Support of Windows Vista / Windows 7
Brought to you by:
vikramrc
Menu
▾
▴
Hi,
first of all I will say that I don’t know if this will ever works but that’s why I will discuss this ;-).
The problem is on Windows Vista / Windows 7 and Windows 2008 you have to change the owner of registry entries from TrustedInstaller to Administrator(s) to make changes on this (see post from csturtz) and this could not be changed be an msi package, so you have to do this manually (or have someone a solution for this?).
The question is why does j-interop needs this changes and a vbs-script not?
In wireshark I could see that j-Interop does a first authentication and then it does a RemoteActivation, the vbs script does an nearly the same authentication but then it does a ISystemActivator RemoteCreateInstance.
So I try to change this in the JIComServer class by replacing in the init method:
with
I write a class for JISystemActivator (based on JIRemActivation), this class does not work correctly at the moment! Most of the request is hard coded:
The hard coded request works, but I could not decode the response.
Did you think this could work when we find out the correct encoding/decoding of the iSystemActivator interface (I found some documentation but I am not so familiar with c and the network protocols). If someone has an idea to this please let me know.
Kind regards
Björn
Hi,
j-Interop only uses the registry when you provide the ProgID (for getting the corresponding CLSID) or if the server returns "Class not registered" exception (and j-Interop is running with AutoRegistration set to "true") in which case it tries to register the COM server.
SystemActivator is supported by newer versions of DCOM. For all purposes the older version with RemActivation will suffice but if you want you can implement it fully and then submit a patch.
thanks,
best regards,
Vikram
Hi,
I get now a response from iSystemActivator and could decode most of the response. But now I get a ‘0x1C01000B Fault: nca_proto_error’ after the IRemUnknown2 RemQueryInterface (IWbemLoginClientId) request. Does anyone know how to debug this error or any other idea what I could do?
Thanks
Björn
PS: For more information see also http://dev.c-ware.de/confluence/display/PUBLIC/J-Interop+support+for+Windows+7+and+Windows+2008+Server+%28by+using+ISystemActivator%29+%28WIP%29
Hi,
This means that your handskake is not correct and APIs might have been called out of order. Can you read up the specs and check ?
thanks,
best regards,
Vikram
Hi Vikram,
yes, the api seems the to be called out of order. When I compare the wireshark capture of the vbs script and the one from j-interop the order is different and the call ids are also different.
Order of vbs script:
The j-interop wireshark capture is:
How could I influence the order and the callIds? (If this is a problem)
Have you some good specification document / or some keywords for me, I find mostly wireshark package description/ hacks etc. and the .pdf. In the pdf are the descriptions of the calls RemoteCreateInstance and RemQueryInterface, but not the correct call order (maybe I missed something).
Thanks
Kind regards
Björn
Hi,
ok it seems that the problem is that I comment out the properties session security (but not all). This has violates the protocol.
Now I get a new exception:
org.jinterop.dcom.common.JIException: The object invoked has disconnected from its clients. [0x80010108] at org.jinterop.dcom.core.JIRemUnknownServer.call(JIRemUnknownServer.java:156) at org.jinterop.dcom.core.JIRemUnknownServer.addRef_ReleaseRef(JIRemUnknownServer.java:181) at org.jinterop.dcom.core.JIComObjectImpl2.addRef(JIComObjectImpl2.java:116) at org.jinterop.dcom.core.JIComServer.createInstance(JIComServer.java:956) at org.jinterop.dcom.test.MSWMI2.<init>(MSWMI2.java:42) at org.jinterop.dcom.test.MSWMI2.main(MSWMI2.java:102) Caused by: rpc.FaultException: Received fault. (unknown) at rpc.ConnectionOrientedEndpoint.call(ConnectionOrientedEndpoint.java:141) at rpc.Stub.call(Stub.java:113) at org.jinterop.dcom.core.JIRemUnknownServer.call(JIRemUnknownServer.java:152) ... 5 moreI will do some more testing, but if someone have an idea how I can fix this or any other hint, please post it.
Thanks
Björn
Hi,
this error was caused by connecting to the wrong Object UUID, because it will be overwritten in the JIRemUnknownServer class method addRef_ReleaseRef with remunknownIPID.
Now I get an “Access is denied” it seems that the RemQueryInterface request needs authentication in this request.
Is it possible to add the needed authentication information to the request with the j-interop framework? (Auth type: NTLMSSP, Auth level: Packet (4))
Thanks
Björn
Hello Björn.
Did you make any progress in authenticating with the ISystemActivator?
We need to query win7 hosts without making any changes to the target host (like creating regKeys) and your approach looks promising.
Kind regards,
jens
Hi,
These (creating keys) and Authentication are two separate things. You might still need to create entries if the COM object is not registered on Target host.
thanks,
best regards,
Vikram
I am trying to solve the same problem, but I would like to suggest a different approach:
1. I noted that tools like WMIC (http://manpages.ubuntu.com/manpages/intrepid/man1/wmic.1.html), based on samba4 works against Vista/7/2008 machines.
2. I checked to code and also sniffed, it uses IWbemLevel1Login::NTLMLogin (http://msdn.microsoft.com/en-us/library/cc250759) which gives a ptr to IWbemServices.
This is what wmic does:
dcom_proxy_IUnknown_init(); dcom_proxy_IWbemLevel1Login_init(); dcom_proxy_IWbemServices_init(); dcom_proxy_IEnumWbemClassObject_init(); dcom_proxy_IRemUnknown_init(); dcom_proxy_IWbemFetchSmartEnum_init(); dcom_proxy_IWbemWCOSmartEnum_init(); struct com_context *ctx = NULL; com_init_ctx(&ctx, NULL, lp_ctx); dcom_client_init(ctx, cmdline_credentials); if (!args.ns) args.ns = "root\\cimv2"; result = WBEM_ConnectServer(ctx, args.hostname, args.ns, 0, 0, 0, 0, 0, 0, &pWS); WERR_CHECK("Login to remote object."); struct IEnumWbemClassObject *pEnum = NULL; result = IWbemServices_ExecQuery(pWS, ctx, "WQL", args.query, WBEM_FLAG_RETURN_IMMEDIATELY | WBEM_FLAG_ENSURE_LOCATABLE, NULL, &pEnum); WERR_CHECK("WMI query execute.");And this is what I am trying to do:
public static final String IID_IWbemLevel1Login = "F309AD18-D86A-11d0-A075-00C04FB68820"; public static final String CLSID_IWbemLevel1Login = "8BC3F05E-D86B-11d0-A075-00C04FB68820"; ... session = JISession.createSession(domain, user, password); session.useSessionSecurity(true); int timeout = 50000; session.setGlobalSocketTimeout(timeout); JIComServer winmgmtClass = new JIComServer(JIClsid.valueOf(CLSID_IWbemLevel1Login), hostName, session); IJIComObject winmgmt = winmgmtClass.createInstance(); IJIComObject wbemLevel1Login = winmgmt.queryInterface(IID_IWbemLevel1Login); JICallBuilder ntlmLoginCall = new JICallBuilder(!wbemLevel1Login.isDispatchSupported()); ntlmLoginCall.setOpnum(3); ntlmLoginCall.addInParamAsString("root\\CIMV2", JIFlags.FLAG_REPRESENTATION_STRING_LPWSTR); ntlmLoginCall.addInParamAsString("", JIFlags.FLAG_REPRESENTATION_STRING_LPWSTR); ntlmLoginCall.addInParamAsInt(0, JIFlags.FLAG_REPRESENTATION_VT_INT); Object services = new Object(); ntlmLoginCall.addOutParamAsObject(services,JIFlags.FLAG_REPRESENTATION_IDISPATCH_INVOKE); wbemLevel1Login.call(ntlmLoginCall);(i was playing with the in/out parameters quite a lots, but i guess I am not figuring this right, I also have sniffs of both methods - wmic and jinterop, but it seems jinterop generates encrypted buffer so I can't compare what i am doing wrong).
Any ideas?
oh - I forget an important issue: the wmic implementation for WBEM_ConnectServer
is
GUID_from_string(CLSID_WBEMLEVEL1LOGIN, &clsid); GUID_from_string(COM_IWBEMLEVEL1LOGIN_UUID, &iid); result = dcom_create_object(ctx, &clsid, server, 1, &iid, &mqi, &coresult); WERR_CHECK("dcom_create_object."); result = coresult; WERR_CHECK("Create remote WMI object."); pL = (struct IWbemLevel1Login *)mqi[0]; talloc_free(mqi); result = IWbemLevel1Login_NTLMLogin(pL, ctx, nspace, locale, flags, wbem_ctx, services); WERR_CHECK("Login to remote object.");And the error I am getting on the j-interop side is:
Recieved FAULT
org.jinterop.dcom.common.JIException: The stub received bad data. Please check whether the API has been called in the right way, with correct parameter formation.
Hi,
first you should turn of the encryption by setting:
After this you could compare the packages. But I am not sure if this will have success, because it seems that you using the normal j-interop activation, which requires the registry keys. Maybe they are already set for the IWbemLevel1Login.
If I have time I will have a closer look, but this could take a while … sorry.
Kind regards
Björn
Hi,
Thanks for the reply. seems that
For the problem of accessing 'out-of-the-box' Visa/7/2008 it seems that IWbemLevel1Login is already registered. So access WMI is possible. I got the sense many users needs this.
Strangely, when I try to set encryption to false, the
fails the following stack:
org.jinterop.dcom.common.JIException: Access is denied. [0x80070005] at org.jinterop.dcom.core.JIRemUnknownServer.call(JIRemUnknownServer.java:161) at org.jinterop.dcom.core.JIRemUnknownServer.addRef_ReleaseRef(JIRemUnknownServer.java:181) at org.jinterop.dcom.core.JISession.addRef_ReleaseRef(JISession.java:701) at org.jinterop.dcom.core.JIComObjectImpl.addRef(JIComObjectImpl.java:119) at org.jinterop.dcom.core.JIComServer.createInstance(JIComServer.java:739) at org.jinterop.dcom.test.WMIC.login(WMIC.java:52) at org.jinterop.dcom.test.WMIC.main(WMIC.java:34) Caused by: org.jinterop.dcom.common.JIRuntimeException: Access is denied. [0x80070005] at org.jinterop.dcom.core.JICallBuilder.readResult(JICallBuilder.java:985) at org.jinterop.dcom.core.JICallBuilder.read(JICallBuilder.java:877) at ndr.NdrObject.decode(NdrObject.java:36) at rpc.ConnectionOrientedEndpoint.call(ConnectionOrientedEndpoint.java:137) at rpc.Stub.call(Stub.java:113) at org.jinterop.dcom.core.JIRemUnknownServer.call(JIRemUnknownServer.java:152) ... 6 moreRegards, Danny.
Hi,
Encryption needs to be set , if I am not mistaken it operates at PCKT_PRIVACY level. I hope you are aware that IWbemXXX has a different marshalling scheme (it is another specification altogether). So we would need to add those structures from the top (something like ITypeLib, ITypeInfo classes in j-Interop).
thanks,
best regards,
Vikram
@dtylman
Hi,
did you're approach succeed? do you have working code? should I try to further investigate your lead?
Thanks
Hi,
I continued this some, until reaching the point which WMI queries are more or less working.
I have submitted a patch for this, I think; but can't find it now. This was about 6 month ago, so I don't really remember what is going on over there.
I can send you the patch if you'd like. Send me you e-mail.
Danny.
Published the patch here: https://sourceforge.net/tracker/?func=detail&aid=3562841&group_id=174727&atid=870384
Hi Danny !
I tried the patch and ran your test case. Fantastic job ! It works well with Windows Server 2003. However, with Windows Server 2008 it works only for the query Win32_OperatingSystem.
For example, I tried Win32_PerfFormattedData_PerfOS_Memory and Win32_PerfFormattedData_PerfOS_Processor and it throws an Exception at this line :
System.out.println(object.getName());
java.lang.ArrayIndexOutOfBoundsException: Array index out of range: 0
at org.jinterop.dcom.impls.wmi.CIMBuffer.getByte(CIMBuffer.java:68)
at org.jinterop.dcom.impls.wmi.structures.JICIMString.init(JICIMString.java:65)
at org.jinterop.dcom.impls.wmi.structures.JICIMString.readFrom(JICIMString.java:33)
at org.jinterop.dcom.impls.wmi.structures.JICIMHeap.getString(JICIMHeap.java:53)
at org.jinterop.dcom.impls.wmi.structures.JICIMInstanceType.getName(JICIMInstanceType.java:80)
at org.jinterop.dcom.test.WMICTest.executeQuery(WMICTest.java:48)
at org.jinterop.dcom.test.WMICTest.test(WMICTest.java:41)
at org.jinterop.dcom.test.WMICTest.main(WMICTest.java:28)
Any thoughts ?
Thanks,
Richard
Thanks! I'll test that.
Thanks for the patch, works like a charm for queries.
I've been trying to make methods work.
I tried to get the class object like this:
public JIWbemClassObject getObject(String path) throws JIException { final int OPNUM_GET_OBJECT = 3; JICallBuilder cb = new JICallBuilder(true); cb.setOpnum(OPNUM_GET_OBJECT); cb.addInParamAsString(path, JIFlags.FLAG_REPRESENTATION_STRING_BSTR); cb.addInParamAsInt(0x00000000, JIFlags.FLAG_NULL); //I also tried cb.addInParamAsInt(0x00000010, JIFlags.FLAG_NULL); and getting the IWbemCallResult cb.addInParamAsPointer(new JIPointer(null), JIFlags.FLAG_NULL); cb.addOutParamAsType(IJIComObject.class, JIFlags.FLAG_NULL); // IWbemClassObject cb.addInParamAsPointer(new JIPointer(null), JIFlags.FLAG_NULL); // Object[] res = this.iface.call(cb); return new JIWbemClassObject((IJIComObject) res[0]); }The problem is I'm getting in the result an empty com object as a result, and if I'm using your decode function instead of trying to get a com object the buffer consists of zeros.
Do you have any Idea what I'm doing wrong here?
Hi
I was also trying to create objects for method invocation. If i remember correctly, the problem is that there is a completely different protocol for methods and objects which has different encoding. But It has been long time and i don't remember anymore.. sorry..
I did it long time ago, and I was learning from the IDL and sniffing. My starting point was the WMIC implementation of samba4. Maybe there is some progress on samba4 that can give you a clue to how objects are encoded.
Danny.
Danny is correct. IWBemClassObject's are encoded per the specification. It is a very challenging specification to implement. If you google for you will see it.
Thanks for the fast response!
I will try to implement it, but I can't seem to get any response. the
that should contain the buffer contains 20 zeros. I'm missing something more fundamental here…