------------------------------------------- 37377 11:15:16 (0) ** Windows XP - No service pack - 32-bit (2600) - User 'MYDOMAIN\sccmuser' on computer 'testmachine'. 37378 11:15:16 (0) ** ---------------------------------------------------------------------------------------------------------------------------------- 37379 11:15:16 (0) ** INFO: Environment: .................................................................................................. 1 ITEM(S)! 37380 11:15:16 (0) ** INFO: => 2 incorrect shutdown(s) detected on: 37381 11:15:16 (0) ** - Shutdown on 24 November 2010 23:46:49 (GMT+1). 37382 11:15:16 (0) ** - Shutdown on 01 February 2011 05:55:58 (GMT+1). 37383 11:15:16 (0) ** 37384 11:15:16 (0) ** System drive: ....................................................................................................... C: (Disk #0 Partition #0). 37385 11:15:16 (0) ** Drive type: ......................................................................................................... IDE (ST3160812AS). 37386 11:15:16 (0) ** There are no missing WMI system files: .............................................................................. OK. 37387 11:15:16 (0) ** There are no missing WMI repository files: .......................................................................... OK. 37388 11:15:16 (0) ** WMI repository state: ............................................................................................... N/A. 37389 11:15:16 (0) ** BEFORE running WMIDiag: 37390 11:15:16 (0) ** The WMI repository has a size of: ................................................................................... 32 MB. 37391 11:15:16 (0) ** - Disk free space on 'C:': .......................................................................................... 59450 MB. 37392 11:15:16 (0) ** - INDEX.BTR, 3956736 bytes, 2/8/2011 10:53:26 AM 37393 11:15:16 (0) ** - INDEX.MAP, 2200 bytes, 2/8/2011 10:53:26 AM 37394 11:15:16 (0) ** - OBJECTS.DATA, 29081600 bytes, 2/8/2011 10:53:26 AM 37395 11:15:16 (0) ** - OBJECTS.MAP, 14968 bytes, 2/8/2011 10:53:26 AM 37396 11:15:16 (0) ** AFTER running WMIDiag: 37397 11:15:16 (0) ** The WMI repository has a size of: ................................................................................... 32 MB. 37398 11:15:16 (0) ** - Disk free space on 'C:': .......................................................................................... 59406 MB. 37399 11:15:16 (0) ** - INDEX.BTR, 3956736 bytes, 2/8/2011 11:14:56 AM 37400 11:15:16 (0) ** - INDEX.MAP, 2200 bytes, 2/8/2011 11:14:56 AM 37401 11:15:16 (0) ** - OBJECTS.DATA, 29081600 bytes, 2/8/2011 11:14:56 AM 37402 11:15:16 (0) ** - OBJECTS.MAP, 14968 bytes, 2/8/2011 11:14:56 AM 37403 11:15:16 (0) ** ---------------------------------------------------------------------------------------------------------------------------------- 37404 11:15:16 (0) ** Windows Firewall: ................................................................................................... NOT INSTALLED. 37405 11:15:16 (0) ** ---------------------------------------------------------------------------------------------------------------------------------- 37406 11:15:16 (0) ** DCOM Status: ........................................................................................................ OK. 37407 11:15:16 (0) ** WMI registry setup: ................................................................................................. OK. 37408 11:15:16 (0) ** INFO: WMI service has dependents: ................................................................................... 1 SERVICE(S)! 37409 11:15:16 (0) ** - SMS Agent Host (CCMEXEC, StartMode='Automatic') 37410 11:15:16 (0) ** => If the WMI service is stopped, the listed service(s) will have to be stopped as well. 37411 11:15:16 (0) ** Note: If the service is marked with (*), it means that the service/application uses WMI but 37412 11:15:16 (0) ** there is no hard dependency on WMI. However, if the WMI service is stopped, 37413 11:15:16 (0) ** this can prevent the service/application to work as expected. 37414 11:15:16 (0) ** 37415 11:15:16 (0) ** RPCSS service: ...................................................................................................... OK (Already started). 37416 11:15:16 (0) ** WINMGMT service: .................................................................................................... OK (Already started). 37417 11:15:16 (0) ** ---------------------------------------------------------------------------------------------------------------------------------- 37418 11:15:16 (0) ** WMI service DCOM setup: ............................................................................................. OK. 37419 11:15:16 (2) !! WARNING: WMI DCOM components registration is missing for the following EXE/DLLs: .................................... 6 WARNING(S)! 37420 11:15:16 (0) ** - C:\WINDOWS\SYSTEM32\WBEM\FASTPROX.DLL (\CLSID\{7A0227F6-7108-11D1-AD90-00C04FD8FDFF}\InProcServer32) 37421 11:15:16 (0) ** - C:\WINDOWS\SYSTEM32\WBEM\FASTPROX.DLL (\CLSID\{D71EE747-F455-4804-9DF6-2ED81025F2C1}\InProcServer32) 37422 11:15:16 (0) ** - C:\WINDOWS\SYSTEM32\WBEM\FASTPROX.DLL (\CLSID\{ED51D12E-511F-4999-8DCD-C2BAC91BE86E}\InProcServer32) 37423 11:15:16 (0) ** - C:\WINDOWS\SYSTEM32\WBEM\WBEMPROX.DLL (\CLSID\{4C6055D8-84B9-4111-A7D3-6623894EEDB3}\InProcServer32) 37424 11:15:16 (0) ** - C:\WINDOWS\SYSTEM32\WBEM\WBEMPROX.DLL (\CLSID\{A1044801-8F7E-11D1-9E7C-00C04FC324A8}\InProcServer32) 37425 11:15:16 (0) ** - C:\WINDOWS\SYSTEM32\WBEM\WBEMPROX.DLL (\CLSID\{F7CE2E13-8C90-11D1-9E7B-00C04FC324A8}\InProcServer32) 37426 11:15:16 (0) ** => WMI System components are not properly registered as COM objects, which could make WMI to 37427 11:15:16 (0) ** fail depending on the operation requested. 37428 11:15:16 (0) ** => For a .DLL, you can correct the DCOM configuration by executing the 'REGSVR32.EXE <Filename.DLL>' command. 37429 11:15:16 (0) ** 37430 11:15:16 (0) ** WMI ProgID registrations: ........................................................................................... OK. 37431 11:15:16 (2) !! WARNING: WMI provider DCOM registrations missing for the following provider(s): ..................................... 1 WARNING(S)! 37432 11:15:16 (0) ** - ROOT/MSAPPS11, OffProv11 ({F7107F37-C761-4748-B686-055F45889DCD}) (i.e. WMI Class 'Win32_ExcelComAddins') 37433 11:15:16 (0) ** Provider DLL: 'WMI information not available (This could be the case for an external application or a third party WMI provider)' 37434 11:15:16 (0) ** => This is an issue because there are still some WMI classes referencing this list of providers 37435 11:15:16 (0) ** while the DCOM registration is wrong or missing. This can be due to: 37436 11:15:16 (0) ** - a de-installation of the software. 37437 11:15:16 (0) ** - a deletion of some registry key data. 37438 11:15:16 (0) ** - a registry corruption. 37439 11:15:16 (0) ** => You can correct the DCOM configuration by: 37440 11:15:16 (0) ** - Executing the 'REGSVR32.EXE <Provider.DLL>' command. 37441 11:15:16 (0) ** Note: You can build a list of classes in relation with their WMI provider and MOF file with WMIDiag. 37442 11:15:16 (0) ** (This list can be built on a similar and working WMI Windows installation) 37443 11:15:16 (0) ** The following command line must be used: 37444 11:15:16 (0) ** i.e. 'WMIDiag CorrelateClassAndProvider' 37445 11:15:16 (2) !! WARNING: Re-registering with REGSVR32.EXE all DLL from 'C:\WINDOWS\SYSTEM32\WBEM\' 37446 11:15:16 (0) ** may not solve the problem as the DLL supporting the WMI class(es) 37447 11:15:16 (0) ** can be located in a different folder. 37448 11:15:16 (0) ** You must refer to the class name to determine the software delivering the related DLL. 37449 11:15:16 (0) ** => If the software has been de-installed intentionally, then this information must be 37450 11:15:16 (0) ** removed from the WMI repository. You can use the 'WMIC.EXE' command to remove 37451 11:15:16 (0) ** the provider registration data. 37452 11:15:16 (0) ** i.e. 'WMIC.EXE /NAMESPACE:\\ROOT\MSAPPS11 path __Win32Provider Where Name='OffProv11' DELETE' 37453 11:15:16 (0) ** => If the namespace was ENTIRELY dedicated to the intentionally de-installed software, 37454 11:15:16 (0) ** the namespace and ALL its content can be ENTIRELY deleted. 37455 11:15:16 (0) ** i.e. 'WMIC.EXE /NAMESPACE:\\ROOT path __NAMESPACE Where Name='MSAPPS11' DELETE' 37456 11:15:16 (0) ** - Re-installing the software. 37457 11:15:16 (0) ** 37458 11:15:16 (0) ** WMI provider CIM registrations: ..................................................................................... OK. 37459 11:15:16 (0) ** WMI provider CLSIDs: ................................................................................................ OK. 37460 11:15:16 (0) ** WMI providers EXE/DLL availability: ................................................................................. OK. 37461 11:15:16 (0) ** ---------------------------------------------------------------------------------------------------------------------------------- 37462 11:15:16 (0) ** DCOM security for 'Microsoft WBEM UnSecured Apartment' (Launch & Activation Permissions): ........................... MODIFIED. 37463 11:15:16 (1) !! ERROR: Default trustee 'BUILTIN\ADMINISTRATORS' has been REMOVED! 37464 11:15:16 (0) ** - REMOVED ACE: 37465 11:15:16 (0) ** ACEType: &h0 37466 11:15:16 (0) ** ACCESS_ALLOWED_ACE_TYPE 37467 11:15:16 (0) ** ACEFlags: &h0 37468 11:15:16 (0) ** ACEMask: &h1 37469 11:15:16 (0) ** DCOM_RIGHT_EXECUTE 37470 11:15:16 (0) ** 37471 11:15:16 (0) ** => The REMOVED ACE was part of the DEFAULT setup for the trustee. 37472 11:15:16 (0) ** Removing default security will cause some operations to fail! 37473 11:15:16 (0) ** It is possible to fix this issue by editing the security descriptor and adding the ACE. 37474 11:15:16 (0) ** For DCOM objects, this can be done with 'DCOMCNFG.EXE'. 37475 11:15:16 (0) ** 37476 11:15:16 (0) ** DCOM security for 'Microsoft WBEM UnSecured Apartment' (Launch & Activation Permissions): ........................... MODIFIED. 37477 11:15:16 (1) !! ERROR: Default trustee 'NT AUTHORITY\INTERACTIVE' has been REMOVED! 37478 11:15:16 (0) ** - REMOVED ACE: 37479 11:15:16 (0) ** ACEType: &h0 37480 11:15:16 (0) ** ACCESS_ALLOWED_ACE_TYPE 37481 11:15:16 (0) ** ACEFlags: &h0 37482 11:15:16 (0) ** ACEMask: &h1 37483 11:15:16 (0) ** DCOM_RIGHT_EXECUTE 37484 11:15:16 (0) ** 37485 11:15:16 (0) ** => The REMOVED ACE was part of the DEFAULT setup for the trustee. 37486 11:15:16 (0) ** Removing default security will cause some operations to fail! 37487 11:15:16 (0) ** It is possible to fix this issue by editing the security descriptor and adding the ACE. 37488 11:15:16 (0) ** For DCOM objects, this can be done with 'DCOMCNFG.EXE'. 37489 11:15:16 (0) ** 37490 11:15:16 (0) ** DCOM security for 'Microsoft WBEM UnSecured Apartment' (Launch & Activation Permissions): ........................... MODIFIED. 37491 11:15:16 (1) !! ERROR: Default trustee 'NT AUTHORITY\SYSTEM' has been REMOVED! 37492 11:15:16 (0) ** - REMOVED ACE: 37493 11:15:16 (0) ** ACEType: &h0 37494 11:15:16 (0) ** ACCESS_ALLOWED_ACE_TYPE 37495 11:15:16 (0) ** ACEFlags: &h0 37496 11:15:16 (0) ** ACEMask: &h1 37497 11:15:16 (0) ** DCOM_RIGHT_EXECUTE 37498 11:15:16 (0) ** 37499 11:15:16 (0) ** => The REMOVED ACE was part of the DEFAULT setup for the trustee. 37500 11:15:16 (0) ** Removing default security will cause some operations to fail! 37501 11:15:16 (0) ** It is possible to fix this issue by editing the security descriptor and adding the ACE. 37502 11:15:16 (0) ** For DCOM objects, this can be done with 'DCOMCNFG.EXE'. 37503 11:15:16 (0) ** 37504 11:15:16 (0) ** WMI namespace security for 'ROOT/RSOP': ............................................................................. MODIFIED. 37505 11:15:16 (1) !! ERROR: Default trustee 'NT AUTHORITY\SYSTEM' has been REMOVED! 37506 11:15:16 (0) ** - REMOVED ACE: 37507 11:15:16 (0) ** ACEType: &h0 37508 11:15:16 (0) ** ACCESS_ALLOWED_ACE_TYPE 37509 11:15:16 (0) ** ACEFlags: &h12 37510 11:15:16 (0) ** CONTAINER_INHERIT_ACE 37511 11:15:16 (0) ** INHERITED_ACE 37512 11:15:16 (0) ** ACEMask: &h6003F 37513 11:15:16 (0) ** WBEM_ENABLE 37514 11:15:16 (0) ** WBEM_METHOD_EXECUTE 37515 11:15:16 (0) ** WBEM_FULL_WRITE_REP 37516 11:15:16 (0) ** WBEM_PARTIAL_WRITE_REP 37517 11:15:16 (0) ** WBEM_WRITE_PROVIDER 37518 11:15:16 (0) ** WBEM_REMOTE_ACCESS 37519 11:15:16 (0) ** WBEM_WRITE_DAC 37520 11:15:16 (0) ** WBEM_READ_CONTROL 37521 11:15:16 (0) ** 37522 11:15:16 (0) ** => The REMOVED ACE was part of the DEFAULT setup for the trustee. 37523 11:15:16 (0) ** Removing default security will cause some operations to fail! 37524 11:15:16 (0) ** It is possible to fix this issue by editing the security descriptor and adding the ACE. 37525 11:15:16 (0) ** For WMI namespaces, this can be done with 'WMIMGMT.MSC'. 37526 11:15:16 (0) ** 37527 11:15:16 (0) ** WMI namespace security for 'ROOT/RSOP': ............................................................................. MODIFIED. 37528 11:15:16 (1) !! ERROR: Default trustee 'NT AUTHORITY\AUTHENTICATED USERS' has been REMOVED! 37529 11:15:16 (0) ** - REMOVED ACE: 37530 11:15:16 (0) ** ACEType: &h0 37531 11:15:16 (0) ** ACCESS_ALLOWED_ACE_TYPE 37532 11:15:16 (0) ** ACEFlags: &h12 37533 11:15:16 (0) ** CONTAINER_INHERIT_ACE 37534 11:15:16 (0) ** INHERITED_ACE 37535 11:15:16 (0) ** ACEMask: &h20023 37536 11:15:16 (0) ** WBEM_ENABLE 37537 11:15:16 (0) ** WBEM_METHOD_EXECUTE 37538 11:15:16 (0) ** WBEM_REMOTE_ACCESS 37539 11:15:16 (0) ** WBEM_READ_CONTROL 37540 11:15:16 (0) ** 37541 11:15:16 (0) ** => The REMOVED ACE was part of the DEFAULT setup for the trustee. 37542 11:15:16 (0) ** Removing default security will cause some operations to fail! 37543 11:15:16 (0) ** It is possible to fix this issue by editing the security descriptor and adding the ACE. 37544 11:15:16 (0) ** For WMI namespaces, this can be done with 'WMIMGMT.MSC'. 37545 11:15:16 (0) ** 37546 11:15:16 (0) ** WMI namespace security for 'ROOT/RSOP/USER': ........................................................................ MODIFIED. 37547 11:15:16 (1) !! ERROR: Default trustee 'NT AUTHORITY\SYSTEM' has been REMOVED! 37548 11:15:16 (0) ** - REMOVED ACE: 37549 11:15:16 (0) ** ACEType: &h0 37550 11:15:16 (0) ** ACCESS_ALLOWED_ACE_TYPE 37551 11:15:16 (0) ** ACEFlags: &h12 37552 11:15:16 (0) ** CONTAINER_INHERIT_ACE 37553 11:15:16 (0) ** INHERITED_ACE 37554 11:15:16 (0) ** ACEMask: &h6003F 37555 11:15:16 (0) ** WBEM_ENABLE 37556 11:15:16 (0) ** WBEM_METHOD_EXECUTE 37557 11:15:16 (0) ** WBEM_FULL_WRITE_REP 37558 11:15:16 (0) ** WBEM_PARTIAL_WRITE_REP 37559 11:15:16 (0) ** WBEM_WRITE_PROVIDER 37560 11:15:16 (0) ** WBEM_REMOTE_ACCESS 37561 11:15:16 (0) ** WBEM_WRITE_DAC 37562 11:15:16 (0) ** WBEM_READ_CONTROL 37563 11:15:16 (0) ** 37564 11:15:16 (0) ** => The REMOVED ACE was part of the DEFAULT setup for the trustee. 37565 11:15:16 (0) ** Removing default security will cause some operations to fail! 37566 11:15:16 (0) ** It is possible to fix this issue by editing the security descriptor and adding the ACE. 37567 11:15:16 (0) ** For WMI namespaces, this can be done with 'WMIMGMT.MSC'. 37568 11:15:16 (0) ** 37569 11:15:16 (0) ** WMI namespace security for 'ROOT/RSOP/USER': ........................................................................ MODIFIED. 37570 11:15:16 (1) !! ERROR: Default trustee 'NT AUTHORITY\AUTHENTICATED USERS' has been REMOVED! 37571 11:15:16 (0) ** - REMOVED ACE: 37572 11:15:16 (0) ** ACEType: &h0 37573 11:15:16 (0) ** ACCESS_ALLOWED_ACE_TYPE 37574 11:15:16 (0) ** ACEFlags: &h12 37575 11:15:16 (0) ** CONTAINER_INHERIT_ACE 37576 11:15:16 (0) ** INHERITED_ACE 37577 11:15:16 (0) ** ACEMask: &h20023 37578 11:15:16 (0) ** WBEM_ENABLE 37579 11:15:16 (0) ** WBEM_METHOD_EXECUTE 37580 11:15:16 (0) ** WBEM_REMOTE_ACCESS 37581 11:15:16 (0) ** WBEM_READ_CONTROL 37582 11:15:16 (0) ** 37583 11:15:16 (0) ** => The REMOVED ACE was part of the DEFAULT setup for the trustee. 37584 11:15:16 (0) ** Removing default security will cause some operations to fail! 37585 11:15:16 (0) ** It is possible to fix this issue by editing the security descriptor and adding the ACE. 37586 11:15:16 (0) ** For WMI namespaces, this can be done with 'WMIMGMT.MSC'. 37587 11:15:16 (0) ** 37588 11:15:16 (0) ** WMI namespace security for 'ROOT/RSOP/COMPUTER': .................................................................... MODIFIED. 37589 11:15:16 (1) !! ERROR: Default trustee 'NT AUTHORITY\SYSTEM' has been REMOVED! 37590 11:15:16 (0) ** - REMOVED ACE: 37591 11:15:16 (0) ** ACEType: &h0 37592 11:15:16 (0) ** ACCESS_ALLOWED_ACE_TYPE 37593 11:15:16 (0) ** ACEFlags: &h12 37594 11:15:16 (0) ** CONTAINER_INHERIT_ACE 37595 11:15:16 (0) ** INHERITED_ACE 37596 11:15:16 (0) ** ACEMask: &h6003F 37597 11:15:16 (0) ** WBEM_ENABLE 37598 11:15:16 (0) ** WBEM_METHOD_EXECUTE 37599 11:15:16 (0) ** WBEM_FULL_WRITE_REP 37600 11:15:16 (0) ** WBEM_PARTIAL_WRITE_REP 37601 11:15:16 (0) ** WBEM_WRITE_PROVIDER 37602 11:15:16 (0) ** WBEM_REMOTE_ACCESS 37603 11:15:16 (0) ** WBEM_WRITE_DAC 37604 11:15:16 (0) ** WBEM_READ_CONTROL 37605 11:15:16 (0) ** 37606 11:15:16 (0) ** => The REMOVED ACE was part of the DEFAULT setup for the trustee. 37607 11:15:16 (0) ** Removing default security will cause some operations to fail! 37608 11:15:16 (0) ** It is possible to fix this issue by editing the security descriptor and adding the ACE. 37609 11:15:16 (0) ** For WMI namespaces, this can be done with 'WMIMGMT.MSC'. 37610 11:15:16 (0) ** 37611 11:15:16 (0) ** WMI namespace security for 'ROOT/RSOP/COMPUTER': .................................................................... MODIFIED. 37612 11:15:16 (1) !! ERROR: Default trustee 'NT AUTHORITY\AUTHENTICATED USERS' has been REMOVED! 37613 11:15:16 (0) ** - REMOVED ACE: 37614 11:15:16 (0) ** ACEType: &h0 37615 11:15:16 (0) ** ACCESS_ALLOWED_ACE_TYPE 37616 11:15:16 (0) ** ACEFlags: &h12 37617 11:15:16 (0) ** CONTAINER_INHERIT_ACE 37618 11:15:16 (0) ** INHERITED_ACE 37619 11:15:16 (0) ** ACEMask: &h20023 37620 11:15:16 (0) ** WBEM_ENABLE 37621 11:15:16 (0) ** WBEM_METHOD_EXECUTE 37622 11:15:16 (0) ** WBEM_REMOTE_ACCESS 37623 11:15:16 (0) ** WBEM_READ_CONTROL 37624 11:15:16 (0) ** 37625 11:15:16 (0) ** => The REMOVED ACE was part of the DEFAULT setup for the trustee. 37626 11:15:16 (0) ** Removing default security will cause some operations to fail! 37627 11:15:16 (0) ** It is possible to fix this issue by editing the security descriptor and adding the ACE. 37628 11:15:16 (0) ** For WMI namespaces, this can be done with 'WMIMGMT.MSC'. 37629 11:15:16 (0) ** 37630 11:15:16 (0) ** 37631 11:15:16 (0) ** DCOM security warning(s) detected: .................................................................................. 0. 37632 11:15:16 (0) ** DCOM security error(s) detected: .................................................................................... 3. 37633 11:15:16 (0) ** WMI security warning(s) detected: ................................................................................... 0. 37634 11:15:16 (0) ** WMI security error(s) detected: ..................................................................................... 6. 37635 11:15:16 (0) ** 37636 11:15:16 (1) !! ERROR: Overall DCOM security status: ................................................................................ ERROR! 37637 11:15:16 (1) !! ERROR: Overall WMI security status: ................................................................................. ERROR! 37638 11:15:16 (0) ** - Started at 'Root' -------------------------------------------------------------------------------------------------------------- 37639 11:15:16 (0) ** INFO: WMI permanent SUBSCRIPTION(S): ................................................................................ 7. 37640 11:15:16 (0) ** - ROOT/CCM/POLICY, CCM_PolicyReplicationConsumer.Id="{9099D177-1AD6-46e6-BBC0-70F460786953}". 37641 11:15:16 (0) ** 'SELECT * FROM __ClassOperationEvent WHERE TargetClass ISA "CCM_Policy_Config"' 37642 11:15:16 (0) ** - ROOT/CCM/POLICY, CCM_PolicyReplicationConsumer.Id="{9099D177-1AD6-46e6-BBC0-70F460786953}". 37643 11:15:16 (0) ** 'SELECT * FROM __NamespaceCreationEvent' 37644 11:15:16 (0) ** - ROOT/CCM/POLICY, CCM_PolicyReplicationConsumer.Id="{9099D177-1AD6-46e6-BBC0-70F460786953}". 37645 11:15:16 (0) ** 'SELECT * FROM __ClassOperationEvent WHERE TargetClass ISA "CCM_Policy"' 37646 11:15:16 (0) ** - ROOT/CCM/POLICY, CCM_PolicyReplicationConsumer.Id="{9099D177-1AD6-46e6-BBC0-70F460786953}". 37647 11:15:16 (0) ** 'SELECT * FROM __ClassOperationEvent WHERE TargetClass ISA "CCM_Policy_EmbeddedObject"' 37648 11:15:16 (0) ** - ROOT/DEFAULT, MSFT_UCScenarioControl.Name="Microsoft WMI Updating Consumer Scenario Control". 37649 11:15:16 (0) ** 'SELECT * FROM __InstanceOperationEvent WHERE TargetInstance ISA 'MSFT_UCScenario'' 37650 11:15:16 (0) ** - ROOT/SUBSCRIPTION, MSFT_UCScenarioControl.Name="Microsoft WMI Updating Consumer Scenario Control". 37651 11:15:16 (0) ** 'SELECT * FROM __InstanceOperationEvent WHERE TargetInstance ISA 'MSFT_UCScenario'' 37652 11:15:16 (0) ** - ROOT/SUBSCRIPTION, NTEventLogEventConsumer.Name="SCM Event Log Consumer". 37653 11:15:16 (0) ** 'select * from MSFT_SCMEventLogEvent' 37654 11:15:16 (0) ** 37655 11:15:16 (0) ** WMI TIMER instruction(s): ........................................................................................... NONE. 37656 11:15:16 (0) ** WMI ADAP status: .................................................................................................... OK. 37657 11:15:16 (0) ** INFO: WMI namespace(s) requiring PACKET PRIVACY: .................................................................... 1 NAMESPACE(S)! 37658 11:15:16 (0) ** - ROOT/SERVICEMODEL. 37659 11:15:16 (0) ** => When remotely connecting, the namespace(s) listed require(s) the WMI client to 37660 11:15:16 (0) ** use an encrypted connection by specifying the PACKET PRIVACY authentication level. 37661 11:15:16 (0) ** (RPC_C_AUTHN_LEVEL_PKT_PRIVACY or PktPrivacy flags) 37662 11:15:16 (0) ** i.e. 'WMIC.EXE /NODE:"testmachine" /AUTHLEVEL:Pktprivacy /NAMESPACE:\\ROOT\SERVICEMODEL Class __SystemSecurity' 37663 11:15:16 (0) ** 37664 11:15:16 (0) ** WMI MONIKER CONNECTIONS: ............................................................................................ OK. 37665 11:15:16 (0) ** WMI CONNECTIONS: .................................................................................................... OK. 37666 11:15:16 (0) ** WMI GET operations: ................................................................................................. OK. 37667 11:15:16 (0) ** WMI MOF representations: ............................................................................................ OK. 37668 11:15:16 (0) ** WMI QUALIFIER access operations: .................................................................................... OK. 37669 11:15:16 (0) ** WMI ENUMERATION operations: ......................................................................................... OK. 37670 11:15:16 (0) ** WMI EXECQUERY operations: ........................................................................................... OK. 37671 11:15:16 (0) ** WMI GET VALUE operations: ........................................................................................... OK. 37672 11:15:16 (0) ** WMI WRITE operations: ............................................................................................... NOT TESTED. 37673 11:15:16 (0) ** WMI PUT operations: ................................................................................................. NOT TESTED. 37674 11:15:16 (0) ** WMI DELETE operations: .............................................................................................. NOT TESTED. 37675 11:15:16 (0) ** WMI static instances retrieved: ..................................................................................... 4819. 37676 11:15:16 (0) ** WMI dynamic instances retrieved: .................................................................................... 0. 37677 11:15:16 (0) ** WMI instance request cancellations (to limit performance impact): ................................................... 2. 37678 11:15:16 (0) ** ---------------------------------------------------------------------------------------------------------------------------------- 37679 11:15:16 (0) ** # of Event Log events BEFORE WMIDiag execution since the last 20 day(s): 37680 11:15:16 (0) ** DCOM: ............................................................................................................. 58. 37681 11:15:16 (0) ** WINMGMT: .......................................................................................................... 28. 37682 11:15:16 (0) ** WMIADAPTER: ....................................................................................................... 0. 37683 11:15:16 (0) ** => Verify the WMIDiag LOG at line #36449 for more details. 37684 11:15:16 (0) ** 37685 11:15:16 (0) ** # of additional Event Log events AFTER WMIDiag execution: 37686 11:15:16 (0) ** DCOM: ............................................................................................................. 0. 37687 11:15:16 (0) ** WINMGMT: .......................................................................................................... 2. 37688 11:15:16 (0) ** WMIADAPTER: ....................................................................................................... 0. 37689 11:15:16 (2) !! WARNING: => Verify the WMIDiag LOG at line #36898 for more details. 37690 11:15:16 (0) ** ---------------------------------------------------------------------------------------------------------------------------------- 37691 11:15:16 (0) ** Unexpected, wrong or missing registry key values: ................................................................... 1 KEY(S)! 37692 11:15:16 (0) ** INFO: Unexpected registry key value: 37693 11:15:16 (0) ** - Current: HKLM\SOFTWARE\Microsoft\WBEM\CIMOM\Logging (REG_SZ) -> 2 37694 11:15:16 (0) ** - Expected: HKLM\SOFTWARE\Microsoft\WBEM\CIMOM\Logging (REG_SZ) -> 1 37695 11:15:16 (0) ** From the command line, the registry configuration can be corrected with the following command: 37696 11:15:16 (0) ** i.e. 'REG.EXE Add "HKLM\SOFTWARE\Microsoft\WBEM\CIMOM" /v "Logging" /t "REG_SZ" /d "1" /f' 37697 11:15:16 (0) ** 37698 11:15:16 (0) ** ---------------------------------------------------------------------------------------------------------------------------------- 37699 11:15:16 (0) ** ---------------------------------------------------------------------------------------------------------------------------------- 37700 11:15:16 (0) ** ---------------------------------------------------------------------------------------------------------------------------------- 37701 11:15:16 (0) ** ---------------------------------------------------------------------------------------------------------------------------------- 37702 11:15:16 (0) ** 37703 11:15:16 (0) ** ---------------------------------------------------------------------------------------------------------------------------------- 37704 11:15:16 (0) ** ------------------------------------------------------ WMI REPORT: END ----------------------------------------------------------- 37705 11:15:16 (0) ** ---------------------------------------------------------------------------------------------------------------------------------- 37706 11:15:16 (0) ** 37707 11:15:16 (0) ** ERROR: WMIDiag detected issues that could prevent WMI to work properly!. Check 'C:\DOCUMENTS AND SETTINGS\sccmuser\LOCAL SETTINGS\TEMP\WMIDIAG-V2.0_XP___.CLI.RTM.32_testmachine_2011.02.08_10.53.28.LOG' for details. 37708 11:15:16 (0) ** 37709 11:15:16 (0) ** WMIDiag v2.0 ended on Tuesday, February 08, 2011 at 11:15 (W:125 E:147 S:1). i saw a lot of errors but not sure what to do with them thank you---Packie

will this need to be done on my primary site server? No! On the clients.

ok, then i will give it another reboot & update ;)---Packie

slamming the Repository folder will be the easiset method for me, but anyone can help with troubleshooting the WMI error will be gladly appreciated many thanks---Packie

quoting http://blogs.technet.com/b/configmgrteam/archive/2009/05/08/wmi-troubleshooting-tips.aspx : What can I do other than rebuild the repository? One low risk, potentially high gain operation that can be performed is to recompile MOF files, and register component DLL's associated with WMI operations. If an important class or component registration needed for WMI operation was somehow removed you can put the needed structure back. These steps can be automated easily, but aren't generally recommended on a large scale as they too can mask issues. This is just one more option to try short of rebuilding the repository. There are variations of the steps below available between XP and Vista, but this most basic version should work for either. // 1. Open a CMD prompt on the server and change directory to %windir%\System32\WBEM (\SysWOW64\WBEM on x64) 2. Execute the following: FOR /f %s in ('dir /b /s *.dll') do regsvr32 /s %s Net stop /y winmgmt FOR /f %s in ('dir /b *.mof *.mfl') do mofcomp %s Net start winmgmt Note: Don't attempt to compile the MOF files in the \bin\i386 folder on a site server, as we contain stub files (names start with an underscore character such as _smsprov.mof) that need to be populated with site specific data through other means. // will this need to be done on my primary site server? ---Packie