Difference between revisions of "WMI client (WMIC) for Linux"
Jump to navigation
Jump to search
Rafahsolis (talk | contribs) |
Rafahsolis (talk | contribs) |
||
| Line 26: | Line 26: | ||
== Windows host config == | == Windows host config == | ||
| − | The windows machine you are connecting to must have | + | |
| + | === Step 1: DCOM permission === | ||
| + | # Open Dcomcnfg | ||
| + | # Expand Component Service -> Computers -> My computer | ||
| + | # Go to the properties of My Computer | ||
| + | # Select the COM Security Tab | ||
| + | # Click on "Edit Limits" under Access Permissions, and ensure "Everyone" user group has "Local Access" and "Remote Access" permission. | ||
| + | # Click on the "Edit Limit" for the launch and activation permissions, and ensure "Everyone" user group has "Local Activation" and "Local Launch" permission. | ||
| + | # Highlight "DCOM Config" node, and right click "Windows Management and Instruments", and click Properties. | ||
| + | # <Please add the steps to check Launch and Activation Permissions, Access Permissions, Configuration Permissions based on the default of Windows Server 2008> | ||
| + | |||
| + | === Step 2: Permission for the user to the WMI namespace === | ||
| + | # Open WMImgmt.msc | ||
| + | # Go to the Properties of WMI Control | ||
| + | # Go to the Security Tab | ||
| + | # Select "Root" and open "Security" | ||
| + | # Ensure "Authenticated Users" has "Execute Methods", "Provider Right" and "Enable Account" right; ensure Administrators has all permission | ||
| + | |||
| + | === Step 3: Verify WMI Impersonation Rights === | ||
| + | # Click Start, click Run, type gpedit.msc, and then click OK. | ||
| + | # Under Local Computer Policy, expand Computer Configuration, and then expand Windows Settings. | ||
| + | # Expand Security Settings, expand Local Policies, and then click User Rights Assignment. | ||
| + | # Verify that the SERVICE account is specifically granted Impersonate a client after authentication rights. | ||
| + | |||
| + | The windows machine you are connecting to must have LAN Manager Authentication level set to: <br /> | ||
Send LM & NTLM - use NTLMv2 session security if negotiated<br /> | Send LM & NTLM - use NTLMv2 session security if negotiated<br /> | ||
# Start --> run --> gpedit.msc | # Start --> run --> gpedit.msc | ||
Latest revision as of 11:47, 1 February 2016
Windows Management Instrumentation (WMI)[edit]
WMI Allows you to remotely execute commands and query parameters on a Windows Host
Linux[edit]
In order to be able to communicate with WMI from Linux you need to install this functionability.
For Ubuntu 14.04:
Download this libraries and install them:
dpkg -i libwmiclient1_1.3.14-3_amd64.deb dpkg -i wmi-client_1.3.14-3_amd64.deb
- Required: python-support
sudo apt-get install python-support
Examples[edit]
get the size of the WorkingSet of the process “java.exe” running on the remote host 192.168.20.20[edit]
wmic -U Administrator%mysecret //192.168.20.20 "Select WorkingSetSize from Win32_Process Where CommandLine like '%java.exe%'"
Get process ID for process[edit]
wmic -U Administrator%mysecret //10.140.10.10 "Select ProcessId from Win32_Process Where CommandLine like '%java.exe%'"
Get WorkingSetSize for process[edit]
wmic -U Administrator%mysecret //10.140.10.10 "Select WorkingSetSize from Win32_Process Where CommandLine like '%java.exe%'"
Get thread count for process[edit]
wmic -U Administrator%mysecret //10.140.10.10 "Select ThreadCount from Win32_Process Where CommandLine like '%java.exe%'"
Get private bytes for process[edit]
wmic -U Administrator%mysecret //10.140.10.10 "Select PrivateBytes from Win32_PerfFormattedData_PerfProc_Process Where IDProcess='%java.exe%'"
Get free physical memory for host[edit]
wmic -U Administrator%mysecret //10.140.10.10 "Select FreePhysicalMemory from Win32_OperatingSystem"
Windows host config[edit]
Step 1: DCOM permission[edit]
- Open Dcomcnfg
- Expand Component Service -> Computers -> My computer
- Go to the properties of My Computer
- Select the COM Security Tab
- Click on "Edit Limits" under Access Permissions, and ensure "Everyone" user group has "Local Access" and "Remote Access" permission.
- Click on the "Edit Limit" for the launch and activation permissions, and ensure "Everyone" user group has "Local Activation" and "Local Launch" permission.
- Highlight "DCOM Config" node, and right click "Windows Management and Instruments", and click Properties.
- <Please add the steps to check Launch and Activation Permissions, Access Permissions, Configuration Permissions based on the default of Windows Server 2008>
Step 2: Permission for the user to the WMI namespace[edit]
- Open WMImgmt.msc
- Go to the Properties of WMI Control
- Go to the Security Tab
- Select "Root" and open "Security"
- Ensure "Authenticated Users" has "Execute Methods", "Provider Right" and "Enable Account" right; ensure Administrators has all permission
Step 3: Verify WMI Impersonation Rights[edit]
- Click Start, click Run, type gpedit.msc, and then click OK.
- Under Local Computer Policy, expand Computer Configuration, and then expand Windows Settings.
- Expand Security Settings, expand Local Policies, and then click User Rights Assignment.
- Verify that the SERVICE account is specifically granted Impersonate a client after authentication rights.
The windows machine you are connecting to must have LAN Manager Authentication level set to:
Send LM & NTLM - use NTLMv2 session security if negotiated
- Start --> run --> gpedit.msc
- Navigate to: Local Computer Policy/Computer Configuration/Windows Settings/Security Settings/Local Policies/Security Options
- In the right panel look for “Network Security : LAN Manager authentication level"
Remote admin must be enabled: from cmd type:
netsh firewall set service type = remoteadmin mode = enable