Configuring Remote Access to WMI

Top Previous Next

Follow the steps presented below to configure WMI for remote access.

Configure DCOM

WMI uses DCOM to handle remote calls. Therefore, DCOM should be accessible remotely for the specific user. Refer to Configuring DCOM for Remote Access for details.

WMI Namespace Access Settings

•	Go to Control Panel > Administrative Tools > Computer Management > Services and Applications.

•	Right-click WMI Control and select Properties.

•	Select the Security tab and click the Security button.

•	Add the monitoring user account and check all the needed permissions (including the Remote Enable).

Make sure that the security settings for WMI namespaces are inherited from Root. Alternatively, you can configure security for particular namespaces.

Allow WMI through Windows Firewall

If the WMI server is running Windows Firewall, then you need to tell it to let remote WMI requests pass through. This can only be done from the command prompt:

netsh firewall set service RemoteAdmin enable

WMI Impersonation Rights

Start Group Policy Editor console by clicking Start, then Run, typing gpedit.msc, and then clicking OK. Under Local Computer Policy, expand Computer Configuration, and then expand Windows Settings. Expand Security Settings, expand Local Policies, and then select User Rights Assignment. Make sure that Impersonate a client after authentication rights is granted for SERVICE account .

Registry Permissions

Set full access permissions for the WMI monitoring user to the HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurePipeServers\WinReg branch.