"It's not what you can do, it's what you can get done."

Thursday, July 22, 2010

Error installing PowerShell2/WinRM, Event ID 4373 "Access Denied"

Had to use the ever-useful process-monitor in order to find out what the issue was. In this case a registry entry at HKLM\Software\Microsoft\Windows NT\CurrentVersion\Svchost


Gave admins write access, and fixed!


P.S. And what was the super-important item that had to be written?

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\WINRM]
"CoInitializeSecurityParam"=dword:00000001
"AuthenticationCapabilities"=dword:00003020



Huh.



UPDATE: Discovered (Thanks to this post) that the issue was caused by the GPO I had created months ago as per the MS-specified confiker mitigation KB. (To be fair the article does warn about inability to install updates...but it was easy to miss.)