How can we help?

How to enable WMI monitoring on a single Windows device

Follow

If you have a domain controller and would rather not enable WMI device by device, please see How to enable WinRM with domain controller Group Policy.

Auvik uses the Windows Remote Management (WinRM) protocol to access Windows Management Instrumentation (WMI) data. This article walks you through how to enable and configure WinRM so you can use Auvik to remotely manage a single Windows device.

As you work through the steps, you may find your Windows servers are pre-configured with some of the required settings. But it’s a good idea to work through each step anyway to confirm all your settings are correct.

Please note that the steps below were written for Windows 7 and above. For WMI monitoring, Auvik doesn't support workstations running Windows older then version 7.

Before you start:

  • Your Windows device needs to have ICMP enabled. See How to make Windows devices discoverable for instructions on allowing ICMP packets through a Windows firewall.
  • WinRM requires an active HTTP listener with “basic” authentication.

First, set the local security policy

Note: The lowest level of security Auvik requires to gather information is local administrator to the machine being polled.

You’ll need to make sure the local security policy for network adapters is set to private, rather than public or not configured. The steps below describe how to set that policy against unidentified networks. But you should also check any other listed networks to avoid strange errors when configuring WinRM.

  1. From the start menu, open Control Panel.
  2. Select Administrative Tools.
  3. Click Local Security Policy.
  4. Click Network List Manager Policies.
  5. Right-click on Unidentified Networks. Select Properties.
  6. Change the location type from Not configured to Private.
  7. Click OK.
  8. Close the Local Security Policy window.
  9. Close the Administrative Tools window.
  10. Close the Control Panel window.

Polling may not be encrypted.  The username and password hash is encrypted. Polling can be configured to use a service account to run a task on Windows endpoints as long as it has proper permissions.

Next, configure WinRM

  1. If you’re not logged in as the local administrator, run a command prompt (cmd.exe) by right-clicking on the service and selecting Run as Administrator.
  2. Run the following command: winrm quickconfig
  3. Type Y to make the changes. If the configuration is successful, the output looks like this:
    WinRM has been updated for remote management.

    WinRM service type changed to delayed auto start.
    WinRM service started.
    Created a WinRM listener on HTTP://* to accept WS-Man requests to any IP on this machine.
  4. Test the WinRM configuration by running the following command:
     winrm identify -r:http://localhost:5985 -auth:none
    If the test is successful, you’ll see something like this:
    IdentifyResponse
    ProtocolVersion = http://schemas.dmtf.org/wbem/wsman/1/wsman.xsd
    ProductVendor = Microsoft Corporation
    ProductVersion = OS: 0.0.0 SP: 0.0 Stack: 3.0

Your device can now be managed through Auvik using WMI.

Note: Remote polling via WMI requires Administrator credentials. See the following article for more information:
https://docs.microsoft.com/en-us/windows/win32/wmisdk/user-account-control-and-wmi

Optional: Restrict WMI access to the Auvik collector

For security, you can choose to restrict WMI access to just the Auvik collector.

  1. From the start menu, open the Control Panel.
  2. Select Windows Firewall.
  3. Click Advanced Settings.
  4. Select Inbound Rules.
  5. Locate the Windows Remote Management (HTTP-In) rules. There should be two of them. Right-click on the Private rule and select Properties.
  6. Select the Scope tab.
  7. Under Remote IP address, click Add.
  8. Enter the IP address of your Auvik collector.
  9. Click OK.
  10. Click Apply.
  11. Click OK to close the Properties window.
  12. Close the Windows Firewall and Advanced Security window.
  13. Close the Control Panel.
Was this article helpful?
25 out of 27 found this helpful
Have more questions? Submit a request