Top 5 Troubleshooting Tips for Your WMI Problems
Originally published on April 20, 2010 by Dirk Paessler
Last updated on March 03, 2022 • 4 minute read
Windows Management Instrumentation (WMI) is a mighty tool for system administrators to monitor and to manage a whole Windows network from one central point. It allows you to start processes, read the Event Log history or even send a command to reboot a system for all computers in your network. Unfortunately, using WMI can be tricky.
In most cases security and user account related problems can cause trouble. Sometimes even more complex issues occur. Users of PRTG Network Monitor—which makes extensive use of WMI for Windows monitoring—often ask us for configuration help. We have compiled several documents to help them.
5 Steps for Troubleshooting WMIThe following are the first steps you should take in order to make WMI work the way you expect it to. Consider the following points:
- User Credentials—Administrator: For every WMI query you have to provide Windows user credentials (e.g. for PRTG you enter these in the "Windows Credentials" section for groups or devices). Please make sure that you choose a user that is a member of the "Domain Administrators" group in the same Active Directory section as the target computer—or a local system administrator account on the target machine. —Remote Access Rights: The administrator user mentioned above must also have "Remote Access" rights on the target computer in order to use WMI and COM.
- Local Firewall: Make sure that the target computer's firewall allows incoming WMI connections.
- Firewall and Group Policies: If the firewall is enabled by group policies, you have to enable the "Allow Remote Administration Exception" for this policy.
- Port: The RPC server used for WMI on the target computer is running on port 135 by default (if not specified differently). You have to make sure this port is not blocked by any (hardware) firewall on the way to the remote computer.
- Security Software: It's always a good idea to double-check that no local security software (anti-spy, anti-virus, etc.) on either side is blocking WMI connections.