.. _ms-wmi:

Setting preferences for collecting remote WMI information
============================================================

Windows Management Instrumentation (WMI) is a Microsoft tool for web-based enterprise management. The WMI can be used to check your device and collect information from your device.

Basic Requirements
---------------------

To use WMI on a Windows endpoint, verify the following settings:
Remote WMI is only available when joined to an AD domain

    - Port 135/TCP must be available for WMI communication.
    - The following services should be running:
        - Server
        - Windows Management Instrumentation (WMI)
    - WMI communication must be enabled in network firewalls.

Additional Configuration/Troubleshooting Options
--------------------------------------------------

Verify/implement the following configuration settings to work with WMI.

1. Configure the following Active Directory settings. You can configure some of these settings on endpoints using a Group Policy.
    - Member of Domain Administrators or Local Administrators group
    - Member of the following domain groups:
        - Performance Log Users
        - Distributed COM Users
    - Member of a group with the following permissions:
        - Act as part of Operating System
        - Log on as a batch job
        - Log on as a service
        - Replace a process
2. Run the dcomcnfg utility and configure the following endpoint permissions:
    - Access Permissions: Enable all
    - Launch and Activation Permissions: Enable all

3. Run the wmimgmt.msc utility and configure WMI namespace security settings. Assign permissions to the following namespaces:
    - root\CIMv2
    - root\Default
    - root\SecurityCenter
    - root\SecurityCenter2


    Assign the following permissions to each of the namespaces:
    
    - Execute Methods
    - Enable Account
    - Remote Enable
    - Read Security