Solved

Restore WMI to Default State and Port Range

Posted on 2014-01-29
2
1,929 Views
Last Modified: 2014-01-31
I followed these steps to force WMI to use one port. Now I would like to reset it back to use dynamic port allocation. Anybody know how I would do this?

This is what I did:

At the command prompt:
1. Type winmgmt -standalonehost
2. Stop the WMI service by typing the command net stop "Windows Management Instrumentation"
3. Restart the WMI service again in a new service host by typing net start "Windows Management Instrumentation"
4. Establish a new port number for the WMI service by typing netsh firewall add portopening TCP 24158 WMIFixedPort.

How do I change to use WMIDynamicPort if that exists...?
0
Comment
Question by:rawinnlnx9
2 Comments
 
LVL 8

Accepted Solution

by:
Ratnesh Mishra earned 500 total points
ID: 39819546
You can follow the following article from microsoft http://support.microsoft.com/kb/217351  in order to reset WMI configuration .


1. If you do not want to configure DCOM to use a range of ports, delete the registry key, and then restart your computer.
2. If you want to configure DCOM on your computer to use a range of ports, use the
HKEY_LOCAL_MACHINE\Software\Microsoft\Rpc\Internet
registry key to configure the range of ports, and follow the instructions in the following white paper:
Using Distributed COM with Firewalls
http://msdn.microsoft.com/en-us/library/ms809327.aspx

Additional Information :-
You can also follow this :

WMI runs as part of a shared service host with ports assigned through DCOM by default.
As you mentioned you followed microsoft article  http://msdn.microsoft.com/en-us/library/bb219447(v=vs.85).aspx

However based on the article http://support.microsoft.com/kb/832017 which states that
WMI ports are
In Windows Server 2008 and later versions, and in Windows Vista and later versions, the default dynamic port range changed to the following range:
Start port: 49152
End port: 65535

Windows 2000, Windows XP and Windows Server 2003 use a dynamic port range of
Start port: 1025
End port: 5000

So in order to reset you can use the Component Services Manager [comexp.msc]to set the range that the random port is allocated from to something small and then manually open each one.

Step 1 : Goto Run Command , and Type "comexp.msc" without quote.
Step 2 : Expand "Component Services" , expand "Computers" and then right click on "My Computer" and select Properties.
Step 3 : Click on the "Default Protocol" tab . and then under DCOM Protocols double click on the entry “Connection oriented TCP/IP”.
Step 4 : Use the Add button to add a suitable range of ports(as mentioned in the above said article)  and click OK. After this all COM+/DCOM services will select a port in this range of course after reboot.

Note ::
To open the ports , open the Windows Firewall, and add one entry for each port in the range mentioned and one for port 135
Random ports only need to be open on the remote machine.


Step 5: Reboot the machine.
0
 
LVL 9

Author Closing Comment

by:rawinnlnx9
ID: 39824662
Outstanding. I'd say more but how many ways can you say outstanding?
0

Featured Post

Why You Should Analyze Threat Actor TTPs

After years of analyzing threat actor behavior, it’s become clear that at any given time there are specific tactics, techniques, and procedures (TTPs) that are particularly prevalent. By analyzing and understanding these TTPs, you can dramatically enhance your security program.

Join & Write a Comment

Every now and then, Microsoft does something that totally impresses me. It doesn't happen often, but in this case I must say I am thoroughly impressed with Windows Server Backup. One of the long time issues with Windows Backup has been the ability t…
The article will show you how you can maintain a simple logfile of all Startup and Shutdown events on Windows servers and desktops with PowerShell. The script can be easily adapted into doing more like gracefully silencing/updating your monitoring s…
This video Micro Tutorial explains how to clone a hard drive using a commercial software product for Windows systems called Casper from Future Systems Solutions (FSS). Cloning makes an exact, complete copy of one hard disk drive (HDD) onto another d…
With the advent of Windows 10, Microsoft is pushing a Get Windows 10 icon into the notification area (system tray) of qualifying computers. There are many reasons for wanting to remove this icon. This two-part Experts Exchange video Micro Tutorial s…

747 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

12 Experts available now in Live!

Get 1:1 Help Now