4

I'm having an issue with the below WMI query running under a non-admin service account against windows 7 PCs:

wmic /node:x.x.x.x computersystem get username

where x.x.x.x is the IP address of the windows 7 PC.

I have granted what I believe to be the necessary permissions:

  • Added the user account to the PC's local 'Distributed COM users' group
  • Checked Enable Account, Remote Enable & Read Security in the security settings for the 'Distributed COM users' group on the Root/CIMV2 namespace (in wmimgmt.msc).

However, the query above always returns null in place of the logged in user.

The only way around this that I have found, is to add the querying user into the 'Remote Desktop Users' group on the PC. Can anyone enlighten me as to what permissions this is granting that allow this query to return the logged in user?

BTW - Having read a few other threads, I have tried adding the user to the performance monitoring & performance logging groups to no avail.

user468562
  • 41
  • 1
  • 2
  • 3
    Is someone logged into the Win7 machine via RDP? If so, it is normal behavior: user logged by RDP are _not_ recognized by WMI – shodanshok Mar 07 '15 at 17:05
  • No, I am attempting to run this against my own machine from a server. I am logged in on the console. Furthermore, this wouldn't explain the behaviour of adding the service account to the Remote Desktop Users group populates the username. – user468562 Mar 07 '15 at 17:26

0 Answers0