Hi everyone, I have encountered a strange problem: Hardware/software: One SCCM 2007 R3 server (2008 x64). I have created a C# webpage (from the SCCM SDK) where certain users can add computers to SCCM and have them deployed. The users of this webpage are all AD (Active Directory) users and they are also created in SCCM and given the correct access rights. This page works, just not for new SCCM users… I’ll try to explain: This works for users that were added to SCCM before the R3 upgrade or I suspect that a windows update could be the culprit. It’s is so difficult to debug. I found out when I tried to add a new AD user to SCCM (I’ve tried both methods, cloning and adding a new user). The new user where given the correct access rights, just as the old users. I compared them, making sure everything is by the book. If I try to logon to the SCCM server and access the MMC console and then try to add a computer, no problem. The computer is added, everything is fine. Here comes the problem: Now, if I try to add a computer through my webpage, no access. In my C# code I have a variable of type UnauthorizedAccessException and it gives me this error: {"Access is denied. (Exception from HRESULT: 0x80070005 (E_ACCESSDENIED))"} Perhaps this should be in the SDK section, but this is not a programming error. The webpage works for old users, added before the R3 upgrade or before certain windows updates. I have also some vbscripts that won’t work with the credentials from a new user, just old users, even though they have the same user rights in SCCM. The error is the same as above: Access Denied and the number is 80070005. So – as far as I can deduce there is something missing within SCCM. A link, a connection, missing communication, something is broken – but where???? This is really a brain twister – all comments are appreciated. Best Regards Hans Arvid

A potential possibility: because you are doing remote WMI, perhaps try adding that user to the local group on the Configmgr Server "Distributed COM Users" Sometimes that works for remote wmi access to your SMS Provider.Standardize. Simplify. Automate.

Hi, Thanks for fast answer :) The remote WMI works with older users (that is users that were created before the R3 upgrade or some windows update). I checked the "Distributed COM Users" group. It was empty. I added the new user, still Access Denied, but a new error number this time: 80041003 The error number is access denied (http://msdn.microsoft.com/en-us/library/aa393978(VS.85).aspx). Brg Hans Arvid

This is an old thread, I know, but I assume you added the users to "SMS Admins" and assigned the appropriate rights through the SCCM console? I usually find that the best way to solve the problem when developing is provide full rights to the account you are using and scale back once you establish that the code actually works.