4

Hi I would like to get opinions from systems administrators, on how common it is that WMI functionality is actually enabled in corporate networks.

I am writing an enterprise network application that could benefit from the features of WMI, but I noted after creating a virtual network based on Server 2008 R2, that WMI seems to be disabled by default. Do systems admins in practical corporate networks enable WMI? Or is it usually disabled for security purposes?

What is it used for if it is enabled?

Thanks for any advice!

MORE INFO:

I should have said, I really need to be able to query the workstations but I understand that by default the WMI ports on Win7 and XP firewalls (at least) are disallowed, so do you use some sort of group policy or other method to leave a hole open for WMI on the workstations? Or is just the servers that are of interest? Thanks for the responses!!

EEAA
  • 109,363
  • 18
  • 175
  • 245
TripleAntigen
  • 201
  • 3
  • 8

1 Answers1

7

I believe WMI service is enabled on most Windows Servers (as well as Desktops) by default.

http://blogs.technet.com/b/josebda/archive/2007/08/08/comparing-default-services-on-windows-server-2003-r2-and-windows-server-2008-core-and-full.aspx

However, you may need to configure your default Windows Firewall rules to allow this service to be queried remotely if that is what you need to do.

WMI can be used to query or manage the state / settings / configurations / etc, since it can be scripted using VBScript or Powershell.

UPDATE: Refer for more information:

http://msdn.microsoft.com/en-us/library/aa389290%28v=vs.85%29.aspx

http://msdn.microsoft.com/en-us/library/aa389286%28v=vs.85%29.aspx

Chaitan
  • 86
  • 3
  • 2
    This. It's used for monitoring checks. And yes, we have it enabled. WMI still requires credentials, it's not just an open book that anything can query and read. – Tatas Jun 29 '11 at 15:45
  • 1
    Usually enabled. – SuperBOB Jun 29 '11 at 15:47
  • Thanks very much for the answers. I have tried to query my DC from a workstation (with any registered logon) and can do so successfully, but I am unable to reach any of the workstations (Win7, XP) probably due to the firewall rules mentioned by Chaitan. – TripleAntigen Jun 29 '11 at 15:50
  • Maybe I didnt ask that properly, sorry. I really need to query the workstations, so I guess my question is, do you use a group policy (or something) to allow passage through the firewall on each workstation? Or are you primarily concerned with the servers? – TripleAntigen Jun 29 '11 at 15:53
  • 2
    Yes, we use WMI to connect to workstations as well as servers. Windows Firewall is enabled by default on XP, 7 to block WMI requests. You can use these links to learn more – Chaitan Jun 29 '11 at 16:01