Download and Install Microsoft Windows Management Instrumentation (WMI)
Core Version 1.5 for Windows NT.
http://www.microsoft.com/downloads/details.aspx?displaylang=en&FamilyID=C174CFB1-EF67-471D-9277-4C2B1014A31E
On the machines running Windows XP SP2 and Windows 2003 SP1, you will need to verify the DEP security settings.
1. Open "Control Panel"
2. Open "System Properties"
3. Click on the "Advanced" tab
4. Click on the "Settings" button for the "Performance" group
5. Click on the "Data Execution Prevention" tab
6. Make sure that DEP is enabled for essential Windows programs and services only.
1. Select Start >
Run.
2. Type DCOMCNFG and then click "OK’.
3. Select the "Default Security" tab.
Go to the "Launch Permissions" section below.
1. Select Start > Run.
2. Type DCOMCNFG and then click "OK".
3. Expand the "Component Services" node.
4. Expand the "Computers" node.
5. Right-click on the "My Computer" node.
6. Select "Properties".
7. Select the [Default] "COM Security" tab.
If the above Access Permissions settings have been modified, you need to make
sure that at least INTERACTIVE, SYSTEM and Administrators have been explicitly
granted "Access Permission". As an alternative you can export (for backup) and
then delete the following registry key to restore the original default values:
HKLM\SOFTWARE\Microsoft\Ole\DefaultAccessPermission
1. Select Start > Run.
2. Type DCOMCNFG and then click "OK".
3. Select the "Applications" tab.
4. Double-click on "Windows Management Instrumentation".
Verify the following settings:
This is the end of the Windows 2000 settings. The remainder of this document concerns Windows XP and Windows Server 2003.
1. Select Start > Run.
2. Type DCOMCNFG and then click "OK".
3. Expand the "Component Services" node.
4. Expand the "Computers" node.
5. Expand the "My Computer" node.
6. Expand the "DCOM Config" node.
7. Right-click on "Windows Management [and] Instrumentation".
8. Select "Properties".
1. Select Start > Run.
2. Type "gpedit.msc" (no quotes) and then click "OK’.
3. Navigate down to Local Computer Policy > Computer Configuration > Windows Settings > Security Settings > Local Policies > User Rights Assignment.
4. Verify that the SERVICE account is specifically granted "Impersonate a client after Authentication" rights.
1. Select Start > Run.
2. Type "services.msc" (no quotes) and then click "OK’.
3. Double-click on "Windows Management Instrumentation".
4. Under the "General" tab verify that the Startup Type is set to "Automatic".
5. Under the "Log On" tab verify that "Local System account" is selected.
1. Select Start > Run.
2. Type "wmimgmt.msc" (no quotes) and then click "OK".
3. Right-click on "WMI Control (Local)".
4. Select "Properties".
5. Select the "Security’ tab.
6. Select the "Root" namespace.
7. Click "Security".
Ensure that you have allowed the permission entries shown above.
See Also:
Configure the Network Audit Service