Setting preferences for collecting remote WMI information

Windows Management Instrumentation (WMI) is a Microsoft tool for web-based enterprise management. The WMI can be used to check your device and collect information from your device.

Basic Requirements

To use WMI on a Windows endpoint, verify the following settings: Remote WMI is only available when joined to an AD domain

• Port 135/TCP must be available for WMI communication.

• The following services should be running:

  • Server

  • Windows Management Instrumentation (WMI)

• WMI communication must be enabled in network firewalls.

Additional Configuration/Troubleshooting Options

Verify/implement the following configuration settings to work with WMI.

1. Configure the following Active Directory settings. You can configure some of these settings on endpoints using a Group Policy.

   • Member of Domain Administrators or Local Administrators group

   • Member of the following domain groups:

     • Performance Log Users

     • Distributed COM Users

   • Member of a group with the following permissions:

     • Act as part of Operating System

     • Log on as a batch job

     • Log on as a service

     • Replace a process

2. Run the dcomcnfg utility and configure the following endpoint permissions:

   • Access Permissions: Enable all

   • Launch and Activation Permissions: Enable all

3. Run the wmimgmt.msc utility and configure WMI namespace security settings. Assign permissions to the following namespaces:

   • rootCIMv2

   • rootDefault

   • rootSecurityCenter

   • rootSecurityCenter2

   Assign the following permissions to each of the namespaces:

   • Execute Methods

   • Enable Account

   • Remote Enable

   • Read Security