...
- RDP to the another Windows machine (if running Open-AudIT on Linux), or if you're running Open-AudIT on Windows, the Open-AudIT server.
- Click Start menu, then type: wbemtest
- Open the utility.
- Click Connect...
- Enter the information
- Within namespace, type: \\TARGET_DEVICE_IP\root\cimv2 - where TARGET_DEVICE_IP is the IP of the device not being discovered by Open-AudIT.
- For the Username, use the format domain\username
- Enter the password
- Leave the Authority field blank.
- Click connect
- Click Enum Classes and select Recursive, then click OK
- It may take several seconds to respond.
- If it does not work, the target PC has an issue (or something between the target PC and Open-AudIT).
- if it does work, please log a support ticket with Opmantek.
Testing Remote WMI #2
Open a command prompt and try the following command. Substitute your domain, username, password and target IP.
You should get a result similar to the below.
NOTE - the extra r's and for the (r) registered trademark symbols, no need to be concerned with them.
Code Block |
---|
C:\Users\opDev>wmic /user:YOUR_DOMAIN\YOUR_USERNAME /password:YOUR_PASSWORD /node:YOUR_IP os get name
Name
Microsoftr Windows Serverr 2008 Enterprise |C:\Windows|\Device\Harddisk0\Partition1 |
AntiVirus
Some antivirus programs have been known to disable DCOM and remote WMI. You might check the settings of your antivirus program and disable them for testing. We recently had a report of Trend AV specifically blocking calls to winexesvc when auditing Windows computers.
...