Skip to content
vScope Support Page

Confirm WMI Access through DCOM and WinRM

Accessing WMI with DCOM and WinRM

vScope can access WMI on a target machine using two methods:

  • DCOM (Default)

    • Executes WMI queries remotely.
    • High round-trip time (RTT) between vScope and the target machine can increase scan time.

  • WinRM (Recommended)

    • Executes WMI queries locally on the target machine, reducing latency impacts from RTT.

Using WinRM is recommended for faster, more efficient inventory scans on remote systems.

Verifying WMI Access

You can verify WMI access to a remote machine via PowerShell. Follow these instructions to test connectivity using both DCOM and WinRM:

  1. Open PowerShell on a machine that is not the same as the target machine.
  2. Replace:
    • REMOTEMACHINE with the name of the target machine.
    • MYDOMAIN\MYUSER with the user credentials configured in vScope.
  3. The command will prompt you to enter the password for the specified user.

Testing WMI Access through DCOM

Confirm DCOM Connectivity

To check if you can connect to the remote machine using DCOM, run:

Terminal window
New-CimSession -ComputerName REMOTEMACHINE -SessionOption (New-CimSessionOption -Protocol Dcom) -Credential "MYDOMAIN\MYUSER"

Verify WMI Access over DCOM

After confirming DCOM connectivity, use the following command to ensure WMI access over DCOM on the target machine:

Terminal window
Get-WmiObject -ComputerName REMOTEMACHINE -Credential "MYDOMAIN\MYUSER" -Query "SELECT * FROM Win32_ComputerSystem"

Running this command should return information about the target machine’s computer system, such as the system’s model, manufacturer, and domain information. If the command executes successfully and returns details, it confirms that WMI access through DCOM is functioning correctly. However, if an error occurs, it may indicate issues with permissions, firewall configurations, or network policies that need to be addressed.

Testing WMI Access through WinRM

WinRM is the preferred method for faster, local execution of WMI queries on the target machine. Follow these steps to verify WinRM connectivity and WMI access through WinRM.

Confirm WinRM Connectivity

To check if you can connect to the target machine using WinRM, run:

Terminal window
Test-WSMan -ComputerName REMOTEMACHINE -Credential "MYDOMAIN\MYUSER" -Authentication default

enabled and properly configured on the target machine. This response will include details such as the WinRM version and any authentication or transport settings. If you encounter errors, they may indicate network restrictions, incorrect credentials, or misconfigured WinRM settings on the remote machine.

Diagnosing Common WMI and WinRM Access Issues

If WMI or WinRM access continues to fail, here are some troubleshooting steps that may help:

Verify Firewall Configurations

  • Ensure that required ports are open:
    • DCOM: Port 135 for remote procedure calls
    • WinRM: Port 5985 for HTTP or 5986 for HTTPS
  • Check if the firewall allows inbound traffic on these ports from vScope.

Validate Permissions

  • Confirm that the user account being used has the necessary permissions:
    • DCOM: Requires permissions for Remote Activation and Remote Access in DCOM settings on the target machine.
    • WinRM: The account must have the necessary permissions for remote management, including membership in the Remote Management Users group.

Check WinRM Listener Configuration

  • Run winrm e winrm/config/listener on the target machine to verify that WinRM listeners are configured on the expected ports.
  • Ensure that the listener is set up for the correct IP addresses or wildcard (*) to allow connections from any network interface.

Test Connectivity and Credentials

  • Use PowerShell to test the connection with Test-WSMan and verify credentials by running basic WMI queries, as described above.
  • Ensure that your credentials are correct and that the user has appropriate access rights on the target machine.

Review Error Messages in Detail

  • Error messages during testing can provide clues:
    • Access Denied: Indicates insufficient permissions or restricted access.
    • RPC Server Unavailable: May suggest a network or firewall configuration issue.
    • Connection Timeout: Could indicate network latency or an unreachable target machine.

By following these steps, you can help diagnose and resolve common issues related to WMI and WinRM connectivity, ensuring that vScope can effectively inventory Windows-based target machines.