Jump to content
Dirk-HH-83

Exchange 2010 SP3 Update Probleme / bzw. ggf. auch AD Probleme

Recommended Posts

Hallo, 

 

ein Exchange 2010 soll upgedated werden und es kommt u.g. Rechte Fehlermeldung wenn wir es mit Domänenadmin oder einem Zwei-Admin starten.

Vorhanden:EXCHANGE Version 14.3 (Build 123.4)  2010SP3   12. Feb 2013  auch Windows Server 2008 Sp2

  Das Update scheint ja ohne Zwischenschritte möglich laut: : https://www.msxfaq.de/exchange/update/servicepack2010.htm

https://practical365.com/exchange-server/faq-order-install-service-packs-update-rollups-cumulative-updates/

If you're already running Exchange 2010 SP3, you can just apply the latest update rollup. You can update directly to the latest update rollup. For example, if you're running SP3 with UR10, you can apply update rollup 14 without installing UR11, UR12, and UR13 first.

 

Ziel: aktuelles CU installieren - damit er "up2date ist"

Das eigentliche Ziel ist Zertifikat verlängern. (selbst erstellt, kein Zertifikat von PSW vorhanden)

 

Es gibt sporadisch Kuriositäten / Meckermeldung das Domaincontroller  nicht gefunden wird. 

Die Exchange Konsole hat sich über Kerberus beschwert. (nach einiger Zeit + Neustart ging es)

 

Eins der aktuelle CU´s heißt: 2010SP3RU27 14.3.452.0 Rollup 27 For Exchange 2010 SP3 (KB4491413)

 

Beim CU Setup starten kommt diese Fehlermeldung: 

 

Product: Microsoft Exchange Server -- The user who's currently logged on doesn't have sufficient permissions to install this package. You need at least Exchange Server Administrator permissions on the current computer to complete this task.

 

The user who's currently logged on doesn't have sufficient permissions to install this package. You need at least Exchange Server Administrator permissions on the current computer to complete this task.
=== Logging stopped: 28.08.2019  17:19:36 ===
 

 

besten dank für eine Idee vorab!
 

EDIT: 

Hallo, 

 

es sieht ja eher nach WMI Ärger  aus:    Wenn ich MSinfo32 öffne kann nix angezeigt werden "Informationen können nicht zusammengestellt werden")

(es ist eine VM unter esxi 5.5)

 

Exchange Powershell mit rechtsklick Administrator öffnen zeigt diesen Status:

 

[PS] C:\Windows\system32>Test-ServiceHealth
Aufgrund folgenden Fehlers konnten keine Informationen zu den Exchange-Diensten abgerufen werden, die Windows Managemen
t Instrumentation (WMI) verwenden: WMI-Ausnahme auf Server 'Exchange.domain.local': Der angegebene Dienst kann nicht
gestartet werden. Er ist deaktiviert oder nicht mit aktivierten Geräten verbunden. (Ausnahme von HRESULT: 0x80070422).
    + CategoryInfo          : ReadError: (:) [Test-ServiceHealth], ServiceHealthWmiFailureException
    + FullyQualifiedErrorId : C88E5657,Microsoft.Exchange.Monitoring.TestServiceHealth

 

Das Thema scheint nicht unbekannt zu sein:

(diese beiden Boxen lassen sich gerade nicht löschen)


 

Edited by Dirk-HH-83

Share this post


Link to post
Share on other sites
vor 4 Stunden schrieb Dirk-HH-83:

Product: Microsoft Exchange Server -- The user who's currently logged on doesn't have sufficient permissions to install this package. You need at least Exchange Server Administrator permissions on the current computer to complete this task.

In welchen Gruppen ist der Nutzer denn Mitglied? Die Fehlermeldung sagt ja eigentlich ausreichend viel aus. Sicher, dass du mit einem Dom-Account angemeldet bist und nicht mit dem lokalen Admin der blöderweise das selbe Kennwort hat?

Share this post


Link to post
Share on other sites

Moin, 

 

ja, ziemlich sicher das der Domänen-Admin verwendet wurde.

Ob das heruntergeladene Servicepack jedoch vorher mit Rechtsklick - Eigenschaften und unten auf ZULASSEN  betätigt wurde muss ich fragen.

 

+++

 

sfc = OK

 

Microsoft Windows [Version 6.1.7601]
Copyright (c) 2009 Microsoft Corporation. Alle Rechte vorbehalten.

C:\Users\Administrator.contoso>sfc /scannow

Systemsuche wird gestartet. Dieser Vorgang kann einige Zeit dauern.

Überprüfungsphase der Systemsuche wird gestartet.
Überprüfung 100 % abgeschlossen.

Der Windows-Ressourcenschutz hat keine Integritätsverletzungen gefunden.

+++

 

WMI-Repository is konsistent.

Microsoft Windows [Version 6.1.7601]

Copyright (c) 2009 Microsoft Corporation. Alle Rechte vorbehalten

C:\Windows\system32>winmgmt /salvagerepository
Das WMI-Repository ist konsistent.

 

+++

 

wmi diag ist leider kryptisch:

 

1684 20:13:49 (0) ** WMIDiag v2.2 started on Mittwoch, 28. August 2019 at 20:13.
.1685 20:13:49 (0) ** 
.1686 20:13:49 (0) ** Copyright (c) Microsoft Corporation. All rights reserved - July 2007.
.1687 20:13:49 (0) ** 
.1688 20:13:49 (0) ** This script is not supported under any Microsoft standard support program or service.
.1689 20:13:49 (0) ** The script is provided AS IS without warranty of any kind. Microsoft further disclaims all
.1690 20:13:49 (0) ** implied warranties including, without limitation, any implied warranties of merchantability
.1691 20:13:49 (0) ** or of fitness for a particular purpose. The entire risk arising out of the use or performance
.1692 20:13:49 (0) ** of the scripts and documentation remains with you. In no event shall Microsoft, its authors,
.1693 20:13:49 (0) ** or anyone else involved in the creation, production, or delivery of the script be liable for
.1694 20:13:49 (0) ** any damages whatsoever (including, without limitation, damages for loss of business profits,
.1695 20:13:49 (0) ** business interruption, loss of business information, or other pecuniary loss) arising out of
.1696 20:13:49 (0) ** the use of or inability to use the script or documentation, even if Microsoft has been advised
.1697 20:13:49 (0) ** of the possibility of such damages.
.1698 20:13:49 (0) ** 
.1699 20:13:49 (0) ** 
.1700 20:13:49 (0) ** ----------------------------------------------------------------------------------------------------------------------------------
.1701 20:13:49 (0) ** ----------------------------------------------------- WMI REPORT: BEGIN ----------------------------------------------------------
.1702 20:13:49 (0) ** ----------------------------------------------------------------------------------------------------------------------------------
.1703 20:13:49 (0) ** 
.1704 20:13:49 (0) ** ----------------------------------------------------------------------------------------------------------------------------------
.1705 20:13:49 (0) ** Windows Server 2008 R2 - Service pack 1 - 64-bit (7601) - User 'contoso\ADMINISTRATOR' on computer 'EXCHANGE'.
.1706 20:13:49 (0) ** ----------------------------------------------------------------------------------------------------------------------------------
.1707 20:13:49 (0) ** Environment: ........................................................................................................ OK.
.1708 20:13:49 (0) ** There are no missing WMI system files: .............................................................................. OK.
.1709 20:13:49 (0) ** There are no missing WMI repository files: .......................................................................... OK.
.1710 20:13:49 (0) ** WMI repository state: ............................................................................................... N/A.
.1711 20:13:49 (0) ** AFTER running WMIDiag:
.1712 20:13:49 (0) ** The WMI repository has a size of: ................................................................................... 25 MB.
.1713 20:13:49 (0) ** - Disk free space on 'C:': .......................................................................................... 20248 MB.
.1714 20:13:49 (0) ** - INDEX.BTR, 5136384 bytes,   05.12.2014 15:17:54
.1715 20:13:49 (0) **   - MAPPING1.MAP,                  68072 bytes,        05.12.2014 15:07:02
.1716 20:13:49 (0) **   - MAPPING2.MAP,                  68072 bytes,        05.12.2014 15:17:54
.1717 20:13:49 (0) ** - OBJECTS.DATA, 20742144 bytes,  05.12.2014 15:17:54
.1718 20:13:49 (0) ** ----------------------------------------------------------------------------------------------------------------------------------
.1719 20:13:49 (0) ** INFO: Windows Firewall status: ...................................................................................... ENABLED.
.1720 20:13:49 (0) ** Windows Firewall Profile: ........................................................................................... DOMAIN.
.1721 20:13:49 (0) ** Inbound connections that do not match a rule BLOCKED: ............................................................... ENABLED.
.1722 20:13:49 (0) ** => This will prevent any WMI remote connectivity to this computer except
.1723 20:13:49 (0) **    if the following three inbound rules are ENABLED and non-BLOCKING:
.1724 20:13:49 (0) **    - 'Windows Management Instrumentation (DCOM-In)'
.1725 20:13:49 (0) **    - 'Windows Management Instrumentation (WMI-In)'
.1726 20:13:49 (0) **    - 'Windows Management Instrumentation (ASync-In)'
.1727 20:13:49 (0) **    Verify the reported status for each of these three inbound rules below.
.1728 20:13:49 (0) ** 
.1729 20:13:49 (0) ** Windows Firewall 'Windows Management Instrumentation (WMI)' group rule: ............................................. DISABLED.
.1730 20:13:49 (0) ** => This will prevent any WMI remote connectivity to/from this machine.
.1731 20:13:49 (0) **    - You can adjust the configuration by executing the following command:
.1732 20:13:49 (0) **    i.e. 'NETSH.EXE ADVFIREWALL FIREWALL SET RULE GROUP="Windows Management Instrumentation (WMI)" NEW ENABLE=YES'
.1733 20:13:49 (0) ** Note: With this command all inbound and outbound WMI rules are activated at once!
.1734 20:13:49 (0) **       You can also enable each individual rule instead of activating the group rule.
.1735 20:13:49 (0) ** 
.1736 20:13:49 (0) ** ----------------------------------------------------------------------------------------------------------------------------------
.1737 20:13:49 (2) !! WARNING: DCOM Status: ............................................................................................... WARNING!
.1738 20:13:49 (2) !! WARNING: => The DCOM Default Impersonation is NOT set to 'Identify'.
.1739 20:13:49 (0) **    This could prevent WMI to work correctly.
.1740 20:13:49 (0) **    You can fix the DCOM configuration by:
.1741 20:13:49 (0) **    - Executing the 'DCOMCNFG.EXE' command.
.1742 20:13:49 (0) **    - Expanding 'Component Services' and 'Computers' nodes.
.1743 20:13:49 (0) **    - Editing properties of 'My Computer' node.
.1744 20:13:49 (0) **    - Editing the 'Default properties' tab.
.1745 20:13:49 (0) **    - Set the 'Default Impersonation level' listbox to 'Identify'.
.1746 20:13:49 (0) **    From the command line, the DCOM configuration can be corrected with the following command:
.1747 20:13:49 (0) **    i.e. 'REG.EXE Add HKLM\SOFTWARE\Microsoft\Ole /v LegacyImpersonationLevel /t REG_DWORD /d 2 /f'
.1748 20:13:49 (0) ** 
.1749 20:13:49 (1) !! ERROR: WMI registry setup: .......................................................................................... DISABLED!
.1750 20:13:49 (0) ** => The WMI service automatic startup is DISABLED!
.1751 20:13:49 (0) **    - It is a best practice for manageability purposes to start
.1752 20:13:49 (0) **      the WMI service at computer startup (automactic startup).
.1753 20:13:49 (0) ** => The service startup state can be changed with the SERVICES MMC snap-in.
.1754 20:13:49 (0) **    or with the the command:
.1755 20:13:49 (0) **    i.e. 'SC.EXE CONFIG WINMGMT START= AUTO'
.1756 20:13:49 (0) **    Note: The SC.EXE command is available in the Windows Resource Kit.
.1757 20:13:49 (0) ** => You can also check the registry key setup further in this report.
.1758 20:13:49 (0) ** 
.1759 20:13:49 (0) ** INFO: WMI service has dependents: ................................................................................... 1 SERVICE(S)!
.1760 20:13:49 (0) ** - Internet Connection Sharing (ICS) (SHAREDACCESS, StartMode='Disabled')
.1761 20:13:49 (0) ** => If the WMI service is stopped, the listed service(s) will have to be stopped as well.
.1762 20:13:49 (0) **    Note: If the service is marked with (*), it means that the service/application uses WMI but
.1763 20:13:49 (0) **          there is no hard dependency on WMI. However, if the WMI service is stopped,
.1764 20:13:49 (0) **          this can prevent the service/application to work as expected.
.1765 20:13:49 (0) ** 
.1766 20:13:49 (0) ** RPCSS service: ...................................................................................................... OK (Already started).
.1767 20:13:49 (0) ** ----------------------------------------------------------------------------------------------------------------------------------
.1768 20:13:49 (0) ** WMI service DCOM setup: ............................................................................................. OK.
.1769 20:13:49 (0) ** WMI components DCOM registrations: .................................................................................. OK.
.1770 20:13:49 (0) ** WMI ProgID registrations: ........................................................................................... OK.
.1771 20:13:49 (0) ** WMI provider DCOM registrations: .................................................................................... OK.
.1772 20:13:49 (0) ** WMI provider CIM registrations: ..................................................................................... OK.
.1773 20:13:49 (0) ** WMI provider CLSIDs: ................................................................................................ OK.
.1774 20:13:49 (0) ** WMI providers EXE/DLL availability: ................................................................................. OK.
.1775 20:13:49 (0) ** ----------------------------------------------------------------------------------------------------------------------------------
.1776 20:13:49 (0) ** INFO: User Account Control (UAC): ................................................................................... ENABLED.
.1777 20:13:49 (0) ** => WMI tasks requiring Administrative privileges on this computer MUST run in an elevated context.
.1778 20:13:49 (0) **    i.e. You can start your scripts or WMIC commands from an elevated command
.1779 20:13:49 (0) **         prompt by right clicking on the 'Command Prompt' icon in the Start Menu and
.1780 20:13:49 (0) **         selecting 'Run as Administrator'.
.1781 20:13:49 (0) **    i.e. You can also execute the WMI scripts or WMIC commands as a task
.1782 20:13:49 (0) **         in the Task Scheduler within the right security context.
.1783 20:13:49 (0) ** 
.1784 20:13:49 (0) ** INFO: Local Account Filtering: ...................................................................................... ENABLED.
.1785 20:13:49 (0) ** => WMI tasks remotely accessing WMI information on this computer and requiring Administrative
.1786 20:13:49 (0) **    privileges MUST use a DOMAIN account part of the Local Administrators group of this computer
.1787 20:13:49 (0) **    to ensure that administrative privileges are granted. If a Local User account is used for remote
.1788 20:13:49 (0) **    accesses, it will be reduced to a plain user (filtered token), even if it is part of the Local Administrators group.
.1789 20:13:49 (0) ** 
.1790 20:13:49 (0) ** DCOM security for 'My Computer' (Access Permissions/Edit Limits): ................................................... MODIFIED.
.1791 20:13:49 (1) !! ERROR: Default trustee 'NT AUTHORITY\ANONYMOUS LOGON' has been REMOVED!
.1792 20:13:49 (0) **        - REMOVED ACE:
.1793 20:13:49 (0) **          ACEType:  &h0
.1794 20:13:49 (0) **                    ACCESS_ALLOWED_ACE_TYPE
.1795 20:13:49 (0) **          ACEFlags: &h0
.1796 20:13:49 (0) **          ACEMask:  &h7
.1797 20:13:49 (0) **                    DCOM_RIGHT_EXECUTE
.1798 20:13:49 (0) **                    DCOM_RIGHT_ACCESS_LOCAL
.1799 20:13:49 (0) **                    DCOM_RIGHT_ACCESS_REMOTE
.1800 20:13:49 (0) ** 
.1801 20:13:49 (0) ** => The REMOVED ACE was part of the DEFAULT setup for the trustee.
.1802 20:13:49 (0) **    Removing default security will cause some operations to fail!
.1803 20:13:49 (0) **    It is possible to fix this issue by editing the security descriptor and adding the ACE.
.1804 20:13:49 (0) **    For DCOM objects, this can be done with 'DCOMCNFG.EXE'.
.1805 20:13:49 (0) ** 
.1806 20:13:49 (0) ** DCOM security for 'My Computer' (Access Permissions/Edit Limits): ................................................... MODIFIED.
.1807 20:13:49 (1) !! ERROR: Default trustee 'BUILTIN\PERFORMANCE LOG USERS' has been REMOVED!
.1808 20:13:49 (0) **        - REMOVED ACE:
.1809 20:13:49 (0) **          ACEType:  &h0
.1810 20:13:49 (0) **                    ACCESS_ALLOWED_ACE_TYPE
.1811 20:13:49 (0) **          ACEFlags: &h0
.1812 20:13:49 (0) **          ACEMask:  &h7
.1813 20:13:49 (0) **                    DCOM_RIGHT_EXECUTE
.1814 20:13:49 (0) **                    DCOM_RIGHT_ACCESS_LOCAL
.1815 20:13:49 (0) **                    DCOM_RIGHT_ACCESS_REMOTE
.1816 20:13:49 (0) ** 
.1817 20:13:49 (0) ** => The REMOVED ACE was part of the DEFAULT setup for the trustee.
.1818 20:13:49 (0) **    Removing default security will cause some operations to fail!
.1819 20:13:49 (0) **    It is possible to fix this issue by editing the security descriptor and adding the ACE.
.1820 20:13:49 (0) **    For DCOM objects, this can be done with 'DCOMCNFG.EXE'.
.1821 20:13:49 (0) ** 
.1822 20:13:49 (0) ** DCOM security for 'My Computer' (Access Permissions/Edit Limits): ................................................... MODIFIED.
.1823 20:13:49 (1) !! ERROR: Default trustee 'EVERYONE' has been REMOVED!
.1824 20:13:49 (0) **        - REMOVED ACE:
.1825 20:13:49 (0) **          ACEType:  &h0
.1826 20:13:49 (0) **                    ACCESS_ALLOWED_ACE_TYPE
.1827 20:13:49 (0) **          ACEFlags: &h0
.1828 20:13:49 (0) **          ACEMask:  &h7
.1829 20:13:49 (0) **                    DCOM_RIGHT_EXECUTE
.1830 20:13:49 (0) **                    DCOM_RIGHT_ACCESS_LOCAL
.1831 20:13:49 (0) **                    DCOM_RIGHT_ACCESS_REMOTE
.1832 20:13:49 (0) ** 
.1833 20:13:49 (0) ** => The REMOVED ACE was part of the DEFAULT setup for the trustee.
.1834 20:13:49 (0) **    Removing default security will cause some operations to fail!
.1835 20:13:49 (0) **    It is possible to fix this issue by editing the security descriptor and adding the ACE.
.1836 20:13:49 (0) **    For DCOM objects, this can be done with 'DCOMCNFG.EXE'.
.1837 20:13:49 (0) ** 
.1838 20:13:49 (0) ** DCOM security for 'My Computer' (Launch & Activation Permissions/Edit Default): ..................................... MODIFIED.
.1839 20:13:49 (1) !! ERROR: Default trustee 'BUILTIN\ADMINISTRATORS' has been REMOVED!
.1840 20:13:49 (0) **        - REMOVED ACE:
.1841 20:13:49 (0) **          ACEType:  &h0
.1842 20:13:49 (0) **                    ACCESS_ALLOWED_ACE_TYPE
.1843 20:13:49 (0) **          ACEFlags: &h0
.1844 20:13:49 (0) **          ACEMask:  &h1F
.1845 20:13:49 (0) **                    DCOM_RIGHT_EXECUTE
.1846 20:13:49 (0) **                    DCOM_RIGHT_LAUNCH_LOCAL
.1847 20:13:49 (0) **                    DCOM_RIGHT_LAUNCH_REMOTE
.1848 20:13:49 (0) **                    DCOM_RIGHT_ACTIVATE_LOCAL
.1849 20:13:49 (0) **                    DCOM_RIGHT_ACTIVATE_REMOTE
.1850 20:13:49 (0) ** 
.1851 20:13:49 (0) ** => The REMOVED ACE was part of the DEFAULT setup for the trustee.
.1852 20:13:49 (0) **    Removing default security will cause some operations to fail!
.1853 20:13:49 (0) **    It is possible to fix this issue by editing the security descriptor and adding the ACE.
.1854 20:13:49 (0) **    For DCOM objects, this can be done with 'DCOMCNFG.EXE'.
.1855 20:13:49 (0) ** 
.1856 20:13:49 (0) ** DCOM security for 'My Computer' (Launch & Activation Permissions/Edit Default): ..................................... MODIFIED.
.1857 20:13:49 (1) !! ERROR: Default trustee 'NT AUTHORITY\INTERACTIVE' has been REMOVED!
.1858 20:13:49 (0) **        - REMOVED ACE:
.1859 20:13:49 (0) **          ACEType:  &h0
.1860 20:13:49 (0) **                    ACCESS_ALLOWED_ACE_TYPE
.1861 20:13:49 (0) **          ACEFlags: &h0
.1862 20:13:49 (0) **          ACEMask:  &h1F
.1863 20:13:49 (0) **                    DCOM_RIGHT_EXECUTE
.1864 20:13:49 (0) **                    DCOM_RIGHT_LAUNCH_LOCAL
.1865 20:13:49 (0) **                    DCOM_RIGHT_LAUNCH_REMOTE
.1866 20:13:49 (0) **                    DCOM_RIGHT_ACTIVATE_LOCAL
.1867 20:13:49 (0) **                    DCOM_RIGHT_ACTIVATE_REMOTE
.1868 20:13:49 (0) ** 
.1869 20:13:49 (0) ** => The REMOVED ACE was part of the DEFAULT setup for the trustee.
.1870 20:13:49 (0) **    Removing default security will cause some operations to fail!
.1871 20:13:49 (0) **    It is possible to fix this issue by editing the security descriptor and adding the ACE.
.1872 20:13:49 (0) **    For DCOM objects, this can be done with 'DCOMCNFG.EXE'.
.1873 20:13:49 (0) ** 
.1874 20:13:49 (0) ** DCOM security for 'My Computer' (Launch & Activation Permissions/Edit Default): ..................................... MODIFIED.
.1875 20:13:49 (1) !! ERROR: Default trustee 'NT AUTHORITY\SYSTEM' has been REMOVED!
.1876 20:13:49 (0) **        - REMOVED ACE:
.1877 20:13:49 (0) **          ACEType:  &h0
.1878 20:13:49 (0) **                    ACCESS_ALLOWED_ACE_TYPE
.1879 20:13:49 (0) **          ACEFlags: &h0
.1880 20:13:49 (0) **          ACEMask:  &h1F
.1881 20:13:49 (0) **                    DCOM_RIGHT_EXECUTE
.1882 20:13:49 (0) **                    DCOM_RIGHT_LAUNCH_LOCAL
.1883 20:13:49 (0) **                    DCOM_RIGHT_LAUNCH_REMOTE
.1884 20:13:49 (0) **                    DCOM_RIGHT_ACTIVATE_LOCAL
.1885 20:13:49 (0) **                    DCOM_RIGHT_ACTIVATE_REMOTE
.1886 20:13:49 (0) ** 
.1887 20:13:49 (0) ** => The REMOVED ACE was part of the DEFAULT setup for the trustee.
.1888 20:13:49 (0) **    Removing default security will cause some operations to fail!
.1889 20:13:49 (0) **    It is possible to fix this issue by editing the security descriptor and adding the ACE.
.1890 20:13:49 (0) **    For DCOM objects, this can be done with 'DCOMCNFG.EXE'.
.1891 20:13:49 (0) ** 
.1892 20:13:49 (0) ** DCOM security for 'My Computer' (Launch & Activation Permissions/Edit Limits): ...................................... MODIFIED.
.1893 20:13:49 (1) !! ERROR: Default trustee 'BUILTIN\ADMINISTRATORS' has been REMOVED!
.1894 20:13:49 (0) **        - REMOVED ACE:
.1895 20:13:49 (0) **          ACEType:  &h0
.1896 20:13:49 (0) **                    ACCESS_ALLOWED_ACE_TYPE
.1897 20:13:49 (0) **          ACEFlags: &h0
.1898 20:13:49 (0) **          ACEMask:  &h1F
.1899 20:13:49 (0) **                    DCOM_RIGHT_EXECUTE
.1900 20:13:49 (0) **                    DCOM_RIGHT_LAUNCH_LOCAL
.1901 20:13:49 (0) **                    DCOM_RIGHT_LAUNCH_REMOTE
.1902 20:13:49 (0) **                    DCOM_RIGHT_ACTIVATE_LOCAL
.1903 20:13:49 (0) **                    DCOM_RIGHT_ACTIVATE_REMOTE
.1904 20:13:49 (0) ** 
.1905 20:13:49 (0) ** => The REMOVED ACE was part of the DEFAULT setup for the trustee.
.1906 20:13:49 (0) **    Removing default security will cause some operations to fail!
.1907 20:13:49 (0) **    It is possible to fix this issue by editing the security descriptor and adding the ACE.
.1908 20:13:49 (0) **    For DCOM objects, this can be done with 'DCOMCNFG.EXE'.
.1909 20:13:49 (0) ** 
.1910 20:13:49 (0) ** DCOM security for 'My Computer' (Launch & Activation Permissions/Edit Limits): ...................................... MODIFIED.
.1911 20:13:49 (1) !! ERROR: Default trustee 'BUILTIN\PERFORMANCE LOG USERS' has been REMOVED!
.1912 20:13:49 (0) **        - REMOVED ACE:
.1913 20:13:49 (0) **          ACEType:  &h0
.1914 20:13:49 (0) **                    ACCESS_ALLOWED_ACE_TYPE
.1915 20:13:49 (0) **          ACEFlags: &h0
.1916 20:13:49 (0) **          ACEMask:  &h1F
.1917 20:13:49 (0) **                    DCOM_RIGHT_EXECUTE
.1918 20:13:49 (0) **                    DCOM_RIGHT_LAUNCH_LOCAL
.1919 20:13:49 (0) **                    DCOM_RIGHT_LAUNCH_REMOTE
.1920 20:13:49 (0) **                    DCOM_RIGHT_ACTIVATE_LOCAL
.1921 20:13:49 (0) **                    DCOM_RIGHT_ACTIVATE_REMOTE
.1922 20:13:49 (0) ** 
.1923 20:13:49 (0) ** => The REMOVED ACE was part of the DEFAULT setup for the trustee.
.1924 20:13:49 (0) **    Removing default security will cause some operations to fail!
.1925 20:13:49 (0) **    It is possible to fix this issue by editing the security descriptor and adding the ACE.
.1926 20:13:49 (0) **    For DCOM objects, this can be done with 'DCOMCNFG.EXE'.
.1927 20:13:49 (0) ** 
.1928 20:13:49 (0) ** DCOM security for 'My Computer' (Launch & Activation Permissions/Edit Limits): ...................................... MODIFIED.
.1929 20:13:49 (1) !! ERROR: Default trustee 'EVERYONE' has been REMOVED!
.1930 20:13:49 (0) **        - REMOVED ACE:
.1931 20:13:49 (0) **          ACEType:  &h0
.1932 20:13:49 (0) **                    ACCESS_ALLOWED_ACE_TYPE
.1933 20:13:49 (0) **          ACEFlags: &h0
.1934 20:13:49 (0) **          ACEMask:  &hB
.1935 20:13:49 (0) **                    DCOM_RIGHT_EXECUTE
.1936 20:13:49 (0) **                    DCOM_RIGHT_LAUNCH_LOCAL
.1937 20:13:49 (0) **                    DCOM_RIGHT_ACTIVATE_LOCAL
.1938 20:13:49 (0) ** 
.1939 20:13:49 (0) ** => The REMOVED ACE was part of the DEFAULT setup for the trustee.
.1940 20:13:49 (0) **    Removing default security will cause some operations to fail!
.1941 20:13:49 (0) **    It is possible to fix this issue by editing the security descriptor and adding the ACE.
.1942 20:13:49 (0) **    For DCOM objects, this can be done with 'DCOMCNFG.EXE'.
.1943 20:13:49 (0) ** 
.1944 20:13:49 (0) ** DCOM security for 'Microsoft WMI Provider Subsystem Host' (Launch & Activation Permissions): ........................ MODIFIED.
.1945 20:13:49 (1) !! ERROR: Default trustee 'BUILTIN\ADMINISTRATORS' has been REMOVED!
.1946 20:13:49 (0) **        - REMOVED ACE:
.1947 20:13:49 (0) **          ACEType:  &h0
.1948 20:13:49 (0) **                    ACCESS_ALLOWED_ACE_TYPE
.1949 20:13:49 (0) **          ACEFlags: &h0
.1950 20:13:49 (0) **          ACEMask:  &h1F
.1951 20:13:49 (0) **                    DCOM_RIGHT_EXECUTE
.1952 20:13:49 (0) **                    DCOM_RIGHT_LAUNCH_LOCAL
.1953 20:13:49 (0) **                    DCOM_RIGHT_LAUNCH_REMOTE
.1954 20:13:49 (0) **                    DCOM_RIGHT_ACTIVATE_LOCAL
.1955 20:13:49 (0) **                    DCOM_RIGHT_ACTIVATE_REMOTE
.1956 20:13:49 (0) ** 
.1957 20:13:49 (0) ** => The REMOVED ACE was part of the DEFAULT setup for the trustee.
.1958 20:13:49 (0) **    Removing default security will cause some operations to fail!
.1959 20:13:49 (0) **    It is possible to fix this issue by editing the security descriptor and adding the ACE.
.1960 20:13:49 (0) **    For DCOM objects, this can be done with 'DCOMCNFG.EXE'.
.1961 20:13:49 (0) ** 
.1962 20:13:49 (0) ** DCOM security for 'Microsoft WMI Provider Subsystem Host' (Launch & Activation Permissions): ........................ MODIFIED.
.1963 20:13:49 (1) !! ERROR: Default trustee 'NT AUTHORITY\INTERACTIVE' has been REMOVED!
.1964 20:13:49 (0) **        - REMOVED ACE:
.1965 20:13:49 (0) **          ACEType:  &h0
.1966 20:13:49 (0) **                    ACCESS_ALLOWED_ACE_TYPE
.1967 20:13:49 (0) **          ACEFlags: &h0
.1968 20:13:49 (0) **          ACEMask:  &h1F
.1969 20:13:49 (0) **                    DCOM_RIGHT_EXECUTE
.1970 20:13:49 (0) **                    DCOM_RIGHT_LAUNCH_LOCAL
.1971 20:13:49 (0) **                    DCOM_RIGHT_LAUNCH_REMOTE
.1972 20:13:49 (0) **                    DCOM_RIGHT_ACTIVATE_LOCAL
.1973 20:13:49 (0) **                    DCOM_RIGHT_ACTIVATE_REMOTE
.1974 20:13:49 (0) ** 
.1975 20:13:49 (0) ** => The REMOVED ACE was part of the DEFAULT setup for the trustee.
.1976 20:13:49 (0) **    Removing default security will cause some operations to fail!
.1977 20:13:49 (0) **    It is possible to fix this issue by editing the security descriptor and adding the ACE.
.1978 20:13:49 (0) **    For DCOM objects, this can be done with 'DCOMCNFG.EXE'.
.1979 20:13:49 (0) ** 
.1980 20:13:49 (0) ** DCOM security for 'Microsoft WMI Provider Subsystem Host' (Launch & Activation Permissions): ........................ MODIFIED.
.1981 20:13:49 (1) !! ERROR: Default trustee 'NT AUTHORITY\SYSTEM' has been REMOVED!
.1982 20:13:49 (0) **        - REMOVED ACE:
.1983 20:13:49 (0) **          ACEType:  &h0
.1984 20:13:49 (0) **                    ACCESS_ALLOWED_ACE_TYPE
.1985 20:13:49 (0) **          ACEFlags: &h0
.1986 20:13:49 (0) **          ACEMask:  &h1F
.1987 20:13:49 (0) **                    DCOM_RIGHT_EXECUTE
.1988 20:13:49 (0) **                    DCOM_RIGHT_LAUNCH_LOCAL
.1989 20:13:49 (0) **                    DCOM_RIGHT_LAUNCH_REMOTE
.1990 20:13:49 (0) **                    DCOM_RIGHT_ACTIVATE_LOCAL
.1991 20:13:49 (0) **                    DCOM_RIGHT_ACTIVATE_REMOTE
.1992 20:13:49 (0) ** 
.1993 20:13:49 (0) ** => The REMOVED ACE was part of the DEFAULT setup for the trustee.
.1994 20:13:49 (0) **    Removing default security will cause some operations to fail!
.1995 20:13:49 (0) **    It is possible to fix this issue by editing the security descriptor and adding the ACE.
.1996 20:13:49 (0) **    For DCOM objects, this can be done with 'DCOMCNFG.EXE'.
.1997 20:13:49 (0) ** 
.1998 20:13:49 (0) ** DCOM security for 'Microsoft WMI Provider Subsystem Host' (Launch & Activation Permissions): ........................ MODIFIED.
.1999 20:13:49 (1) !! ERROR: Default trustee 'NT AUTHORITY\NETWORK SERVICE' has been REMOVED!
.2000 20:13:49 (0) **        - REMOVED ACE:
.2001 20:13:49 (0) **          ACEType:  &h0
.2002 20:13:49 (0) **                    ACCESS_ALLOWED_ACE_TYPE
.2003 20:13:49 (0) **          ACEFlags: &h0
.2004 20:13:49 (0) **          ACEMask:  &h1F
.2005 20:13:49 (0) **                    DCOM_RIGHT_EXECUTE
.2006 20:13:49 (0) **                    DCOM_RIGHT_LAUNCH_LOCAL
.2007 20:13:49 (0) **                    DCOM_RIGHT_LAUNCH_REMOTE
.2008 20:13:49 (0) **                    DCOM_RIGHT_ACTIVATE_LOCAL
.2009 20:13:49 (0) **                    DCOM_RIGHT_ACTIVATE_REMOTE
.2010 20:13:49 (0) ** 
.2011 20:13:49 (0) ** => The REMOVED ACE was part of the DEFAULT setup for the trustee.
.2012 20:13:49 (0) **    Removing default security will cause some operations to fail!
.2013 20:13:49 (0) **    It is possible to fix this issue by editing the security descriptor and adding the ACE.
.2014 20:13:49 (0) **    For DCOM objects, this can be done with 'DCOMCNFG.EXE'.
.2015 20:13:49 (0) ** 
.2016 20:13:49 (0) ** DCOM security for 'Microsoft WMI Provider Subsystem Host' (Launch & Activation Permissions): ........................ MODIFIED.
.2017 20:13:49 (1) !! ERROR: Default trustee 'NT AUTHORITY\LOCAL SERVICE' has been REMOVED!
.2018 20:13:49 (0) **        - REMOVED ACE:
.2019 20:13:49 (0) **          ACEType:  &h0
.2020 20:13:49 (0) **                    ACCESS_ALLOWED_ACE_TYPE
.2021 20:13:49 (0) **          ACEFlags: &h0
.2022 20:13:49 (0) **          ACEMask:  &h1F
.2023 20:13:49 (0) **                    DCOM_RIGHT_EXECUTE
.2024 20:13:49 (0) **                    DCOM_RIGHT_LAUNCH_LOCAL
.2025 20:13:49 (0) **                    DCOM_RIGHT_LAUNCH_REMOTE
.2026 20:13:49 (0) **                    DCOM_RIGHT_ACTIVATE_LOCAL
.2027 20:13:49 (0) **                    DCOM_RIGHT_ACTIVATE_REMOTE
.2028 20:13:49 (0) ** 
.2029 20:13:49 (0) ** => The REMOVED ACE was part of the DEFAULT setup for the trustee.
.2030 20:13:49 (0) **    Removing default security will cause some operations to fail!
.2031 20:13:49 (0) **    It is possible to fix this issue by editing the security descriptor and adding the ACE.
.2032 20:13:49 (0) **    For DCOM objects, this can be done with 'DCOMCNFG.EXE'.
.2033 20:13:49 (0) ** 
.2034 20:13:49 (0) ** 
.2035 20:13:49 (0) ** DCOM security warning(s) detected: .................................................................................. 0.
.2036 20:13:49 (0) ** DCOM security error(s) detected: .................................................................................... 14.
.2037 20:13:49 (0) ** WMI security warning(s) detected: ................................................................................... 0.
.2038 20:13:49 (0) ** WMI security error(s) detected: ..................................................................................... 0.
.2039 20:13:49 (0) ** 
.2040 20:13:49 (1) !! ERROR: Overall DCOM security status: ................................................................................ ERROR!
.2041 20:13:49 (0) ** Overall WMI security status: ........................................................................................ OK.
.2042 20:13:49 (0) ** - Started at 'Root' --------------------------------------------------------------------------------------------------------------
.2043 20:13:49 (0) ** WMI permanent SUBSCRIPTION(S): ...................................................................................... NONE.
.2044 20:13:49 (0) ** WMI TIMER instruction(s): ........................................................................................... NONE.
.2045 20:13:49 (1) !! ERROR: WMI MONIKER CONNECTION errors occured for the following namespaces: .......................................... 1 ERROR(S)!
.2046 20:13:49 (0) ** - Root, 0x80070422 - Der angegebene Dienst kann nicht gestartet werden. Er ist deaktiviert oder nicht mit aktivierten Geräten verbunden..
.2047 20:13:49 (0) ** 
.2048 20:13:49 (1) !! ERROR: WMI CONNECTION errors occured for the following namespaces: .................................................. 19 ERROR(S)!
.2049 20:13:49 (0) ** - Root, 0x80070422 - Der angegebene Dienst kann nicht gestartet werden. Er ist deaktiviert oder nicht mit aktivierten Geräten verbunden..
.2050 20:13:49 (0) ** - Root, 0x80070422 - Der angegebene Dienst kann nicht gestartet werden. Er ist deaktiviert oder nicht mit aktivierten Geräten verbunden..
.2051 20:13:49 (0) ** - Root/subscription, 0x80070422 - Der angegebene Dienst kann nicht gestartet werden. Er ist deaktiviert oder nicht mit aktivierten Geräten verbunden..
.2052 20:13:49 (0) ** - Root/DEFAULT, 0x80070422 - Der angegebene Dienst kann nicht gestartet werden. Er ist deaktiviert oder nicht mit aktivierten Geräten verbunden..
.2053 20:13:49 (0) ** - Root/CIMV2, 0x80070422 - Der angegebene Dienst kann nicht gestartet werden. Er ist deaktiviert oder nicht mit aktivierten Geräten verbunden..
.2054 20:13:49 (0) ** - Root/CIMV2/Security, 0x80070422 - Der angegebene Dienst kann nicht gestartet werden. Er ist deaktiviert oder nicht mit aktivierten Geräten verbunden..
.2055 20:13:49 (0) ** - Root/CIMV2/TerminalServices, 0x80070422 - Der angegebene Dienst kann nicht gestartet werden. Er ist deaktiviert oder nicht mit aktivierten Geräten verbunden..
.2056 20:13:49 (0) ** - Root/nap, 0x80070422 - Der angegebene Dienst kann nicht gestartet werden. Er ist deaktiviert oder nicht mit aktivierten Geräten verbunden..
.2057 20:13:49 (0) ** - Root/SECURITY, 0x80070422 - Der angegebene Dienst kann nicht gestartet werden. Er ist deaktiviert oder nicht mit aktivierten Geräten verbunden..
.2058 20:13:49 (0) ** - Root/RSOP, 0x80070422 - Der angegebene Dienst kann nicht gestartet werden. Er ist deaktiviert oder nicht mit aktivierten Geräten verbunden..
.2059 20:13:49 (0) ** - Root/RSOP/User, 0x80070422 - Der angegebene Dienst kann nicht gestartet werden. Er ist deaktiviert oder nicht mit aktivierten Geräten verbunden..
.2060 20:13:49 (0) ** - Root/RSOP/Computer, 0x80070422 - Der angegebene Dienst kann nicht gestartet werden. Er ist deaktiviert oder nicht mit aktivierten Geräten verbunden..
.2061 20:13:49 (0) ** - Root/WMI, 0x80070422 - Der angegebene Dienst kann nicht gestartet werden. Er ist deaktiviert oder nicht mit aktivierten Geräten verbunden..
.2062 20:13:49 (0) ** - Root/directory, 0x80070422 - Der angegebene Dienst kann nicht gestartet werden. Er ist deaktiviert oder nicht mit aktivierten Geräten verbunden..
.2063 20:13:49 (0) ** - Root/directory/LDAP, 0x80070422 - Der angegebene Dienst kann nicht gestartet werden. Er ist deaktiviert oder nicht mit aktivierten Geräten verbunden..
.2064 20:13:49 (0) ** - Root/Policy, 0x80070422 - Der angegebene Dienst kann nicht gestartet werden. Er ist deaktiviert oder nicht mit aktivierten Geräten verbunden..
.2065 20:13:49 (0) ** - Root/Microsoft, 0x80070422 - Der angegebene Dienst kann nicht gestartet werden. Er ist deaktiviert oder nicht mit aktivierten Geräten verbunden..
.2066 20:13:49 (0) ** - Root/Microsoft/HomeNet, 0x80070422 - Der angegebene Dienst kann nicht gestartet werden. Er ist deaktiviert oder nicht mit aktivierten Geräten verbunden..
.2067 20:13:49 (0) ** - Root/aspnet, 0x80070422 - Der angegebene Dienst kann nicht gestartet werden. Er ist deaktiviert oder nicht mit aktivierten Geräten verbunden..
.2068 20:13:49 (0) ** 
.2069 20:13:49 (0) ** WMI GET operations: ................................................................................................. OK.
.2070 20:13:49 (0) ** WMI MOF representations: ............................................................................................ OK.
.2071 20:13:49 (0) ** WMI QUALIFIER access operations: .................................................................................... OK.
.2072 20:13:49 (0) ** WMI ENUMERATION operations: ......................................................................................... OK.
.2073 20:13:49 (0) ** WMI EXECQUERY operations: ........................................................................................... OK.
.2074 20:13:49 (0) ** WMI GET VALUE operations: ........................................................................................... OK.
.2075 20:13:49 (0) ** WMI WRITE operations: ............................................................................................... NOT TESTED.
.2076 20:13:49 (0) ** WMI PUT operations: ................................................................................................. NOT TESTED.
.2077 20:13:49 (0) ** WMI DELETE operations: .............................................................................................. NOT TESTED.
.2078 20:13:49 (0) ** WMI static instances retrieved: ..................................................................................... 0.
.2079 20:13:49 (0) ** WMI dynamic instances retrieved: .................................................................................... 0.
.2080 20:13:49 (0) ** WMI instance request cancellations (to limit performance impact): ................................................... 0.
.2081 20:13:49 (0) ** ----------------------------------------------------------------------------------------------------------------------------------
.2082 20:13:49 (0) ** 
.2083 20:13:49 (0) ** 20 error(s) 0x80070422 - (WBEM_UNKNOWN) This error code is external to WMI.
.2084 20:13:49 (0) ** => Errors starting with 0x8007 are Win32 errors, NOT WMI errors. More information can be found
.2085 20:13:49 (0) **    with the 'NET.EXE HELPMSG <dddd>' command, where <dddd> is the last four hex digits (0x0422) 
.2086 20:13:49 (0) **    converted in decimal (1058).
.2087 20:13:49 (0) **    - NET HELPMSG 1058
.2088 20:13:49 (0) ** 
.2089 20:13:49 (0) ** ----------------------------------------------------------------------------------------------------------------------------------
.2090 20:13:49 (0) ** Unexpected, wrong or missing registry key values: ................................................................... 1 KEY(S)!
.2091 20:13:49 (1) !! ERROR: Unexpected registry key value:
.2092 20:13:49 (0) **   - Current:  HKLM\SYSTEM\CurrentControlSet\Services\winmgmt\Start (REG_DWORD) -> &h4
.2093 20:13:49 (0) **   - Expected: HKLM\SYSTEM\CurrentControlSet\Services\winmgmt\Start (REG_DWORD) -> &h2
.2094 20:13:49 (0) **     From the command line, the registry configuration can be corrected with the following command:
.2095 20:13:49 (0) **     i.e. 'REG.EXE Add "HKLM\SYSTEM\CurrentControlSet\Services\winmgmt" /v "Start" /t "REG_DWORD" /d "2" /f'
.2096 20:13:49 (0) ** 
.2097 20:13:49 (0) ** ----------------------------------------------------------------------------------------------------------------------------------
.2098 20:13:49 (0) ** ----------------------------------------------------------------------------------------------------------------------------------
.2099 20:13:49 (0) ** ----------------------------------------------------------------------------------------------------------------------------------
.2100 20:13:49 (0) ** ----------------------------------------------------------------------------------------------------------------------------------
.2101 20:13:49 (0) ** 
.2102 20:13:49 (0) ** ----------------------------------------------------------------------------------------------------------------------------------
.2103 20:13:49 (0) ** ------------------------------------------------------ WMI REPORT: END -----------------------------------------------------------
.2104 20:13:49 (0) ** ----------------------------------------------------------------------------------------------------------------------------------
.2105 20:13:49 (0) ** 
.2106 20:13:49 (0) ** ERROR: WMIDiag detected issues that could prevent WMI to work properly!.  Check 'C:\USERS\ADMINISTRATOR.contoso\APPDATA\LOCAL\TEMP\WMIDIAG-V2.2_2K8R2.SRV.SP1.64_EXCHANGE_2019.08.28_20.13.36.LOG' for details.
.2107 20:13:49 (0) ** 
.2108 20:13:49 (0) ** WMIDiag v2.2 ended on Mittwoch, 28. August 2019 at 20:13 (W:44 E:47 S:1).

 

Share this post


Link to post
Share on other sites

Hi,

 

was ist denn hier das Ziel? Soll der Exchange 2010 abgelöst und in Richtung 2016 geupdated werden, wofür ein aktuelleres RU gebraucht wird?

Dann wäre es evtl. einfacher und schneller den Exchange 2010 so zu belassen (ggfs. hat er einen Stand der Koexistenz mit 2016 unterstützt) und über den Zwischenschritt Exchange 2013 zu gehen.

 

Falls das nicht der Plan ist, sollte man sich den Plan evtl. überlegen. Der 14.01.2020 rückt näher. ;)

 

Gruß

Jan

Share this post


Link to post
Share on other sites

Hallo, 

 

das Ziel ist eher WMI Heilung  bei msinfo32 herstellen.  (da wird nix angezeigt) (meiner Vermutung nach Kern des Übels -

 

Symptome:  Probleme bei Netzwerkverbindung zum Domänencontroller bzw. aufrufen der Exchange Powershell und Console gestaltete sich komisch aber ging sporadisch. (Ich weiß, das ist keine gute Fehlerbeschreibung)

 

Mir ist klar, das das nach Neustarts sich das WMI durchaus auch sich selbst (temporär) heilen kann. 

 

SET Mail Security ist ansonsten installiert. 

Weitere 3rd Party Software eigentlich nicht vorhanden.

 

In diesem Thread von 2008 wird ein Reparatur-Procedere gelobt.

https://social.technet.microsoft.com/Forums/windows/en-US/8ed26d46-9994-4052-a307-5b071805aea8/wmi-corrupt-how-to-reinstallrepair?forum=winservergen

 

 

 

 

Share this post


Link to post
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.


Werbepartner:



×
×
  • Create New...