Thoughts from the EPS Windows Server Performance Team
Last year, we discussed using the WMI Diagnosis Utility in a post on Basic WMI Testing. We’ve certainly noticed that more than a few of our customers are running the utility before contacting us, which certainly helps us in our troubleshooting. However, in the last couple of months, we’ve had a few customers call in reporting that the utility is reporting several missing core WMI files on Windows Vista and Windows Server 2008 systems and this is creating concern for the administrators. When reviewing the log file of the WMIDiag.vbs output, they see entries such as the ones below:
..167 07:09:07 (1) !! ERROR: WMI System file 'C:\WINDOWS\SYSTEM32\WBEM\FRAMEDYN.DLL' is MISSING or is access DENIED.
..168 07:09:07 (2) !! WARNING: WMI System file 'C:\WINDOWS\SYSTEM32\WBEM\FRAMEDYNOS.DLL' is MISSING or is access DENIED but it is an OPTIONAL component.
..177 07:09:07 (1) !! ERROR: WMI System file 'C:\WINDOWS\SYSTEM32\WBEM\PROVTHRD.DLL' is MISSING or is access DENIED
..193 07:09:07 (1) !! ERROR: WMI System file 'C:\WINDOWS\SYSTEM32\WBEM\WBEMCOMN.DLL' is MISSING or is access DENIED.
Naturally, when running any sort of diagnostic report on a system, you would get concerned about the fact that core files are reported as missing. However, in this particular instance, this is not a problem with the OS – but rather, an issue with the current version of the WMI Diagnosis Utility. Several WMI core files, such as the ones listed above (FRAMEDYN.DLL, FRAMEDYNOS.DLL, PROVTHRD.DLL and WBEMCOMN.DLL) have been moved from the C:\WINDOWS\SYSTEM32\WBEM folder into the C:\WINDOWS\SYSTEM32 folder. However, the WMIDiag utility hasn’t been updated to reflect that, which is why you’ll see these errors in the WMI Log.
So what’s the way forward? As with many tools, change sometimes comes slowly. For those of you who have run into these problems with WMIDiag, rest assured that we are working on a new version of WMIDiag.
- CC Hameed
WMIdiag appears to only work correctly on english language versions of windows. It searches for security identifiers using names like 'EVERYONE' or 'Builtin\administrators' . These are translated on non-english systems, so when it searches for ACLs using these names it fails.
I'm not sure what the solution is, but I would guess that there is some way to go from a guid to 'builtin\administrators'