Please help me understand how the authentication happens when I invoke a WMI connection on remote computer using User Credentials. I am expecting WMI to encrypt credentials when a connection is made to the remote computer.
The code snippet section has the .NET 4.0 Code that is trying to establish a connection to the remote computer to query some Registry Information.
The user would key-in his Domain User Name and Password in the front-end and the code segment below would establish a WMI connection to Remote Computer.
Key Questions that I have are?
1. Is this the secure way of passing user name and password while connecting to Remote WMI?
2. Does this connection to Remote Computer in anyway is Encrypted? (I expected it to be)
3. Is there a possibility for an eves dropper to get hold of the user credentials?
Dim objManagementClass As ManagementClass
Dim ObjManagementBaseObject As ManagementBaseObject
Dim connection As New ConnectionOptions
connection = New ConnectionOptions
connection.Username = txtUID.Text
connection.Password = txtPassword.Text
connection.Authority = "ntlmdomain:" + Domain.SelectedValue ‘ Updating User Domain
Scope = New ManagementScope("\\" + StrServer + "\root\Default", connection) ‘Connecting to default namespace on remote server
Scope.Options.EnablePrivileges = True
Scope.Options.Impersonation = ImpersonationLevel.Impersonate
Perform the WMI Query
Connection = Nothing
txtUID.text = “”
txtPassword.text = “”