DameWare Home  |   Community  |   Sales  |   Resellers  |   Contact Us  
Article - #300070   

 

Icons do not update within DNTU for machines running Windows XP SP2

 
The information in this article applies to:
  • DameWare NT Utilities
    •

Please refer to the following knowledge base article from Microsoft for more information about this issue:

Changes to Functionality in Microsoft Windows XP Service Pack 2
Part 2: Network Protection Technologies
http://www.microsoft.com/technet/prodtechnol/winxppro/maintain/sp2netwk.mspx#EGAA

According to Microsoft, a number of changes have been made in the Remote Procedure Call (RPC) service for Windows XP Service Pack 2.  The most significant change is the addition of the RestrictRemoteClients Registry key.  This key modifies the behavior of all RPC interfaces on the system and will, by default, eliminate remote anonymous access to RPC interfaces on the system.

DameWare NT Utilities (DNTU) contacts its remote machines via Microsoft's NetServerGetInfo API call, which connects to the remote machine via an anonymous IPC$ connection.  However, it seems that SP2 will no longer allow those anonymous connections (by default), therefore the icon does not get updated.

DameWare has added an additional feature in DNTU that should be helpful.  Provided a user has a saved set of credentials with sufficient rights to the remote machine, DNTU now allows the user to Logon to the remote machine using those saved credentials when the anonymous connection fails, so that the machine information can be retrieved and the icon can be updated within DNTU's Tree View.  This new feature is available in version 4.6 and later.  Open DNTU, click on the Eyeglasses icon in the toolbar, select the Network Browser Tab, then enable the "Allow Logon on Anonymous failure" feature.

These RPC restrictions in SP2 may be controlled via Group Policies as well.

The RestrictRemoteClients Registry key can have one of three DWORD values that can also be controlled programmatically in rpcdce.h. Note:** If this Registry key is not present, it is equivalent to setting the DWORD=1 value (RPC_RESTRICT_REMOTE_CLIENT_DEFAULT).


[HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows NT\RPC]
Key name: "RestrictRemoteClients"
Type: DWORD
Configurable through User Interface: Yes. This key can be configured using the Group Policy Object Editor.

Default value: 1
Meaning: This value is the default value in Windows XP Service Pack 2.  It restricts access to all RPC interfaces and all remote anonymous calls are rejected by the RPC runtime.  This corresponds to the value RPC_RESTRICT_REMOTE_CLIENT_DEFAULT in rpcdce.h.  If an interface registers a security callback and provides the RPC_IF_ALLOW_CALLBACKS_WITH_NO_AUTH flag, this restriction does not apply to that interface.

Value: 0
Meaning: Causes the system to bypass the RPC interface restriction.  This corresponds to the value RPC_RESTRICT_REMOTE_CLIENT_NONE in rpcdce.h.  It is entirely the responsibility of the server application to impose appropriate RPC restrictions.  This setting is equivalent to the behavior in previous versions of Windows.

Value: 2
Meaning: All remote anonymous calls are rejected by the RPC runtime with no exemptions.  This corresponds to the value RPC_RESTRICT_REMOTE_CLIENT_HIGH in rpcdce.h.  When this value is set, a system cannot receive remote anonymous calls using RPC.

Conclusion:
Through testing performed at DameWare Development using the new setting in DNTU and adding the RestrictRemoteClients Key with a value = 0, both methods worked properly.
Knowledgebase Article: #300070
Category: Troubleshooting
Last Revised: Monday, February 09, 2004
Keywords: icons, yellow, grey, 53, network path not found, firewall
Decription: The installation of XP-SP2 no loger allows anonymous IPC$ connections, which is how the DameWare NT Utilities software connects to a remote machine to update it's icons.
How would you rate this article?
 12345678910 
Not HelpfulVery Helpful
Please tell us why you are rating this article this way.
If you need to enter a URL please remove "http://".
Please note: this field is required for negative responses.
No HTML please.                          
 
12345678910
Average rating:  8.1 out of 10.
13 people have rated this article.
Page Options
Print this article
Email this article
Rate this article
   ©1991-2010 DameWare Development LLC, All rights reserved.
    Privacy Statement  |  Trademarks  |  End of Life