I need to use WMI for getting some information from my servers. But I have a server in DMZ, so I need to open a port in my firewall. I've searching and I found that WMI uses random port. How can this be fixed?
Asked
Active
Viewed 9,766 times
3 Answers
1
The following procedure is an automated setup to allow WMI to have a fixed port. The procedure uses the winmgmt command-line tool. To set up a fixed port for WMI
- At the command prompt, type winmgmt -standalonehost
- Stop the WMI service by typing the command net stop "Windows Management Instrumentation"
- Restart the WMI service again in a new service host by typing net start "Windows Management Instrumentation"
- Establish a new port number for the WMI service by typing netsh firewall add portopening TCP 24158 WMIFixedPor
shikran
- 31
- 1
- 4
-
shikran, I've already test this manipulation but it doesn't change anything. For information, I use Splunk for getting log files. – YoyoMan Feb 22 '13 at 10:55
0
On the responding machine... Step one: Set the DCOM config to use a static port.... Basically, run "dcomcnfg" from command prompt. Navigate the tree to My Computer > DCOM Config > Windows Management and Instrumentation, select properties of that folder. Go to the Endpoints tab Select Properties button for Connection-oriented TCP/IP Use static endpoint, set the port. Step 2: Configure WMI to use a fixed port http://msdn.microsoft.com/en-us/library/bb219447(v=VS.85).aspx At the command prompt, type winmgmt -standalonehost Stop the WMI service by typing the command net stop "Windows Management Instrumentation" Restart the WMI service again in a new service host by typing net start "Windows Management Instrumentation" Establish a new port number for the WMI service by typing netsh firewall add portopening TCP 24158 WMIFixedPort Still testing this myself, so not 100% certain it works.
There is more information in other comments
Brigo
- 1,534
- 11
- 8
-
Fixed port cannot be set on a Windows Server 2003 machine. This option appeared starting from Windows Vista. "...Starting with Windows Vista, you can set up the WMI service to run as the only process in a separate host and specify a fixed port." Source: http://msdn.microsoft.com/en-us/library/windows/desktop/bb219447(v=vs.85).aspx – Volodymyr Molodets Feb 22 '13 at 11:35
0
To be able to collect information from remote host via WMI, you need to do the following:
1. Enable remote WMI requests
1.1. On the target server, go to Administrative Tools -> Computer Management.
1.2. Expand 'Services and Applications'.
1.3. Right click for Properties on 'WMI Control'.
1.4. Select the Security tab.
1.5. Press the Security button.
1.6. Add the monitoring user (if needed), and then be sure to check Remote Enable check-box for the user/group that will be requesting WMI data.
2. Allow WMI through Windows Firewall
This can only be done at the command prompt. Run the following on the target computer if it is running a Windows firewall:
on Windows Server 2003 machines
netsh firewall set service RemoteAdmin enable
on Windows Server 2008 machines
netsh advfirewall firewall set rule group="windows management instrumentation (wmi)" new enable=yes
More details can be found here. Articles on MSDN with more in-depth view here & here.
Volodymyr Molodets
- 2,424
- 9
- 36
- 52
-
Hi, I don't have a local firewall on the PCs but a network firewall, so it's why I need fixe a WMI port for open it. – YoyoMan Feb 22 '13 at 11:48
-
You'd better mention this next time in your question. In such situation, you can only setup fixed port on a Windows Server 2008 and Windows 7 machines, but not W2K3 server. Follow this link: http://msdn.microsoft.com/en-us/library/windows/desktop/bb219447(v=vs.85).aspx – Volodymyr Molodets Feb 22 '13 at 11:51
-
Sorry for that. I've already did this manipulation, but my Splunk Server use always random port for WMI. – YoyoMan Feb 22 '13 at 11:54