[Okta Webinar] Learn how to a build a cloud-first strategyRegister Now

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 2516
  • Last Modified:

WMI security on Windows 7

Hi,
I have windows 7 workstations in the domain.
I have a server running windows 2003 in a workgroup.
I want to be able to run a WMI script remotely from that server on the Windows 7 workstation.
The script works fine on Windows XP (remotely).

what do I need to change in the Windows 7 client definitions in order to achieve that?
Where in the group policy can I make this changes?

Thanks!
0
oferam
Asked:
oferam
  • 3
  • 2
1 Solution
 
senadCommented:
You need to disable UAC first ...
0
 
oferamAuthor Commented:
I need some more specific fine grained permissions and how to set them through the GPO, thanks.
0
 
grayeCommented:
I suspect the issue is related to the firewall settings on the Win7 box.  You should check to verify that "Windows Management Instrumentation" protocols are allowed.
http://technet.microsoft.com/en-us/library/cc738900(WS.10).aspx 
Recall that you'd need to use a domain account that's in the local Administrators group.  Disababling UAC is only required if you're using a workgroup.
0
When ransomware hits your clients, what do you do?

MSPs: Endpoint security isn’t enough to prevent ransomware.
As the impact and severity of crypto ransomware attacks has grown, Webroot has fought back, not just by building a next-gen endpoint solution capable of preventing ransomware attacks but also by being a thought leader.

 
oferamAuthor Commented:
The link you attached is NOT relevant to windows 7 since Microsoft changed their firewall. It is now the advanced firewall that is relevant.

Just for general knowledge my Server is 2003 and from another server that is the domain WMI works. How can domain membership affect whether the client accept WMI queries from my server or not?
0
 
grayeCommented:
Sorry for the bad link, but at least the concepts are the same.   So, was the firewall on the Win7 box an issue?
There was a change in the UAC security model for WMI that limits remote impersonation to only Domain accounts.   So, in a workgroup environment (where you have no Domain accounts), you have no choice but to disable UAC.   In a domain environment, you can use any domain account (not local account!), and remote impersonation will work just fine.  Obviously for the sake of WMI, this would probably be an account that in the remote PC's local Administrator account.
So, again... disabling UAC is only required in a workgroup environment.
0
 
oferamAuthor Commented:
Hopefully disabling UAC will help, I will check it on Monday.
Thanks so far
0

Featured Post

What is SQL Server and how does it work?

The purpose of this paper is to provide you background on SQL Server. It’s your self-study guide for learning fundamentals. It includes both the history of SQL and its technical basics. Concepts and definitions will form the solid foundation of your future DBA expertise.

  • 3
  • 2
Tackle projects and never again get stuck behind a technical roadblock.
Join Now