Search code examples
windowspowershellwmiremote-accesswmic

Windows 10 - WMIC/WMI Remote Access denied with local administrator

First my workingsetup:

DesktopPC: Windows 10 Pro, Version: 10.0.10586 Build: 10586, 64-Bit
Laptop: Windows 10 Pro, Version: 10.0.10586 Build: 10586, 64-Bit
User: Both computers have the same username {zuka} & password {blah}.

I tried to connect remotely, with WMIC to my DesktopPC, with my Laptop and to execute a query.
I typed these following shell commands into Powershell:

    PS C:\Windows\system32> wmic
    wmic:root\cli> /user: zuka
    Please enter the password:blah
    wmic:root\cli> /node: {IP-Address of my DesktopPC}
    wmic:root\cli> csproduct get /value
    Node - {IP-Address of my DesktopPC}
    Error:
    Description = Access is denied.

Or with:

    get-wmiobject CIM_Memory -computername desktopPC { or IP } -credential zuka

I get a errormessage like:

    Access is denied. (Exception from HRESULT: 0x80070005 (E_ACCESSDENIED))

I tried to resolve the problem with these following steps: ( But none of them worked :[ )

  • Went into secpol.msc & changed Network access: Sharing and security model for local accounts to Classic - local users authenticate as themselfes.
  • I also changed in secpol.msc Network security LAN Manager authentication level to Send LM & NTLM responses, use NTLMv2 session security if negotiated.
  • In compmgmt.msc > Service & application > WMI-control > register "security" > expand root & selected CIMV2 saw that local administrators have fully access to this namespace. Zuka is in a membership of the local administrator group.

Is there a specific issue with Windows 10 or did I miss a certain configuration?

Solution

  • To enable remote access for other PC's on WMI, it is needed to add the hosts into the trustedhost-list in winrm, if the computers aren't in the same or any domain.

    1. Enable winrm. On the computer, you want to access.
      Check if winrm is running or stopped:

      get-service winrm

      If it is stopped, type:

      enable-PSRemoting -force

      Add access permission to the remote host.

      winrm s winrm/config/client '@{TrustedHosts="REMOTECOMPUTERNAME/IP"}'

      So in my case:

      winrm s winrm/config/client '@{TrustedHosts="laptopPC"}'

      To verify the winrm service, you can type:

      winrm quickconfig

      It will give the current status of the service and if needed, it will configure the WinRM service.

    2. Unfortunately the windows firewall is blocking the remote access.

      1. Go into Windows Firewall with Advanced security > inbound rules mode
      2. Right-click in the working area & choose New Rule...
      3. Choose the predefined option and select Windows Management Instrumentation (WMI) from the drop-down list and click next.
      4. Now select the option: (WMI-In) rule with the local profile value.
      5. Allow the connection > Finish.

    Now I can acces the WMI from my laptopPC to my desktopPC with this following commandline:

     get-wmiobject CIM_Memory -computername desktopPC { or IP } -credential zuka

    And then it asks for the password. And voilà! I got the information of the memory, trought remote access. =)