KnockDown KnockDown - 1 year ago 527
PowerShell Question

Windows 10 - WMIC/WMI Remote Access denied with local administrator

First my workingsetup:

DesktopPC: Windows 10 Pro, Version: 10.0.10586 Build: 10586, 64-Bit

Laptop: Windows 10 Pro, Version: 10.0.10586 Build: 10586, 64-Bit

User: Both computers have the same username {zuka} & password {blah}.

I tried to connect remotely, with WMIC to my DesktopPC, with my Laptop and to execute a query.

I typed these following shell commands into Powershell:

PS C:\Windows\system32> wmic
wmic:root\cli> /user: zuka
Please enter the password:blah
wmic:root\cli> /node: {IP-Address of my DesktopPC}
wmic:root\cli> csproduct get /value
Node - {IP-Address of my DesktopPC}
Description = Access is denied.

Or with:

get-wmiobject CIM_Memory -computername desktopPC { or IP } -credential zuka

I get a errormessage like:

Access is denied. (Exception from HRESULT: 0x80070005 (E_ACCESSDENIED))

I tried to resolve the problem with these following steps:
( But none of them worked :[ )

  • Went into secpol.msc & changed Network access: Sharing and security model for local accounts to Classic - local users authenticate as themselfes.

  • I also changed in secpol.msc Network security LAN Manager authentication level to Send LM & NTLM responses, use NTLMv2 session security if negotiated.

  • In compmgmt.msc > Service & application > WMI-control > register "security" > expand root & selected CIMV2 saw that local administrators have fully access to this namespace. Zuka is in a membership of the local administrator group.

Is there a specific issue with Windows 10 or did I miss a certain configuration?

Answer Source

To enable remote access for other PC's on WMI, it is needed to add the hosts into the trustedhost-list in winrm, if the computers aren't in the same or any domain.

  1. Enable winrm. On the computer, you want to access.
    Check if winrm is running or stopped:

    get-service winrm

    If it is stopped, type:

    enable-PSRemoting -force

    Add access permission to the remote host.

    winrm s winrm/config/client '@{TrustedHosts="REMOTECOMPUTERNAME/IP"}'

    So in my case:

    winrm s winrm/config/client '@{TrustedHosts="laptopPC"}'

    To verify the winrm service, you can type:

    winrm quickconfig

    It will give the current status of the service and if needed, it will configure the WinRM service.

  2. Unfortunately the windows firewall is blocking the remote access.

    1. Go into Windows Firewall with Advanced security > inbound rules mode
    2. Right-click in the working area & choose New Rule...
    3. Choose the predefined option and select Windows Management Instrumentation (WMI) from the drop-down list and click next.
    4. Now select the option: (WMI-In) rule with the local profile value.
    5. Allow the connection > Finish.

Now I can acces the WMI from my laptopPC to my desktopPC with this following commandline:

 get-wmiobject CIM_Memory -computername desktopPC { or IP } -credential zuka

And then it asks for the password. And voilĂ ! I got the information of the memory, trought remote access. =)

Recommended from our users: Dynamic Network Monitoring from WhatsUp Gold from IPSwitch. Free Download