[python-win32] Win32_NTLogEvent access denied exception
Tim Golden
mail at timgolden.me.uk
Thu Mar 10 19:46:47 CET 2011
On 10/03/2011 6:24 PM, Tim Roberts wrote:
> inf200640 at ucf.edu.cu wrote:
>> I'm having problems recieving local wmi events from Win32_NTLogEvent class. It turns
>> out that I want to know which user starts or stops services. I set a watcher for that
>> propose and it raises the following exception:
>>
>> x_access_denied:<x_wmi: Unexpected COM Error (-2147352567, 'Ocurri\xf3 una exce
>> pci\xf3n.', (0, u'SWbemServicesEx', u'Acceso denegado ', None, 0, -2147217405),
>> None)>
>>
>> I have done the same with other classes and everything works just fine.
>>
>> The script is running from the system's administration account. Do I need to provide
>> extra privileges in con = wmi.WMI()?
>>
>> Could anyone help me figure out what is happening, please?
>
> Did you look at the documentation?
> http://msdn.microsoft.com/en-us/library/aa394226.aspx
> The very first paragraph says:
>
> An application must have SeSecurityPrivilege to receive events from
> the security event log, otherwise "Access Denied" is returned to the
> application.
>
> -2147217405 is 0x80041003, which is WBEM_E_ACCESS_DENIED, just like it says.
>
> It takes a surprising amount of code to acquire a privilege. Here is
> some Python code that shows how to do it:
Well, I think I can help out on three fronts here:
1) For WMI purposes, acquiring a privilege is as simple as adding a clause
to the WMI moniker. Using the wmi module, it's even easier:
c = wmi.WMI (privileges=["security"])
2) On W7, at least, in a non-elevated command prompt, this wasn't enough
to let me capture eventlog events: I had to run it in an elevated command
prompt.
3) If you did want to apply the priv to the whole process you were in
(as per the code Tim R pointed to) you might do worse than use my
winsys package:
<code>
from winsys import security
with security.change_privileges (["security"]):
# do stuff
</code>
http://timgolden.me.uk/python/winsys/security.html#security.change_privileges
However, I don't believe that's necessary here...
TJG
More information about the python-win32
mailing list