Windows System Management Software

Configure and manage WMI properties

How to set up a Remote WMI Connection?

I try to display the WMI properties of several computers in our domain (Windows XP, Windows Vista, Windows 7, Windows 10), and I get some error messages :

Our software uses WMI (Windows Management Instrumentation) for the remote management of your client workstations. WMI is used in particular for the remote retrieval of certain information such as serial numbers, memory capacities or even the dates and times of the last restarts.

WMI is also used since Windows 10 for the installation and remote start of our remote control tool with screen sharing. It is therefore advisable to activate WMI for remote use on all of your client workstations in order to be able to use our software in an optimal way.

How to test if remote WMI access is configured correctly using our software?

Use the right-click on the computer, then "Properties", select "Rename", and finally "Test WMI Connection".

• If you get the "RPC server unavailable. Error code : -2147023174" error, it is probably an issue with services or security. Please check the following points on the remote computer :

1. "Remote Procedure Call (RPC)" (RpcSs) service must be started.
2. "DCOM Server Process Launcher" (DcomLaunch) service must be started.
3. "Windows Management Instrumentation" (Winmgmt) service must be started.
4. Windows firewall (or another one) may also block the WMI connection.
   Open "Exceptions" tab, then check "Windows Management Instrumentation (WMI)" and apply the rule.
   Another solution may consist in opening the DCOM port (TCP port 135), or to run the following command : netsh firewall set service RemoteAdmin enable.
   This command can be directly executed from our software, by right clicking the remote host, then "Command Prompt".

• If you get the "Access denied : Error code : -2147024891" error, it is probably an issue with access rights / privileges. Please check the following points on the remote computer :

1. If the remote host runs Windows Vista, Windows Server 2008, or Windows 7 and that UAC is enabled, WMI requests sent throught network can not be executed with elevated administration privileges.
   You can disable the User Account Control or disable UAC only for remote access (recommended).  Open the registry base with "regedit", then open "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\system". Create (if it does not exist) the following DWORD value : LocalAccountTokenFilterPolicy and set it to 1. To enable again UAC for remote access, just delete this value or set it to 0.
2. - If the remote host is in the same domain as yours, our software must be launched with administrative rights (you should be a member of the "Administrators"/"Domain Admins" group).
   - If the remote host is in another domain, then the user account and the password used on your administrative computer (the one where our software is installed), must identically exist on the remote computer, and be a member of the local "Administrators" group.

• Check the configuration of your Antivirus on remote desktops because some Antiviruses block remote access to WMI properties. A simple way to know if the problem comes from your Antivirus is to stop it for a few minutes on one of your remote stations, then to test WMI connection on it (see below) using our software . If the test does not return any errors, then the problem comes from your Antivirus. In this case, consult the editor documentation to correct the problem.

You can consult the Microsoft's site on this subject:
https://docs.microsoft.com/en-us/windows/win32/wmisdk/connecting-to-wmi-remotely-starting-with-vista