Gmail Calendar Documents Reader Web more »
Recently Visited Groups | Help | Sign in
Google Groups Home
microsoft.public.scripting.vbscript
+ new post
About this group
Subscribe to this group
This is a Usenet group - learn more
Message from discussion Enable remote WMI programmatically?
The group you are posting to is a Usenet group. Messages posted to this group will make your email address visible to anyone on the Internet.
Your reply message has not been sent.
Your post was successful
 
From:
To:
Cc:
Followup To:
Add Cc | Add Followup-to | Edit Subject
Subject:
Validation:
For verification purposes please type the characters you see in the picture below or the numbers you hear by clicking the accessibility icon. Listen and type the numbers you hear
 
Dave  
View profile  
 More options Oct 30 2009, 4:35 pm
Newsgroups: microsoft.public.scripting.vbscript
From: Dave <dave...@gmail.com>
Date: Fri, 30 Oct 2009 09:35:05 -0700 (PDT)
Local: Fri, Oct 30 2009 4:35 pm
Subject: Re: Enable remote WMI programmatically?
Forward | Print | View thread | Show original | Report this message | Find messages by this author
On Oct 5, 4:59 pm, Karl Mitschke <karlmitsc...@somestate.gov> wrote:

> I have 600 Windows servers (99% Server 2003, 1% Server 2008)

> I need to allow a domain user account to access WMI information remotly.

> So, I need a way to:
> 1) Enable the firewall to allow remote wmi calls.
> 2) Enable remote DCOM.
> 3) Modify the WMI security to allow access to the Root\CIMV2 namespace for
> my account.

> I can do all this manually, but I don't want to touch all 600 servers.

> Does anyone have a script or any c# code snippets to allow this?

> Thanks

> Karl

You can do this fairly easily if all the servers are under active
directory by configuring a GPO.

If they are, you can do this....

1.      Using the Group Policy Editor, click Computer Configuration, click
Windows Settings, click Security Settings, click Local Policies, and
then click Security Options. In Network access: Sharing and security
model for local accounts, click Classic – local users authenticate as
themselves.
2.      Using the Group Policy Editor, click Computer Configuration, click
Administrative Templates, click Network, click Network Connections,
click Windows Firewall, and then click Domain Profile.
3.      In Windows Firewall: Allow remote administration exception, click
Enabled. In Allow unsolicited incoming messages from, type the IP
address or subnet of the computer performing the inventory.
4.      In Windows Firewall: Allow file and print sharing exception, click
Enabled. In Allow unsolicited incoming messages from, type the IP
address or subnet of the computer performing the inventory.

After saving the policy changes, don't forget you need to wait for the
policy settings to be applied to the client computers, which can take
up to two hours.

Kind Regards

- Dave


    Forward  
You must Sign in before you can post messages.
To post a message you must first join this group.
Please update your nickname on the subscription settings page before posting.
You do not have the permission required to post.
Create a group - Google Groups - Google Home - Terms of Service - Privacy Policy
©2010 Google