Problem

Germain got a WMI error while monitoring a Microsoft Windows server. WMI may be used on Windows Servers to monitor various aspect of your server: to collect any OS metric and to connect and remotely execute an executable, etc

Solution

  1. Errors on the Engine's log will show WMIClient issues, typically with code 0x00005 (user not authorized) or 0x00001 (connection error)

  2. Review if WMI ports are accessible:
    1. TCP 135 (General RPC Port)
    2. UDP 137 (Netbios Name Resolution)
    3. UDP 138 (Netbios Datagram Service)
    4. TCP 139 (Netbios Session Service)
    5. TCP 445 (SMB)
    6. TCP Range (DCOM assigns a port to each incoming connection from a dynamically allocated range. We recommend limiting this port range explicitly e.g to TCP 7000-7100, and then to open these ports in firewall)
  3. Review if Registry settings are set correctly (depending on the Windows version in use, it may be necessary to create two pairs of registry keys to enable DCOM access):

    KeyActionNotes
    HKCR/CLSID/{72C24DD5-D70A-438B-8A42-98424B88AFB8}Create a new REG_SZ value named “AppID” and set value to UUID of key.WScript.Shell to allow execution of remote commands (e.g., Siebel Server Manager)
    HKCR/CLSID/{72C24DD5-D70A-438B-8A42-98424B88AFB8}Create two REG_SZ values, “(Default)” and “DllSurrogate”, both of which can be left empty.WScript.Shell to allow execution of remote commands (e.g., Siebel Server Manager)
    HKCR/CLSID/{76A64158-CB41-11D1-8B02-00600806D9B6}Create a new REG_SZ value “AppID” and set value to UUID of key.WBEM Scripting Locator to perform WMI queries
    HKCR/CLSID/{76A64158-CB41-11D1-8B02-00600806D9B6}Create two REG_SZ values, “(Default)” and “DllSurrogate”, both of which can be left empty.WBEM Scripting Locator to perform WMI queries
  4. If needed, can use WMI Client "wmic" from Console for testing. Run it as the UserId running the Germain Engines (on the Console, type `runas /user:UserID cmd` to execute another command interpreter as such UserId, and run wmic there).


Run cmd as another user from GUI:

  • Start Menu
  • Search for "cmd"
  • Right-click → Open file location
  • Shift + right-click on shortcut for cmd → Run as different user