Support

0

How do I configure WMI users for discovery?

Avatar
Jamie Conner

I need to create or manage WMI users for Hyperview to successfully discover all protocol information about my machines. What is the minimum level access that can be setup for WMI?

Avatar
Discard
1 Answer
0
Avatar
Jamie Conner
Best Answer

Configuring a read-only local user for WMI on single machine:

1. Open Computer Management (compmgmt.msc) and navigate to System Tools > Local Users and Groups > Users. Add a new User. Set the password and check the box for 'Password never expires' if needed.

2. Right-Click the new user and open Properties. Open the 'Member-Of' tab and add the user to 'Distributed COM Users' and 'Performance Monitor Users' groups.

3. Add the new user to Computer Management > Services and Applications > WMI Control > Properties > Security Tab > CIMV2 > Security. Check the boxes for 'Enable Account' and 'Remote Enable'.


 

Configuring a read-only domain user for WMI on domain controller:

 

IMPORTANT!

A Windows Domain Controller GPO cannot define root/CIMV2 namespace privileges for domain users.

 

This setup requires a powershell script defined in the GPO. This script is available through Hyperview Helpdesk.

 

1. Open Active Directory Users and Computers from Server Manager and navigate to 'DomainName' > Users. Right-Click Users > New > User and add a new user meant for WMI read-only access. This is the user that will be entered into Hyperview upon configuring discoveries.


 

2. Right-Click the new user and open Properties. Open the 'Member-Of' tab and add the user to 'Distributed COM Users' and 'Performance Monitor Users' groups.