When you query some WMI (Windows Management Instrumentation) objects on a Windows Server 2003 SP1 (Service Pack 1) domain controller, you receive Access is denied. If you use the Ultrasound tool to collect information from the Windows Server 2003 SP1 DC, you receive a message similar to:
Access to the Ultrasound WMI provider is denied. You may need to redeploy the provider. Also it may be a clock skew more then 5 minutes between controller and provider machines.
New SP1 DCOM security features provide high security access based upon the new built-in Distributed COM Users group. Since all domain controllers in a domain share all the built-in groups, Windows Server 2003 SP1 only adds the new built-in group to the Windows Server 2003 SP1 PDC emulator (Primary Domain Controller).
To prevent the subject behavior, always install SP1 on the PDC first.
