如何配置防火墙以允许 RPC

How to configure firwall to allow RPC

我正在尝试使用 C# 远程更改 IIS 应用程序池身份(用户)并收到错误

System.Runtime.InteropServices.COMException (0x800706BA): The RPC server is unavailable.

如果我允许来自防火墙的所有 RPC 动态端口(在 49152 到 65535 范围内)用于远程计算机上的所有服务,我就可以正确地完成它。 我只想知道远程系统用于完成该过程的确切服务或进程名称,以便我可以只允许该服务的端口。

public static bool ChangeAppPoolUser(string ip, string machineName, string username, string password, string applicationPoolName)
{          
    try
    {
        var metabasePath = "IIS://" + ip + "/W3SVC/AppPools";
        // Get list of appPools at specified metabasePath location 
        using (DirectoryEntry appPools = new DirectoryEntry(metabasePath, username, password))
        {
            if(appPools==null)
            {
                Helper.PrepareDebugLog("appPools is null");
            }
            Helper.PrepareDebugLog("metabasePath:" + metabasePath + " username:" + username + " password:" + password);

            // From the list of appPools, Search and get the appPool  
            using (DirectoryEntry AppPool = appPools.Children.Find(applicationPoolName, "IIsApplicationPool"))
            {
                Helper.PrepareDebugLog("in");

                if (AppPool != null)
                {                            
                    AppPool.InvokeSet("AppPoolIdentityType", new Object[] { 3 });

                    // Configure username for the AppPool with above specified username                     

                    AppPool.InvokeSet("WAMUserName", new Object[] { Environment.UserDomainName + "\" + Environment.UserName });

                    // Configure password for the AppPool with above specified password                       
                    AppPool.InvokeSet("WAMUserPass", new Object[] { CommonProgramVariables.localPassword });

                    // Write above settings to IIS metabase 
                    AppPool.Invoke("SetInfo", null);

                    // Commit the above configuration changes that are written to metabase 
                    AppPool.CommitChanges();
                    return true;
                }
            }
        }
    }
    catch (Exception e)
    {
        Helper.PrepareLogWithTimstamp("EXCEPTION WHILE CHNAGE USER: Parameter USED machineName:" + machineName + " username:" + username + " password:" + password + " applicationPoolName:" + applicationPoolName + " LocalPassword:" + CommonProgramVariables.localPassword + " Local User:" + Environment.UserDomainName + "\" + Environment.UserName);
        Helper.PrepareLog("EXCEPTION:", e);
    }
    return false;
}

预期:应为远程计算机 AppPool 更改 AppPool 用户。

实际结果:

System.Runtime.InteropServices.COMException (0x800706BA): The RPC server is unavailable.

错误 RPC 服务器不可用。 (HRESULT 异常:0x800706BA)如果 RPC / WMI 连接由于防火墙限制在目标计算机上被阻止或者您输入了错误的目标计算机主机名/IP 地址,则可能会发生。

要解决此错误,您可以按照以下步骤操作:

1) 打开控制面板,单击安全,然后单击 Windows 防火墙。

2) 单击“更改设置”,然后单击“例外”选项卡。

3) 在例外 window、select 中 Windows Management Instrumentation (WMI) 的复选框启用 WMI 流量通过防火墙。