.. _ms-wmi:

Configuring Environment for Remote WMI Information Collection
==================================================

WMI (Windows Management Instrumentation) is a Microsoft tool for web-based enterprise management.
WMI can be used to inspect endpoints and collect information on them.

Basic Requirements
-------------------------

The following settings are required to use WMI on Windows endpoints:
- Port 135/TCP must be available.

- The following services must be running on the endpoint:
    - Server
    - Windows Management Instrumentation (WMI)

- WMI communication must be allowed in the firewall.

Additional Configuration and Troubleshooting Options
--------------------------------------------------

Please check the following configuration settings for remote WMI information collection:
1. Configure Active Directory settings as follows. Settings can be applied to endpoints using Group Policy.
- Member of Domain Administrators or Local Administrators group

- Members of domain groups:
    - Performance Log Users
    - Distributed COM Users

- Permissions for group members:
    - Act as part of Operating System
    - Log on as a batch job
    - Log on as a service
    - Replace a process

2. Run the dcomcnfg utility and then set endpoint permissions.
- Access Permissions: Enable all
- Launch and Activation Permissions: Enable all

3. Run the wmimgmt.msc utility and configure security settings for the WMI domain.
Assign permissions to the domain for the following locations:

- root/CIMv2
- root/Default
- root/SecurityCenter
- root/SecurityCenter2

Assign the following permissions to each domain:

- Execute Methods
- Enable Account
- Remote Enable
- Read Security