Error 1601: Failed to retrieve WMI info. No such interface supported

BatchPatch Forums Home Forums BatchPatch Support Forum Error 1601: Failed to retrieve WMI info. No such interface supported

Tagged: 

Viewing 6 posts - 1 through 6 (of 6 total)
  • Author
    Posts
  • #8684
    djww
    Participant

    New user to batch patch here and I am getting the error listed above on my 3 DMZ hosts.

    These DMZ hosts can touch my WSUS server which is also where i have batchpatch placed. There are firewall rules between them so i have access. The same username/password is used for all of my other systems as the DMZ hosts and they all work fine.

    I went and made sure that WMI was turned on in the firewall as an application allowed. Not sure what I am missing here but any help would be greatly appreciated. Is there a specific port that Batch runs on that needs to be opened?

    #9817
    djww
    Participant

    I need to add that all of the DMZ hosts are built on the same template as my non DMZ hosts, and other items use WMI to function (we were using solarwinds to patch prior and it uses WMI) so i know the WMI is working properly.

    This is on server 2016. I ran the WMI diagnostics tool and i am not getting any errors.. Any ideas?

    #9819
    djww
    Participant

    I just ran some tests in solarwinds on the three systems (there is a WMI diagnostics and repair tool built into it)(it also uses WMI to push patches) and it passes with everything on all 3 servers at this point I think it has to be a port that is not opened for BP to get through to the DMZ.

    Other programs use WMI function properly without errors. All WMI services restarted and checked for functionality. WSUS / Solarwinds both patch these systems without fail and WMI is used for SW. DMZ systems report back to WSUS properly and BP is on the same server. This is not a WMI problem the more i look into it. It is a DMZ/BP problem.

    #9820
    doug
    Moderator

    While it appears that you have confirmed that WMI is probably not the issue, it would be ideal if you could do one more confirmation test that will take just a moment.

    Launch a copy of batchpatch.exe on one of the target systems in the DMZ as administrator. It can just be the free evaluation version– it does not need to be licensed. Ok so go ahead and launch the batchpatch.exe as administrator (right-click ‘Run as administrator’) and then enter the host name of the system that you have launched it on. What I mean to say is that if you are launching BP on HOST567, then please enter HOST567 into the BatchPatch grid so that we can test BatchPatch running on the system itself, which will confirm whether or not WMI is the issue or if it’s a firewall issue. Then attempt whatever action it is that you were attempting. Is it successful or does it produce the same “No such interface supported” error? If it produces the same error, then it would seem that the issue is, in fact, related to a problem with WMI on that computer. If it works fine and it only produces that error when running BatchPatch from the WSUS to act upon the target system in the DMZ, then it’s going to be a firewall issue. The following two links will help you resolve a firewall/port issue:

    using-batchpatch-with-windows-firewall

    batchpatch-ports

    #9822
    djww
    Participant

    Doesn’t look like I will be able to use this on my DMZ hosts as I have tried everything in the two links you provided and still to no avail (opened port 135/445 with full access inbound and out). But when the system hosts it on itself it works fine so I know it is not the WMI providers but a firewall issue, but this is a government office and government firewalls are the worst. I will not be able to modify the firewall any further than i have already done. Unless you have some other idea what could be causing this im lost. Or maybe a work around ? which in turn means we wasted money on the product and wont be using it at all in the future. If it cannot work on all of the machines then it is not viable at all.

    #9823
    doug
    Moderator

    As noted in the BP ports link in my previous posting, ports 135 and 445 are just for PsExec, not for WMI. WMI uses dynamic ports. If you confirmed that BP works properly when it’s running directly on the system in question, then you can be confident that the issue that you’re encountering when running it from the WSUS system is firewall related. Most modern enterprise firewalls have a setting that works for WMI dynamic ports, so it should be fixable. However, that would require you to make modifications to the firewall, of course. If you are not able/allowed to make further modifications to the firewall, then unfortunately the only other option would be running an instance of BP in the DMZ.

Viewing 6 posts - 1 through 6 (of 6 total)
  • You must be logged in to reply to this topic.