Provider Error when logging in to the SCCM console as non administrator

2017-12-08T14:36:27+00:00 April 4th, 2012|Azure, Cloud|

Hi There,

There are a number of underlying permissions that must be granted in order for a user to be able to successfully initiate a console session to an SCCM environment.

Firstly you need to make sure the user has the correct site permissions… for example, a user requiring Remote Control access may have the following user rights;

  • Collection
    • Read, Use Remote Tools, Read Resource
  • Site
    • Read

Secondly this user must reside in the relevant site servers Local Group – ‘SMS Admins’. SMS Admins is generally nested in another Local Group – ‘Distributed COM Users’, and you need to check this is the case as well.

Finally, and this was the first time I’ve had to do this for a permission related issue – (and I’ve not discovered the reason why this bit of configuration had been changed or deleted) – you need to make sure that SMS Admins OR the user group containing the Remote Control users has permissions over WMI. To do this you can perform the following;

  • Navigate to Server Manager
  • Expand Configuration
  • Select ‘Properties’ of the WMI Control Object
  • Select the Security Tab
  • Expand Root
  • Select the SMS Folder, and choose Security
    • SMS Admins (or the group containing your users) should have the following permissions;
      • Enable Account
      • Remote Enable
  • Select the site_<SiteCode> folder under SMS, and choose Security
    • SMS Admins (or the group containing your users) should have the following permissions;
      • Execute Methods
      • Provider Write
      • Enable Account
      • Remote Enable

That should be enough for your console connectivity to return 🙂

Thanks,
SteveH