Windows Management Instrumentation (WMI) is a powerful Microsoft standard that allows system administrators to monitor and manage an entire Windows network from one central point. WMI technology is a key component of most network monitoring tools, as it provides vital and detailed information on devices and applications running on the Microsoft operating system such as CPU usage and temperature, or usage of RAM.
However, administrators are not always able to exploit the full potential of WMI. For three quarters of our customers, Windows based operating systems represent more than 90% of their network; however this isn’t without its challenges. Indeed, countless calls to our support team here at Paessler are from customers experiencing problems with WMI.
In most cases, problems stem from security and user account related issues, but more complex issues can also give administrators a headache. We are often asked to help customers with configuration as WMI needs to be properly installed and configured for administrators to take full advantage of all the opportunities that it offers.
Here are the most common WMI problems as reported to my support team, and I recommend that administrators take the following steps to ensure WMI is working as it should:
- User credentials: For every WMI query, administrators have to provide Windows user credentials. To simplify this process, choose a user that is a member of the ‘Domain Administrators’ group in the same Active Directory section as the target computer. Alternatively, set up a local system administrator account on the target computer and use this for the login. Each user must also have remote access rights to be able to use WMI.
- Local firewall: To ensure that all enquiries reach the target computer, make sure that the firewall of the target computer allows incoming WMI requests.
- Firewall and group policies: If the firewall is enabled by group policies, activate the ‘Allow Remote Administration Exception’ setting.
- Port: The RPC server used for WMI on the target computer is usually running on port 135 by default (unless configured otherwise). Ensure this port is not blocked by any (hardware) firewall in the network, en route to the remote computer.
- Security software: It is always a good idea to double-check if any local security software (anti-spy, anti-virus, etc) is blocking WMI connections. You will need to allow WMI connections in the software settings.