WMI Permissions for SecOps and Server Monitoring : PathSolutions Support Portal

To set the WMI user access permissions

Select Start > Run.

On the Run dialog, type wmimgmt.msc in the Open field.

Click OK to display the Windows Management Infrastructure (WMI) Control Panel.

In the left pane of the WMI Control Panel, highlight the WMI Control (local) entry, right-click, and select the Properties menu option. This displays the WMI Control (Local) Properties dialog box.

Select the Security tab in the WMI Control (Local) Properties dialog box.

In the namespace tree within the Security tab, expand the Root folder. This action lists the available WMI name spaces.

Click the CIMV2 namespace to highlight it.

Click Security to display the Security for ROOT\CIMV2 dialog box.

Click Add in the Security for ROOT\CIMV2 dialog box to display the Select Users or Groups dialog box.

Add the domain user account that will be used as your proxy data collection user account. This should be a domain account (not a local computer account), but it does not need to be an account with administrative access.

Click OK to close the Select Users or Groups dialog box and return to the Security for ROOT\CIMV2 dialog box. The user account you selected should now be listed in the Name list at the top of the dialog box.

Select the newly added user (if it is not already selected) and enable the following permissions:

Enable Account

Remote Enable

Enable the permissions by clicking the Allow box, if it is not already checked for that permission. The Enable Account permission should already be selected, but the Remote Enable permission will need to be selected.

Click OK to close the Security for ROOT\CIMV2 dialog box.

The permissions should now be properly set for the proxy data collection user account.

Windows and WMI Calls TotalView Makes:

Machines that exist in the domain.

Active directory search with the following filter: "(&(objectCategory=computer))"

https://docs.microsoft.com/en-us/windows/win32/adsi/search-filter-syntax

Machine name

Win32_ComputerSystem

https://docs.microsoft.com/en-us/windows/win32/cimwin32prov/win32-computersystem

OS of a specific machine, RAM, Windows version.

Win32_OperatingSystem

https://docs.microsoft.com/en-us/windows/win32/cimwin32prov/win32-operatingsystem

CPU load.

Win32_Processor

Logged in users

Win32_LoggedOnUser

Processes

Win32_Process

Win32_PerfFormattedData_PerfProc_Process

Network utilization.

Win32_PerfFormattedData_Tcpip_NetworkInterface

Disk utilization.

Win32_PerfFormattedData_PerfDisk_LogicalDisk

WMI Permissions for SecOps and Server Monitoring Print

Related Articles