forums.wsusoffline.net

[weemag]

Hallo,

das WSUS Offline Update hatte bei mir bereits nach einigen Sekunden abgebrochen mit der Meldung "Unsupported Operating System Language".

In der Logdatei von WMIDiag gibt es sehr viele (ca. 70) Error-Meldungen der Art "Default Trustee [ ... ] has been removed". Im Report unten stehen die Meldungen "DCOM Security Warning" und "WMI Security Warning". Schließlich schreibt das Log am Beginn des Report "Windows XP - no Service Pack", obwohl ich natürlich alle Service Packs (incl. SP3) installiert habe.


Was tun??

[Denniss]

Kannst Du den Inhalt der Logdatei mal hier zitieren ?
Wurde bei oder nach der Installation mit irgendwelchen Programmen wie nlite oder XP-Antispy gearbeitet?
Unter Umständen sind dann ein paar wichtige Dienste nicht vorhanden/aktiv.

[weemag]

Denniss:
1) Keine Progs wie nlite oder XP-Antispy
2) Ich habe mein Win XP wochenlang auf Sicherheit hin konfiguriert, d.h. ich habe auch eine Reihe von Diensten manuell deaktiviert bzw. abgeschaltet. Wenn ein Dienst für irgendwas wichtig ist, starte ich ihn einfach manuell. Möglich, dass es dabei einen für das WSUS OU wichtigen Dienst getroffen hat (allerdings habe ich vor dem letzten Lauf von WMIDiag den DCOM-Server-Dienst extra gestartet)
3) Vielleicht auch noch erwähnenswert: bei der Windows-Aktivierung habe ich mich sehr sehr blöde angestellt: ich wollte unbedingt einen "Workaround" zur Anwendung bringen (aus dem COM!-Magazin, auch im Internet zu finden), mit dem man künstlich die Aktivierungsfrist verlängern kann. Soweit ich mich erinnere wird das mit SYSPREP bewerkstelligt, und so habe ich das dann auch gemacht. Danach hatte ich einige Probleme (und habe sie eigentlich immer noch) mit Datei-Programm-Verknüpfungen.

Ich werde versuchen, die Log-Datei hier noch in dieser Woche zu posten.


Gruß

[weemag]

Die Logdatei ab "WMI REPORT: BEGIN" ist zu lang. An welchen Stellen soll ich kürzen?



Gruß,

weemag.

[weemag]

Seite 1-6 der Logdatei:

13095 19:01:38 (0) ** ----------------------------------------------------- WMI REPORT: BEGIN ----------------------------------------------------------
13096 19:01:38 (0) ** ----------------------------------------------------------------------------------------------------------------------------------
13097 19:01:38 (0) **
13098 19:01:38 (0) ** ----------------------------------------------------------------------------------------------------------------------------------
13099 19:01:38 (0) ** Windows XP - No service pack - 32-bit (2600) - User [ … ]\ [ … ]' on computer [ … ].
13100 19:01:38 (0) ** ----------------------------------------------------------------------------------------------------------------------------------
13101 19:01:38 (0) ** INFO: Environment: .................................................................................................. 1 ITEM(S)!
13102 19:01:38 (0) ** INFO: => 3 incorrect shutdown(s) detected on:
13103 19:01:38 (0) ** - Shutdown on 29 November 2010 10:14:35 (GMT+1).
13104 19:01:38 (0) ** - Shutdown on 11 December 2010 15:16:37 (GMT+1).
13105 19:01:38 (0) ** - Shutdown on 01 January 2011 16:44:41 (GMT+1).
13106 19:01:38 (0) **
13107 19:01:38 (0) ** System drive: ....................................................................................................... C: (Datenträger Nr. 0 Partition Nr. 0).
13108 19:01:38 (0) ** Drive type: ......................................................................................................... IDE (WDC WD1200BEVE-00UYT0).
13109 19:01:38 (0) ** There are no missing WMI system files: .............................................................................. OK.
13110 19:01:38 (0) ** There are no missing WMI repository files: .......................................................................... OK.
13111 19:01:38 (0) ** WMI repository state: ............................................................................................... N/A.
13112 19:01:38 (0) ** BEFORE running WMIDiag:
13113 19:01:38 (0) ** The WMI repository has a size of: ................................................................................... 9 MB.
13114 19:01:38 (0) ** - Disk free space on 'C:': .......................................................................................... 11185 MB.
13115 19:01:38 (0) ** - INDEX.BTR, 1523712 bytes, 30.01.2011 18:13:33
13116 19:01:38 (0) ** - INDEX.MAP, 780 bytes, 30.01.2011 18:13:33
13117 19:01:38 (0) ** - OBJECTS.DATA, 7872512 bytes, 30.01.2011 18:13:33
13118 19:01:38 (0) ** - OBJECTS.MAP, 3892 bytes, 30.01.2011 18:13:33
13119 19:01:38 (0) ** AFTER running WMIDiag:
13120 19:01:38 (0) ** The WMI repository has a size of: ................................................................................... 9 MB.
13121 19:01:38 (0) ** - Disk free space on 'C:': .......................................................................................... 11184 MB.
13122 19:01:38 (0) ** - INDEX.BTR, 1523712 bytes, 30.01.2011 18:13:33
13123 19:01:38 (0) ** - INDEX.MAP, 780 bytes, 30.01.2011 18:13:33
13124 19:01:38 (0) ** - OBJECTS.DATA, 7872512 bytes, 30.01.2011 18:13:33
13125 19:01:38 (0) ** - OBJECTS.MAP, 3892 bytes, 30.01.2011 18:13:33
13126 19:01:38 (0) ** ----------------------------------------------------------------------------------------------------------------------------------
13127 19:01:38 (0) ** Windows Firewall: ................................................................................................... NOT INSTALLED.
13128 19:01:38 (0) ** ----------------------------------------------------------------------------------------------------------------------------------
13129 19:01:38 (0) ** DCOM Status: ........................................................................................................ OK.
13130 19:01:38 (0) ** WMI registry setup: ................................................................................................. OK.
13131 19:01:38 (0) ** WMI Service has no dependents: ...................................................................................... OK.
13132 19:01:38 (0) ** RPCSS service: ...................................................................................................... OK (Already started).
13133 19:01:38 (0) ** WINMGMT service: .................................................................................................... OK (Already started).
13134 19:01:38 (0) ** ----------------------------------------------------------------------------------------------------------------------------------
13135 19:01:38 (0) ** WMI service DCOM setup: ............................................................................................. OK.
13136 19:01:38 (0) ** WMI components DCOM registrations: .................................................................................. OK.
13137 19:01:38 (0) ** WMI ProgID registrations: ........................................................................................... OK.
13138 19:01:38 (0) ** WMI provider DCOM registrations: .................................................................................... OK.
13139 19:01:38 (0) ** WMI provider CIM registrations: ..................................................................................... OK.
13140 19:01:38 (0) ** WMI provider CLSIDs: ................................................................................................ OK.
13141 19:01:38 (0) ** WMI providers EXE/DLL availability: ................................................................................. OK.
13142 19:01:38 (0) ** ----------------------------------------------------------------------------------------------------------------------------------
13143 19:01:38 (0) ** DCOM security for 'My Computer' (Launch & Activation Permissions/Edit Default): ..................................... MODIFIED.
13144 19:01:38 (1) !! ERROR: Default trustee 'BUILTIN\ADMINISTRATORS' has been REMOVED!
13145 19:01:38 (0) ** - REMOVED ACE:
13146 19:01:38 (0) ** ACEType: &h0
13147 19:01:38 (0) ** ACCESS_ALLOWED_ACE_TYPE
13148 19:01:38 (0) ** ACEFlags: &h0
13149 19:01:38 (0) ** ACEMask: &h1
13150 19:01:38 (0) ** DCOM_RIGHT_EXECUTE
13151 19:01:38 (0) **
13152 19:01:38 (0) ** => The REMOVED ACE was part of the DEFAULT setup for the trustee.
13153 19:01:38 (0) ** Removing default security will cause some operations to fail!
13154 19:01:38 (0) ** It is possible to fix this issue by editing the security descriptor and adding the ACE.
13155 19:01:38 (0) ** For DCOM objects, this can be done with 'DCOMCNFG.EXE'.
13156 19:01:38 (0) **
13157 19:01:38 (0) ** DCOM security for 'My Computer' (Launch & Activation Permissions/Edit Default): ..................................... MODIFIED.
13158 19:01:38 (1) !! ERROR: Default trustee 'NT AUTHORITY\INTERACTIVE' has been REMOVED!
13159 19:01:38 (0) ** - REMOVED ACE:
13160 19:01:38 (0) ** ACEType: &h0
13161 19:01:38 (0) ** ACCESS_ALLOWED_ACE_TYPE
13162 19:01:38 (0) ** ACEFlags: &h0
13163 19:01:38 (0) ** ACEMask: &h1
13164 19:01:38 (0) ** DCOM_RIGHT_EXECUTE
13165 19:01:38 (0) **
13166 19:01:38 (0) ** => The REMOVED ACE was part of the DEFAULT setup for the trustee.
13167 19:01:38 (0) ** Removing default security will cause some operations to fail!
13168 19:01:38 (0) ** It is possible to fix this issue by editing the security descriptor and adding the ACE.
13169 19:01:38 (0) ** For DCOM objects, this can be done with 'DCOMCNFG.EXE'.
13170 19:01:38 (0) **
13171 19:01:38 (0) ** DCOM security for 'My Computer' (Launch & Activation Permissions/Edit Default): ..................................... MODIFIED.
13172 19:01:38 (1) !! ERROR: Default trustee 'NT AUTHORITY\SYSTEM' has been REMOVED!
13173 19:01:38 (0) ** - REMOVED ACE:
13174 19:01:38 (0) ** ACEType: &h0
13175 19:01:38 (0) ** ACCESS_ALLOWED_ACE_TYPE
13176 19:01:38 (0) ** ACEFlags: &h0
13177 19:01:38 (0) ** ACEMask: &h1
13178 19:01:38 (0) ** DCOM_RIGHT_EXECUTE
13179 19:01:38 (0) **
13180 19:01:38 (0) ** => The REMOVED ACE was part of the DEFAULT setup for the trustee.
13181 19:01:38 (0) ** Removing default security will cause some operations to fail!
13182 19:01:38 (0) ** It is possible to fix this issue by editing the security descriptor and adding the ACE.
13183 19:01:38 (0) ** For DCOM objects, this can be done with 'DCOMCNFG.EXE'.
13184 19:01:38 (0) **
13185 19:01:38 (0) ** DCOM security for 'Windows Management Instrumentation' (Launch & Activation Permissions): ........................... MODIFIED.
13186 19:01:38 (1) !! ERROR: Default trustee 'EVERYONE' has been REMOVED!
13187 19:01:38 (0) ** - REMOVED ACE:
13188 19:01:38 (0) ** ACEType: &h0
13189 19:01:38 (0) ** ACCESS_ALLOWED_ACE_TYPE
13190 19:01:38 (0) ** ACEFlags: &h0
13191 19:01:38 (0) ** ACEMask: &h1
13192 19:01:38 (0) ** DCOM_RIGHT_EXECUTE
13193 19:01:38 (0) **
13194 19:01:38 (0) ** => The REMOVED ACE was part of the DEFAULT setup for the trustee.
13195 19:01:38 (0) ** Removing default security will cause some operations to fail!
13196 19:01:38 (0) ** It is possible to fix this issue by editing the security descriptor and adding the ACE.
13197 19:01:38 (0) ** For DCOM objects, this can be done with 'DCOMCNFG.EXE'.
13198 19:01:38 (0) **
13199 19:01:38 (0) ** DCOM security for 'Microsoft WMI Provider Subsystem Host' (Launch & Activation Permissions): ........................ MODIFIED.
13200 19:01:38 (1) !! ERROR: Default trustee 'BUILTIN\ADMINISTRATORS' has been REMOVED!
13201 19:01:38 (0) ** - REMOVED ACE:
13202 19:01:38 (0) ** ACEType: &h0
13203 19:01:38 (0) ** ACCESS_ALLOWED_ACE_TYPE
13204 19:01:38 (0) ** ACEFlags: &h0
13205 19:01:38 (0) ** ACEMask: &h1
13206 19:01:38 (0) ** DCOM_RIGHT_EXECUTE
13207 19:01:38 (0) **
13208 19:01:38 (0) ** => The REMOVED ACE was part of the DEFAULT setup for the trustee.
13209 19:01:38 (0) ** Removing default security will cause some operations to fail!
13210 19:01:38 (0) ** It is possible to fix this issue by editing the security descriptor and adding the ACE.
13211 19:01:38 (0) ** For DCOM objects, this can be done with 'DCOMCNFG.EXE'.
13212 19:01:38 (0) **
13213 19:01:38 (0) ** DCOM security for 'Microsoft WMI Provider Subsystem Host' (Launch & Activation Permissions): ........................ MODIFIED.
13214 19:01:38 (1) !! ERROR: Default trustee 'NT AUTHORITY\INTERACTIVE' has been REMOVED!
13215 19:01:38 (0) ** - REMOVED ACE:
13216 19:01:38 (0) ** ACEType: &h0
13217 19:01:38 (0) ** ACCESS_ALLOWED_ACE_TYPE
13218 19:01:38 (0) ** ACEFlags: &h0
13219 19:01:38 (0) ** ACEMask: &h1
13220 19:01:38 (0) ** DCOM_RIGHT_EXECUTE
13221 19:01:38 (0) **
13222 19:01:38 (0) ** => The REMOVED ACE was part of the DEFAULT setup for the trustee.
13223 19:01:38 (0) ** Removing default security will cause some operations to fail!
13224 19:01:38 (0) ** It is possible to fix this issue by editing the security descriptor and adding the ACE.
13225 19:01:38 (0) ** For DCOM objects, this can be done with 'DCOMCNFG.EXE'.
13226 19:01:38 (0) **
13227 19:01:38 (0) ** DCOM security for 'Microsoft WMI Provider Subsystem Host' (Launch & Activation Permissions): ........................ MODIFIED.
13228 19:01:38 (1) !! ERROR: Default trustee 'NT AUTHORITY\SYSTEM' has been REMOVED!
13229 19:01:38 (0) ** - REMOVED ACE:
13230 19:01:38 (0) ** ACEType: &h0
13231 19:01:38 (0) ** ACCESS_ALLOWED_ACE_TYPE
13232 19:01:38 (0) ** ACEFlags: &h0
13233 19:01:38 (0) ** ACEMask: &h1
13234 19:01:38 (0) ** DCOM_RIGHT_EXECUTE
13235 19:01:38 (0) **
13236 19:01:38 (0) ** => The REMOVED ACE was part of the DEFAULT setup for the trustee.
13237 19:01:38 (0) ** Removing default security will cause some operations to fail!
13238 19:01:38 (0) ** It is possible to fix this issue by editing the security descriptor and adding the ACE.
13239 19:01:38 (0) ** For DCOM objects, this can be done with 'DCOMCNFG.EXE'.
13240 19:01:38 (0) **
13241 19:01:38 (0) ** DCOM security for 'Microsoft WMI Provider Subsystem Host' (Launch & Activation Permissions): ........................ MODIFIED.
13242 19:01:38 (1) !! ERROR: Default trustee 'NT AUTHORITY\NETWORK SERVICE' has been REMOVED!
13243 19:01:38 (0) ** - REMOVED ACE:
13244 19:01:38 (0) ** ACEType: &h0
13245 19:01:38 (0) ** ACCESS_ALLOWED_ACE_TYPE
13246 19:01:38 (0) ** ACEFlags: &h0
13247 19:01:38 (0) ** ACEMask: &h1
13248 19:01:38 (0) ** DCOM_RIGHT_EXECUTE
13249 19:01:38 (0) **
13250 19:01:38 (0) ** => The REMOVED ACE was part of the DEFAULT setup for the trustee.
13251 19:01:38 (0) ** Removing default security will cause some operations to fail!
13252 19:01:38 (0) ** It is possible to fix this issue by editing the security descriptor and adding the ACE.
13253 19:01:38 (0) ** For DCOM objects, this can be done with 'DCOMCNFG.EXE'.
13254 19:01:38 (0) **
13255 19:01:38 (0) ** DCOM security for 'Microsoft WMI Provider Subsystem Host' (Launch & Activation Permissions): ........................ MODIFIED.
13256 19:01:38 (1) !! ERROR: Default trustee 'NT AUTHORITY\LOCAL SERVICE' has been REMOVED!
13257 19:01:38 (0) ** - REMOVED ACE:
13258 19:01:38 (0) ** ACEType: &h0
13259 19:01:38 (0) ** ACCESS_ALLOWED_ACE_TYPE
13260 19:01:38 (0) ** ACEFlags: &h0
13261 19:01:38 (0) ** ACEMask: &h1
13262 19:01:38 (0) ** DCOM_RIGHT_EXECUTE
13263 19:01:38 (0) **
13264 19:01:38 (0) ** => The REMOVED ACE was part of the DEFAULT setup for the trustee.
13265 19:01:38 (0) ** Removing default security will cause some operations to fail!
13266 19:01:38 (0) ** It is possible to fix this issue by editing the security descriptor and adding the ACE.
13267 19:01:38 (0) ** For DCOM objects, this can be done with 'DCOMCNFG.EXE'.
13268 19:01:38 (0) **
13269 19:01:38 (0) ** DCOM security for 'Microsoft WBEM UnSecured Apartment' (Launch & Activation Permissions): ........................... MODIFIED.
13270 19:01:38 (1) !! ERROR: Default trustee 'BUILTIN\ADMINISTRATORS' has been REMOVED!
13271 19:01:38 (0) ** - REMOVED ACE:
13272 19:01:38 (0) ** ACEType: &h0
13273 19:01:38 (0) ** ACCESS_ALLOWED_ACE_TYPE
13274 19:01:38 (0) ** ACEFlags: &h0
13275 19:01:38 (0) ** ACEMask: &h1
13276 19:01:38 (0) ** DCOM_RIGHT_EXECUTE
13277 19:01:38 (0) **
13278 19:01:38 (0) ** => The REMOVED ACE was part of the DEFAULT setup for the trustee.
13279 19:01:38 (0) ** Removing default security will cause some operations to fail!
13280 19:01:38 (0) ** It is possible to fix this issue by editing the security descriptor and adding the ACE.
13281 19:01:38 (0) ** For DCOM objects, this can be done with 'DCOMCNFG.EXE'.
13282 19:01:38 (0) **
13283 19:01:38 (0) ** DCOM security for 'Microsoft WBEM UnSecured Apartment' (Launch & Activation Permissions): ........................... MODIFIED.
13284 19:01:38 (1) !! ERROR: Default trustee 'NT AUTHORITY\INTERACTIVE' has been REMOVED!
13285 19:01:38 (0) ** - REMOVED ACE:
13286 19:01:38 (0) ** ACEType: &h0
13287 19:01:38 (0) ** ACCESS_ALLOWED_ACE_TYPE
13288 19:01:38 (0) ** ACEFlags: &h0
13289 19:01:38 (0) ** ACEMask: &h1
13290 19:01:38 (0) ** DCOM_RIGHT_EXECUTE
13291 19:01:38 (0) **
13292 19:01:38 (0) ** => The REMOVED ACE was part of the DEFAULT setup for the trustee.
13293 19:01:38 (0) ** Removing default security will cause some operations to fail!
13294 19:01:38 (0) ** It is possible to fix this issue by editing the security descriptor and adding the ACE.
13295 19:01:38 (0) ** For DCOM objects, this can be done with 'DCOMCNFG.EXE'.
13296 19:01:38 (0) **
13297 19:01:38 (0) ** DCOM security for 'Microsoft WBEM UnSecured Apartment' (Launch & Activation Permissions): ........................... MODIFIED.
13298 19:01:38 (1) !! ERROR: Default trustee 'NT AUTHORITY\SYSTEM' has been REMOVED!
13299 19:01:38 (0) ** - REMOVED ACE:
13300 19:01:38 (0) ** ACEType: &h0
13301 19:01:38 (0) ** ACCESS_ALLOWED_ACE_TYPE
13302 19:01:38 (0) ** ACEFlags: &h0
13303 19:01:38 (0) ** ACEMask: &h1
13304 19:01:38 (0) ** DCOM_RIGHT_EXECUTE
13305 19:01:38 (0) **
13306 19:01:38 (0) ** => The REMOVED ACE was part of the DEFAULT setup for the trustee.
13307 19:01:38 (0) ** Removing default security will cause some operations to fail!
13308 19:01:38 (0) ** It is possible to fix this issue by editing the security descriptor and adding the ACE.
13309 19:01:38 (0) ** For DCOM objects, this can be done with 'DCOMCNFG.EXE'.
13310 19:01:38 (0) **
13311 19:01:38 (0) ** WMI namespace security for 'Root': .................................................................................. MODIFIED.
13312 19:01:38 (1) !! ERROR: Default trustee 'BUILTIN\ADMINISTRATORS' has been REMOVED!
13313 19:01:38 (0) ** - REMOVED ACE:
13314 19:01:38 (0) ** ACEType: &h0
13315 19:01:38 (0) ** ACCESS_ALLOWED_ACE_TYPE
13316 19:01:38 (0) ** ACEFlags: &h12
13317 19:01:38 (0) ** CONTAINER_INHERIT_ACE
13318 19:01:38 (0) ** INHERITED_ACE
13319 19:01:38 (0) ** ACEMask: &h6003F
13320 19:01:38 (0) ** WBEM_ENABLE
13321 19:01:38 (0) ** WBEM_METHOD_EXECUTE
13322 19:01:38 (0) ** WBEM_FULL_WRITE_REP
13323 19:01:38 (0) ** WBEM_PARTIAL_WRITE_REP
13324 19:01:38 (0) ** WBEM_WRITE_PROVIDER
13325 19:01:38 (0) ** WBEM_REMOTE_ACCESS
13326 19:01:38 (0) ** WBEM_WRITE_DAC
13327 19:01:38 (0) ** WBEM_READ_CONTROL
13328 19:01:38 (0) **
13329 19:01:38 (0) ** => The REMOVED ACE was part of the DEFAULT setup for the trustee.
13330 19:01:38 (0) ** Removing default security will cause some operations to fail!
13331 19:01:38 (0) ** It is possible to fix this issue by editing the security descriptor and adding the ACE.
13332 19:01:38 (0) ** For WMI namespaces, this can be done with 'WMIMGMT.MSC'.
13333 19:01:38 (0) **
13334 19:01:38 (0) ** WMI namespace security for 'Root': .................................................................................. MODIFIED.
13335 19:01:38 (1) !! ERROR: Default trustee 'NT AUTHORITY\NETWORK SERVICE' has been REMOVED!

;


Seite 30-35 der Logdatei:

14392 19:01:38 (1) !! ERROR: Default trustee 'NT AUTHORITY\LOCAL SERVICE' has been REMOVED!
14393 19:01:38 (0) ** - REMOVED ACE:
14394 19:01:38 (0) ** ACEType: &h0
14395 19:01:38 (0) ** ACCESS_ALLOWED_ACE_TYPE
14396 19:01:38 (0) ** ACEFlags: &h12
14397 19:01:38 (0) ** CONTAINER_INHERIT_ACE
14398 19:01:38 (0) ** INHERITED_ACE
14399 19:01:38 (0) ** ACEMask: &h13
14400 19:01:38 (0) ** WBEM_ENABLE
14401 19:01:38 (0) ** WBEM_METHOD_EXECUTE
14402 19:01:38 (0) ** WBEM_WRITE_PROVIDER
14403 19:01:38 (0) **
14404 19:01:38 (0) ** => The REMOVED ACE was part of the DEFAULT setup for the trustee.
14405 19:01:38 (0) ** Removing default security will cause some operations to fail!
14406 19:01:38 (0) ** It is possible to fix this issue by editing the security descriptor and adding the ACE.
14407 19:01:38 (0) ** For WMI namespaces, this can be done with 'WMIMGMT.MSC'.
14408 19:01:38 (0) **
14409 19:01:38 (0) ** WMI namespace security for 'ROOT/SUBSCRIPTION': ..................................................................... MODIFIED.
14410 19:01:38 (1) !! ERROR: Default trustee 'EVERYONE' has been REMOVED!
14411 19:01:38 (0) ** - REMOVED ACE:
14412 19:01:38 (0) ** ACEType: &h0
14413 19:01:38 (0) ** ACCESS_ALLOWED_ACE_TYPE
14414 19:01:38 (0) ** ACEFlags: &h12
14415 19:01:38 (0) ** CONTAINER_INHERIT_ACE
14416 19:01:38 (0) ** INHERITED_ACE
14417 19:01:38 (0) ** ACEMask: &h13
14418 19:01:38 (0) ** WBEM_ENABLE
14419 19:01:38 (0) ** WBEM_METHOD_EXECUTE
14420 19:01:38 (0) ** WBEM_WRITE_PROVIDER
14421 19:01:38 (0) **
14422 19:01:38 (0) ** => The REMOVED ACE was part of the DEFAULT setup for the trustee.
14423 19:01:38 (0) ** Removing default security will cause some operations to fail!
14424 19:01:38 (0) ** It is possible to fix this issue by editing the security descriptor and adding the ACE.
14425 19:01:38 (0) ** For WMI namespaces, this can be done with 'WMIMGMT.MSC'.
14426 19:01:38 (0) **
14427 19:01:38 (0) ** WMI namespace security for 'ROOT/NAP': .............................................................................. MODIFIED.
14428 19:01:38 (1) !! ERROR: Default trustee 'BUILTIN\ADMINISTRATORS' has been REMOVED!
14429 19:01:38 (0) ** - REMOVED ACE:
14430 19:01:38 (0) ** ACEType: &h0
14431 19:01:38 (0) ** ACCESS_ALLOWED_ACE_TYPE
14432 19:01:38 (0) ** ACEFlags: &h12
14433 19:01:38 (0) ** CONTAINER_INHERIT_ACE
14434 19:01:38 (0) ** INHERITED_ACE
14435 19:01:38 (0) ** ACEMask: &h6003F
14436 19:01:38 (0) ** WBEM_ENABLE
14437 19:01:38 (0) ** WBEM_METHOD_EXECUTE
14438 19:01:38 (0) ** WBEM_FULL_WRITE_REP
14439 19:01:38 (0) ** WBEM_PARTIAL_WRITE_REP
14440 19:01:38 (0) ** WBEM_WRITE_PROVIDER
14441 19:01:38 (0) ** WBEM_REMOTE_ACCESS
14442 19:01:38 (0) ** WBEM_WRITE_DAC
14443 19:01:38 (0) ** WBEM_READ_CONTROL
14444 19:01:38 (0) **
14445 19:01:38 (0) ** => The REMOVED ACE was part of the DEFAULT setup for the trustee.
14446 19:01:38 (0) ** Removing default security will cause some operations to fail!
14447 19:01:38 (0) ** It is possible to fix this issue by editing the security descriptor and adding the ACE.
14448 19:01:38 (0) ** For WMI namespaces, this can be done with 'WMIMGMT.MSC'.
14449 19:01:38 (0) ** Note: WMIDiag has no specific knowledge of this WMI namespace.
14450 19:01:38 (0) ** The security diagnostic is based on the WMI namespace expected defaults.
14451 19:01:38 (0) ** A specific WMI application can always require a security setup different
14452 19:01:38 (0) ** than the WMI security defaults.
14453 19:01:38 (0) **
14454 19:01:38 (0) ** WMI namespace security for 'ROOT/NAP': .............................................................................. MODIFIED.
14455 19:01:38 (1) !! ERROR: Default trustee 'NT AUTHORITY\NETWORK SERVICE' has been REMOVED!
14456 19:01:38 (0) ** - REMOVED ACE:
14457 19:01:38 (0) ** ACEType: &h0
14458 19:01:38 (0) ** ACCESS_ALLOWED_ACE_TYPE
14459 19:01:38 (0) ** ACEFlags: &h12
14460 19:01:38 (0) ** CONTAINER_INHERIT_ACE
14461 19:01:38 (0) ** INHERITED_ACE
14462 19:01:38 (0) ** ACEMask: &h13
14463 19:01:38 (0) ** WBEM_ENABLE
14464 19:01:38 (0) ** WBEM_METHOD_EXECUTE
14465 19:01:38 (0) ** WBEM_WRITE_PROVIDER
14466 19:01:38 (0) **
14467 19:01:38 (0) ** => The REMOVED ACE was part of the DEFAULT setup for the trustee.
14468 19:01:38 (0) ** Removing default security will cause some operations to fail!
14469 19:01:38 (0) ** It is possible to fix this issue by editing the security descriptor and adding the ACE.
14470 19:01:38 (0) ** For WMI namespaces, this can be done with 'WMIMGMT.MSC'.
14471 19:01:38 (0) ** Note: WMIDiag has no specific knowledge of this WMI namespace.
14472 19:01:38 (0) ** The security diagnostic is based on the WMI namespace expected defaults.
14473 19:01:38 (0) ** A specific WMI application can always require a security setup different
14474 19:01:38 (0) ** than the WMI security defaults.
14475 19:01:38 (0) **
14476 19:01:38 (0) ** WMI namespace security for 'ROOT/NAP': .............................................................................. MODIFIED.
14477 19:01:38 (1) !! ERROR: Default trustee 'NT AUTHORITY\LOCAL SERVICE' has been REMOVED!
14478 19:01:38 (0) ** - REMOVED ACE:
14479 19:01:38 (0) ** ACEType: &h0
14480 19:01:38 (0) ** ACCESS_ALLOWED_ACE_TYPE
14481 19:01:38 (0) ** ACEFlags: &h12
14482 19:01:38 (0) ** CONTAINER_INHERIT_ACE
14483 19:01:38 (0) ** INHERITED_ACE
14484 19:01:38 (0) ** ACEMask: &h13
14485 19:01:38 (0) ** WBEM_ENABLE
14486 19:01:38 (0) ** WBEM_METHOD_EXECUTE
14487 19:01:38 (0) ** WBEM_WRITE_PROVIDER
14488 19:01:38 (0) **
14489 19:01:38 (0) ** => The REMOVED ACE was part of the DEFAULT setup for the trustee.
14490 19:01:38 (0) ** Removing default security will cause some operations to fail!
14491 19:01:38 (0) ** It is possible to fix this issue by editing the security descriptor and adding the ACE.
14492 19:01:38 (0) ** For WMI namespaces, this can be done with 'WMIMGMT.MSC'.
14493 19:01:38 (0) ** Note: WMIDiag has no specific knowledge of this WMI namespace.
14494 19:01:38 (0) ** The security diagnostic is based on the WMI namespace expected defaults.
14495 19:01:38 (0) ** A specific WMI application can always require a security setup different
14496 19:01:38 (0) ** than the WMI security defaults.
14497 19:01:38 (0) **
14498 19:01:38 (0) ** WMI namespace security for 'ROOT/NAP': .............................................................................. MODIFIED.
14499 19:01:38 (1) !! ERROR: Default trustee 'EVERYONE' has been REMOVED!
14500 19:01:38 (0) ** - REMOVED ACE:
14501 19:01:38 (0) ** ACEType: &h0
14502 19:01:38 (0) ** ACCESS_ALLOWED_ACE_TYPE
14503 19:01:38 (0) ** ACEFlags: &h12
14504 19:01:38 (0) ** CONTAINER_INHERIT_ACE
14505 19:01:38 (0) ** INHERITED_ACE
14506 19:01:38 (0) ** ACEMask: &h13
14507 19:01:38 (0) ** WBEM_ENABLE
14508 19:01:38 (0) ** WBEM_METHOD_EXECUTE
14509 19:01:38 (0) ** WBEM_WRITE_PROVIDER
14510 19:01:38 (0) **
14511 19:01:38 (0) ** => The REMOVED ACE was part of the DEFAULT setup for the trustee.
14512 19:01:38 (0) ** Removing default security will cause some operations to fail!
14513 19:01:38 (0) ** It is possible to fix this issue by editing the security descriptor and adding the ACE.
14514 19:01:38 (0) ** For WMI namespaces, this can be done with 'WMIMGMT.MSC'.
14515 19:01:38 (0) ** Note: WMIDiag has no specific knowledge of this WMI namespace.
14516 19:01:38 (0) ** The security diagnostic is based on the WMI namespace expected defaults.
14517 19:01:38 (0) ** A specific WMI application can always require a security setup different
14518 19:01:38 (0) ** than the WMI security defaults.
14519 19:01:38 (0) **
14520 19:01:38 (0) **
14521 19:01:38 (0) ** DCOM security warning(s) detected: .................................................................................. 0.
14522 19:01:38 (0) ** DCOM security error(s) detected: .................................................................................... 12.
14523 19:01:38 (0) ** WMI security warning(s) detected: ................................................................................... 1.
14524 19:01:38 (0) ** WMI security error(s) detected: ..................................................................................... 60.
14525 19:01:38 (0) **
14526 19:01:38 (1) !! ERROR: Overall DCOM security status: ................................................................................ ERROR!
14527 19:01:38 (1) !! ERROR: Overall WMI security status: ................................................................................. ERROR!
14528 19:01:38 (0) ** - Started at 'Root' --------------------------------------------------------------------------------------------------------------
14529 19:01:38 (0) ** INFO: WMI permanent SUBSCRIPTION(S): ................................................................................ 2.
14530 19:01:38 (0) ** - ROOT/SUBSCRIPTION, MSFT_UCScenarioControl.Name="Microsoft WMI Updating Consumer Scenario Control".
14531 19:01:38 (0) ** 'SELECT * FROM __InstanceOperationEvent WHERE TargetInstance ISA 'MSFT_UCScenario''
14532 19:01:38 (0) ** - ROOT/SUBSCRIPTION, NTEventLogEventConsumer.Name="SCM Event Log Consumer".
14533 19:01:38 (0) ** 'select * from MSFT_SCMEventLogEvent'
14534 19:01:38 (0) **
14535 19:01:38 (0) ** WMI TIMER instruction(s): ........................................................................................... NONE.
14536 19:01:38 (0) ** WMI ADAP status: .................................................................................................... OK.
14537 19:01:38 (0) ** WMI MONIKER CONNECTIONS: ............................................................................................ OK.
14538 19:01:38 (0) ** WMI CONNECTIONS: .................................................................................................... OK.
14539 19:01:38 (0) ** WMI GET operations: ................................................................................................. OK.
14540 19:01:38 (0) ** WMI MOF representations: ............................................................................................ OK.
14541 19:01:38 (0) ** WMI QUALIFIER access operations: .................................................................................... OK.
14542 19:01:38 (0) ** WMI ENUMERATION operations: ......................................................................................... OK.
14543 19:01:38 (0) ** WMI EXECQUERY operations: ........................................................................................... OK.
14544 19:01:38 (0) ** WMI GET VALUE operations: ........................................................................................... OK.
14545 19:01:38 (0) ** WMI WRITE operations: ............................................................................................... NOT TESTED.
14546 19:01:38 (0) ** WMI PUT operations: ................................................................................................. NOT TESTED.
14547 19:01:38 (0) ** WMI DELETE operations: .............................................................................................. NOT TESTED.
14548 19:01:38 (0) ** WMI static instances retrieved: ..................................................................................... 598.
14549 19:01:38 (0) ** WMI dynamic instances retrieved: .................................................................................... 0.
14550 19:01:38 (0) ** WMI instance request cancellations (to limit performance impact): ................................................... 0.
14551 19:01:38 (0) ** ----------------------------------------------------------------------------------------------------------------------------------
14552 19:01:38 (0) ** # of Event Log events BEFORE WMIDiag execution since the last 20 day(s):
14553 19:01:38 (0) ** DCOM: ............................................................................................................. 1.
14554 19:01:38 (0) ** WINMGMT: .......................................................................................................... 0.
14555 19:01:38 (0) ** WMIADAPTER: ....................................................................................................... 0.
14556 19:01:38 (0) ** => Verify the WMIDiag LOG at line #12999 for more details.
14557 19:01:38 (0) **
14558 19:01:38 (0) ** # of additional Event Log events AFTER WMIDiag execution:
14559 19:01:38 (0) ** DCOM: ............................................................................................................. 0.
14560 19:01:38 (0) ** WINMGMT: .......................................................................................................... 0.
14561 19:01:38 (0) ** WMIADAPTER: ....................................................................................................... 0.
14562 19:01:38 (0) ** ----------------------------------------------------------------------------------------------------------------------------------
14563 19:01:38 (0) ** WMI Registry key setup: ............................................................................................. OK.
14564 19:01:38 (0) ** ----------------------------------------------------------------------------------------------------------------------------------
14565 19:01:38 (0) ** ----------------------------------------------------------------------------------------------------------------------------------
14566 19:01:38 (0) ** ----------------------------------------------------------------------------------------------------------------------------------
14567 19:01:38 (0) ** ----------------------------------------------------------------------------------------------------------------------------------
14568 19:01:38 (0) **
14569 19:01:38 (0) ** ----------------------------------------------------------------------------------------------------------------------------------
14570 19:01:38 (0) ** ------------------------------------------------------ WMI REPORT: END -----------------------------------------------------------
14571 19:01:38 (0) ** ----------------------------------------------------------------------------------------------------------------------------------
14572 19:01:38 (0) **
14573 19:01:38 (0) ** ERROR: WMIDiag detected issues that could prevent WMI to work properly!. Check 'C:\DOKUMENTE UND EINSTELLUNGEN\[ … ]\LOKALE EINSTELLUNGEN\TEMP\WMIDIAG-V2.0_XP___.CLI.RTM.32_[ … ]_2011.01.30_18.55.24.LOG' for details.
14574 19:01:38 (0) **
14575 19:01:38 (0) ** WMIDiag executed in 6 minutes.
14576 19:01:38 (3)
14577 19:01:38 (3) 2.0,1/30/2011,18:55:35,1/25/2011 17:42:59,Falsch,Falsch,Falsch,32-bit,x86 Family 15 Model 2 Stepping 9 GenuineIntel,5.1,2600,Service Pack 3,Windows XP - No service pack - 32-bit,XP___.CLI.RTM.32,, [ … ], [ … ]\ [ … ],False,Root,1,IDE,0,0,0,0, ,9,11185,9,11184, , , ,0,0,0,0,0,0,9,0,0,0,0, , ,12,0,60,1,2,0,4,0,0,0,0,0,0,0,0,0,0,0,0, , , ,0,598,0,1,0,0,0,0,0,2,16,2,23,1/30/2011,19:01:38,74,1,8,374,207,77,1,WMIDIAG-V2.0_XP___.CLI.RTM.32_[ … ]_2011.01.30_18.55.24.LOG,C:\DOKUMENTE UND EINSTELLUNGEN\[ … ]\LOKALE EINSTELLUNGEN\TEMP\WMIDIAG-V2.0_XP___.CLI.RTM.32_[ … ]_2011.01.30_18.55.24.LOG
14578 19:01:38 (3)
14579 19:01:38 (0) ** WMIDiag v2.0 ended on Sonntag, 30. Januar 2011 at 19:01 (W:207 E:77 S:1).
16078 19:01:39 (0) ** TXT file "C:\DOKUMENTE UND EINSTELLUNGEN\[ … ]\LOKALE EINSTELLUNGEN\TEMP\WMIDIAG-V2.0_XP___.CLI.RTM.32_[ … ]_2011.01.30_18.55.24-REPORT.TXT" closed.
16079 19:01:39 (0) ** CSV file "C:\DOKUMENTE UND EINSTELLUNGEN\[ … ]\LOKALE EINSTELLUNGEN\TEMP\WMIDIAG-V2.0_XP___.CLI.RTM.32_[ … ]_2011.01.30_18.55.24-STATISTICS.CSV" closed.
16080 19:01:39 (0) ** LOG file "C:\DOKUMENTE UND EINSTELLUNGEN\[ … ]\LOKALE EINSTELLUNGEN\TEMP\WMIDIAG-V2.0_XP___.CLI.RTM.32_[ … ]_2011.01.30_18.55.24.LOG" closed.

.


Gruß,
weemag

[Denniss]

Wude das OS von einer originalen CD installiert oder von einer z.B. mit nlite verbastelten Version ?
Klingt dast als würde da Teile fehlen.
Firewall futsch oder nur deaktiviert ?
Der versteckte Benutzer "Administrator futsch ?

[weemag]

Installation meines Win XP von Original-CD, und wie ich am 2. Februar ja schon mal geschrieben habe: nichts derartiges wie nlite ist hier zum Einsatz gekommen. Nur wie gesagt die "künstliche" Verlängerung der Aktivierungsfrist mit Sysprep. Ich bin mit dem System auch natürlich noch nicht online gewesen nach der Neuinst.
Win XP-Firewall ist aktiv und konfiguriert ("Keine Ausnahmen zulassen"), für den "versteckten" Admin hatte ich vor einiger Zeit im abgesicherten Modus ein Passwort vergeben.

[weemag]

Sprachlosigkeit, Schweigen im Walde?
Ich muss im Grunde nur wissen, ob es Chancen gibt, dass ich WSUS OU bei mir laufen lassen kann oder ob ich's vergessen kann. Dann nämlich muss ich das System auf andere Art und Weise updaten.


Grüße,
weemag.

[WSUSUpdateAdmin]

Moin!

Aus den FAQs: "Für einen fehlerfreien Ablauf benötigt das Installationsskript korrekte Installationen der Windows-Dienste bzw. -Komponenten "Automatische Updates (WUA)", "Windows Script Host (WSH)" und "Windows Management Instrumentation (WMI)".

Diese Voraussetzungen waren bisher auf allen frisch installierten Systemen, die ich gesehen habe, gegeben.
Weitere Analysemöglichkeiten sind von Ferne natürlich begrenzt, daher das Schweigen.

Gruß
Torsten Wittrock

[weemag]

OK, und aus dem geposteten Log bzw. Report kann man nichts ableiten ausser dass Systemkomponenten scheinbar fehlen?
Eine erneute Install. kommt für mich in gar keinem Fall in Frage.