Ways to access WMI
vScope accesses WMI on a target machine in two ways.
- DCOM (the default way)
- Executes queries remotely
- High Round-trip time (RTT) between vScope and target machine times affects scan time negatively
- WinRM (recommended)
- Executes queries locally on target machine
- High Round-trip time (RTT) between vScope and target machine does not affects scan time negatively
We always recommend using WinRM when possible since it will be multitudes faster than using DCOM.
Verify WMI access
To verify access to a remote machine you can use PowerShell:
- Open PowerShell on a machine that is not the same as the target machine
- In all PowerShell commands below, replace
- REMOTEMACHINE with the remote machine name.
- MYDOMAIN\MYUSER with the same username used in vScope to scan the remote machine.
- Running the command will open a dialog box where you enter the password.
WMI access through DCOM (default)
DCOM access
To test that you are able to connect to the remote machine with DCOM, execute the following command:
New-CimSession -ComputerName REMOTEMACHINE -SessionOption (New-CimSessionOption -Protocol Dcom) -Credential "MYDOMAIN\MYUSER"
WMI access through DCOM
If you have access to the remote machine with DCOM, execute the following command to verify access to WMI through DCOM:
Get-WmiObject -ComputerName REMOTEMACHINE -Credential "MYDOMAIN\MYUSER" -Query "SELECT * FROM Win32_ComputerSystem"
WinRM
WinRM access
To test that you are able to connect to the remote machine with WinRM, execute the following command:
Test-WSMan -ComputerName REMOTEMACHINE -Credential "MYDOMAIN\MYUSER" -Authentication default
WMI access through WinRM
If you have access to the remote machine with WinRM, execute the following command to verify access to WMI through WinRM:
Get-WSManInstance -ComputerName REMOTEMACHINE -Credential "MYDOMAIN\MYUSER" -Enumerate -ResourceURI wmicimv2/* -Filter "SELECT * FROM Win32_ComputerSystem"