J-Interop is not working from CentOS

jpraman
2012-12-04
2012-12-11
  • jpraman
    jpraman
    2012-12-04

    Hi All,

    I am new to j-interop.  want to do windows discovery through wmi,
    

    So as j-interop has been written in entirely pure java, we planned to take j-interop as the
    solution. But when I tried to execute j-interop from CentOs machine I have seen It was
    failed to connect , it produced an error as follows:

    org.jinterop.dcom.common.JIException: Message not found for errorCode: 0xC0000001
    at org.jinterop.winreg.smb.JIWinRegStub.winreg_OpenHKLM
    (JIWinRegStub.java:102)
    at org.jinterop.dcom.core.JIProgId.getIdFromWinReg(JIProgId.java:122)
    at org.jinterop.dcom.core.JIProgId.getCorrespondingCLSID(JIProgId.java:154)
    at org.jinterop.dcom.core.JIComServer.<init>(JIComServer.java:395)
    at SimpleServiceManager.manageService(SimpleServiceManager.java:104)
    at SimpleServiceManager.stop(SimpleServiceManager.java:74)
    at SimpleServiceManager.main(SimpleServiceManager.java:48)
    Caused by: jcifs.smb.SmbException: Connection timeout
    jcifs.util.transport.TransportException: Connection timeout
    at jcifs.util.transport.Transport.connect(Transport.java:178)
    at jcifs.smb.SmbTransport.connect(SmbTransport.java:290)
    at jcifs.smb.SmbTree.treeConnect(SmbTree.java:139)
    at jcifs.smb.SmbFile.doConnect(SmbFile.java:847)
    at jcifs.smb.SmbFile.connect(SmbFile.java:890)
    at jcifs.smb.SmbFile.connect0(SmbFile.java:816)
    at jcifs.smb.SmbFileInputStream.<init>(SmbFileInputStream.java:73)
    at jcifs.smb.SmbFileInputStream.<init>(SmbFileInputStream.java:62)
    at jcifs.smb.SmbFile.getInputStream(SmbFile.java:2765)
    at rpc.ncacn_np.RpcTransport.attach(RpcTransport.java:90)
    at rpc.Stub.attach(Stub.java:105)
    at rpc.Stub.call(Stub.java:109)
    at org.jinterop.winreg.smb.JIWinRegStub.winreg_OpenHKLM
    (JIWinRegStub.java:100)
    at org.jinterop.dcom.core.JIProgId.getIdFromWinReg(JIProgId.java:122)
    at org.jinterop.dcom.core.JIProgId.getCorrespondingCLSID(JIProgId.java:154)
    at org.jinterop.dcom.core.JIComServer.<init>(JIComServer.java:395)
    at SimpleServiceManager.manageService(SimpleServiceManager.java:104)
    at SimpleServiceManager.stop(SimpleServiceManager.java:74)
    at SimpleServiceManager.main(SimpleServiceManager.java:48)

        at jcifs.smb.SmbTransport.connect(SmbTransport.java:292)
         at jcifs.smb.SmbTree.treeConnect(SmbTree.java:139)
         at jcifs.smb.SmbFile.doConnect(SmbFile.java:847)
         at jcifs.smb.SmbFile.connect(SmbFile.java:890)
         at jcifs.smb.SmbFile.connect0(SmbFile.java:816)
         at jcifs.smb.SmbFileInputStream.<init>(SmbFileInputStream.java:73)
         at jcifs.smb.SmbFileInputStream.<init>(SmbFileInputStream.java:62)
         at jcifs.smb.SmbFile.getInputStream(SmbFile.java:2765)
         at rpc.ncacn_np.RpcTransport.attach(RpcTransport.java:90)
         at rpc.Stub.attach(Stub.java:105)
         at rpc.Stub.call(Stub.java:109)
         at org.jinterop.winreg.smb.JIWinRegStub.winreg_OpenHKLM
    

    (JIWinRegStub.java:100)
    ... 6 more

    The same code is executed from windows and it is working fine. Please suggest me to
    get solve this issue.
    Regards,
    Jayan

     
  • Hi,

    Can you please provide a couple of wireshark captures

    1. From Windows machine to this target machine
    2. From Centos machine to target machine

    thanks,
    best regards,
    Vikram

     
  • jpraman
    jpraman
    2012-12-06

    Hi Vikram,
    sorry for the delay in giving update to you.
    I got the same error while running from one windows machine also as follows,

    org.jinterop.dcom.common.JIException: Message not found for errorCode: 0xC000000
    1
    at org.jinterop.winreg.smb.JIWinRegStub.winreg_OpenHKLM(JIWinRegStub.jav
    a:102)
    at org.jinterop.dcom.core.JIProgId.getIdFromWinReg(JIProgId.java:122)
    at org.jinterop.dcom.core.JIProgId.getCorrespondingCLSID(JIProgId.java:1
    54)
    at org.jinterop.dcom.core.JIComServer.<init>(JIComServer.java:395)
    at test.wipro.cisco.wmi.EventLogListener.getWmiLocator(EventLogListener.
    java:41)
    at test.wipro.cisco.wmi.EventLogListener.main(EventLogListener.java:90)
    Caused by: jcifs.smb.SmbException: Connection timeout
    jcifs.util.transport.TransportException: Connection timeout
    at jcifs.util.transport.Transport.connect(Transport.java:178)
    at jcifs.smb.SmbTransport.connect(SmbTransport.java:290)
    at jcifs.smb.SmbTree.treeConnect(SmbTree.java:139)
    at jcifs.smb.SmbFile.doConnect(SmbFile.java:847)
    at jcifs.smb.SmbFile.connect(SmbFile.java:890)
    at jcifs.smb.SmbFile.connect0(SmbFile.java:816)
    at jcifs.smb.SmbFileInputStream.<init>(SmbFileInputStream.java:73)
    at jcifs.smb.SmbFileInputStream.<init>(SmbFileInputStream.java:62)
    at jcifs.smb.SmbFile.getInputStream(SmbFile.java:2765)
    at rpc.ncacn_np.RpcTransport.attach(RpcTransport.java:90)
    at rpc.Stub.attach(Stub.java:105)
    at rpc.Stub.call(Stub.java:109)
    at org.jinterop.winreg.smb.JIWinRegStub.winreg_OpenHKLM(JIWinRegStub.jav
    a:100)
    at org.jinterop.dcom.core.JIProgId.getIdFromWinReg(JIProgId.java:122)
    at org.jinterop.dcom.core.JIProgId.getCorrespondingCLSID(JIProgId.java:1
    54)
    at org.jinterop.dcom.core.JIComServer.<init>(JIComServer.java:395)
    at test.wipro.cisco.wmi.EventLogListener.getWmiLocator(EventLogListener.
    java:41)
    at test.wipro.cisco.wmi.EventLogListener.main(EventLogListener.java:90)

        at jcifs.smb.SmbTransport.connect(SmbTransport.java:292)
        at jcifs.smb.SmbTree.treeConnect(SmbTree.java:139)
        at jcifs.smb.SmbFile.doConnect(SmbFile.java:847)
        at jcifs.smb.SmbFile.connect(SmbFile.java:890)
        at jcifs.smb.SmbFile.connect0(SmbFile.java:816)
        at jcifs.smb.SmbFileInputStream.<init>(SmbFileInputStream.java:73)
        at jcifs.smb.SmbFileInputStream.<init>(SmbFileInputStream.java:62)
        at jcifs.smb.SmbFile.getInputStream(SmbFile.java:2765)
        at rpc.ncacn_np.RpcTransport.attach(RpcTransport.java:90)
        at rpc.Stub.attach(Stub.java:105)
        at rpc.Stub.call(Stub.java:109)
        at org.jinterop.winreg.smb.JIWinRegStub.winreg_OpenHKLM(JIWinRegStub.jav
    

    a:100)
    ... 5 more

    I executes j-interop from virtual machines(both windows and Centos are virtual devices) and is from different domain.
    

    So is there any problem by running from virtual machine?
    I turned off the firewall as well for the target machine while running, even it produces the error
    As I got the same error from one windows machine , I conclude it is not related by platform difference.
    I hope it may be any config. issues

    configurations done on target windows system are as follows.
    a. remote registry started
    b. user credentials is having admin privilage with full controll

    I just want to know is anything extra to be configured on target system and anything to be configured for executing system.

    Regards,
    Jayan

     
  • jpraman
    jpraman
    2012-12-07

    Hi Vikram,

    I wrote a java program to execute wmi query through Runtime.getRuntime().exec and I passed an wmi query to access some info from remote device like "cmd /c wmic /node:" + host + " /user:"+ domain+"\"+user + " /password:" + pass + " process where "+"\"Name like '%"+appName+"%'\" get executablepath /format:list". It executed successfully and got the result.
    So I am thinking if any configuration issue or firewall issue or authentication issue this wmi execution should not work as I had given same user credentials, domain and hostname for both j-interop and wmi program(which executes through runtime).

    As you mentioned I have attached wireshark capture got from source machine and destination while executing j-interop(ip addresses are imaginary it is not real but maintained order(in source wireshark capture you can notice in green color in that actual case other ipaddress(not source or destination) came as source and actual source came like destination).

    Regards,

    Jayan

     
    Last edit: jpraman 2012-12-07
  • Dear Jayan,

    Can you please execute WbemTest from a different Windows machine and target this COM Server ? Please make sure to keep Wireshark running over the target machine and post that capture here.

    thanks,
    best regards,
    Vikram

     
    • jpraman
      jpraman
      2012-12-10

      Hi Vikram,

      As you mentioned, I have attached wireshark capture here.

      ip addresses are not actual.
      source -111.11.111.11(target device)
      destination - 22.22.2.222(destination machine, where Wbem Test done)

      Regards,
      Jayan

       
  • jpraman
    jpraman
    2012-12-10

    Hi Vikram,

    Also I am adding the program that we have referenced to test j-interop, Please let me know if any thing mistake in that code as well.

    public class EventLogListener {

    private static final String WMI_DEFAULT_NAMESPACE = "ROOT\\CIMV2";
    
    private static JISession configAndConnectDCom(String domain, String user,
            String pass) throws Exception {
        JISystem.getLogger().setLevel(Level.OFF);
    
        try {
            JISystem.setInBuiltLogHandler(false);
        } catch (IOException ignored) {
            ;
        }
    
        JISystem.setAutoRegisteration(true);
    
        JISession dcomSession = JISession.createSession(domain, user, pass);
        dcomSession.useSessionSecurity(true);
        return dcomSession;
    }
    
    private static IJIDispatch getWmiLocator(String host, JISession dcomSession)
            throws Exception {
        JIComServer wbemLocatorComObj = new JIComServer(
                JIProgId.valueOf("WbemScripting.SWbemLocator"), host,
                dcomSession);
        return (IJIDispatch) JIObjectFactory.narrowObject(wbemLocatorComObj
                .createInstance().queryInterface(IJIDispatch.IID));
    }
    
    private static IJIDispatch toIDispatch(JIVariant comObjectAsVariant)
            throws JIException {
        return (IJIDispatch) JIObjectFactory.narrowObject(comObjectAsVariant
                .getObjectAsComObject());
    }
    
    public static void main(String[] args) {
        String domain = null;
        String host = null;
        String user = null;
        String pass = null;
        Properties properties = new Properties();
    
        try {
            URL propertiesURL = PerformanceMonitor.class
                    .getResource("/credentials.properties");
            if (propertiesURL != null) {
                properties.load(propertiesURL.openStream());
    
                domain = properties.getProperty("domain").trim();
                host = properties.getProperty("ipaddress").trim();
                user = properties.getProperty("username").trim();
                pass = properties.getProperty("password").trim();
    
            }
        } catch (IOException e) {
            e.printStackTrace();
        } catch (Exception e) {
            e.printStackTrace();
        }
    
        JISession dcomSession = null;
    
        try {
            // Connect to DCOM on the remote system, and create an instance of
            // the WbemScripting.SWbemLocator object to talk to WMI.
            dcomSession = configAndConnectDCom(domain, user, pass);
            IJIDispatch wbemLocator = getWmiLocator(host, dcomSession);
    
            // Invoke the "ConnectServer" method on the SWbemLocator object via
            // it's IDispatch COM pointer. We will connect to
            // the default ROOT\CIMV2 namespace. This will result in us having a
            // reference to a "SWbemServices" object.
            JIVariant results[] = wbemLocator.callMethodA(
                    "ConnectServer",
                    new Object[] { new JIString(host),
                            new JIString(WMI_DEFAULT_NAMESPACE),
                            JIVariant.OPTIONAL_PARAM(),
                            JIVariant.OPTIONAL_PARAM(),
                            JIVariant.OPTIONAL_PARAM(),
                            JIVariant.OPTIONAL_PARAM(), new Integer(0),
                            JIVariant.OPTIONAL_PARAM() });
    
            IJIDispatch wbemServices = toIDispatch(results[0]);
    
            // Now that we have a SWbemServices DCOM object reference, we
            // prepare a WMI Query Language (WQL) request to be informed
            // whenever a
            // new instance of the "Win32_NTLogEvent" WMI class is created on
            // the remote host. This is submitted to the remote host via the
            // "ExecNotificationQuery" method on SWbemServices. This gives us
            // all events as they come in. Refer to WQL documentation to
            // learn how to restrict the query if you want a narrower focus.
            final String QUERY_FOR_ALL_LOG_EVENTS = "SELECT * FROM __InstanceCreationEvent WHERE TargetInstance ISA 'Win32_NTLogEvent'";
            final int RETURN_IMMEDIATE = 16;
            final int FORWARD_ONLY = 32;
    
            JIVariant[] eventSourceSet = wbemServices.callMethodA(
                    "ExecNotificationQuery", new Object[] {
                            new JIString(QUERY_FOR_ALL_LOG_EVENTS),
                            new JIString("WQL"),
                            new JIVariant(new Integer(RETURN_IMMEDIATE
                                    + FORWARD_ONLY)) });
            IJIDispatch wbemEventSource = (IJIDispatch) JIObjectFactory
                    .narrowObject((eventSourceSet[0]).getObjectAsComObject());
    
            // The result of the query is a SWbemEventSource object. This object
            // exposes a method that we can call in a loop to retrieve the
            // next Windows Event Log entry whenever it is created. This
            // "NextEvent" operation will block until we are given an event.
            // Note that you can specify timeouts, see the Microsoft
            // documentation for more details.
            while (true) {
                // this blocks until an event log entry appears.
                JIVariant eventAsVariant = (JIVariant) (wbemEventSource
                        .callMethodA("NextEvent",
                                new Object[] { JIVariant.OPTIONAL_PARAM() }))[0];
                IJIDispatch wbemEvent = toIDispatch(eventAsVariant);
    
                // WMI gives us events as SWbemObject instances (a base class of
                // any WMI object). We know in our case we asked for a specific
                // object
                // type, so we will go ahead and invoke methods supported by
                // that Win32_NTLogEvent class via the wbemEvent IDispatch
                // pointer.
                // In this case, we simply call the "GetObjectText_" method that
                // returns us the entire object as a CIM formatted string. We
                // could,
                // however, ask the object for its property values via
                // wbemEvent.get("PropertyName"). See the j-interop
                // documentation and examples
                // for how to query COM properties.
                JIVariant objTextAsVariant = (JIVariant) (wbemEvent
                        .callMethodA("GetObjectText_",
                                new Object[] { new Integer(1) }))[0];
                String asText = objTextAsVariant.getObjectAsString()
                        .getString();
                System.out.println(asText);
            }
        } catch (Exception e) {
            e.printStackTrace();
        } finally {
            if (null != dcomSession) {
                try {
                    JISession.destroySession(dcomSession);
                } catch (Exception ex) {
                    ex.printStackTrace();
                }
            }
        }
    }
    

    }

    Regards,
    Jayan

     
    Last edit: jpraman 2012-12-10
  • Hi,

    I can't find any capture. Please send it to professional support address (v i k r a m.r o o p c h a n d @ j - i n t e r o p. o r g) but please keep using this forum for all follow ups.

    thanks,
    best regards,
    Vikram

     
  • jpraman
    jpraman
    2012-12-11

    Hi Vikram,

    I had sent to your professional support address. Ok I will keep for all follow upds.

    Regards,
    Jayan