How to access WMI namespaces on remote computers that require encryption?

When you have a look at my vbscript bitlocker post and try to use it on remote machines you may not get any results but an application eventlog entry similar to this one here:

Event Source: WinMgmt
Event ID: 5605
Access to the […] namespace was denied. The namespace is marked with RequiresEncryption but the client connection was attempted with an authentication level below Pkt_Privacy. Re try the connection using Pkt_Privacy authentication level.

When using security related namespaces on remote machines you need to connect to wmi using a higher authentication level:

strComputer = "remotemachine" Set objWMIService = GetObject("winmgmts:{authenticationLevel=pktPrivacy}\\" & strComputer & "\root\CIMV2\Security\MicrosoftVolumeEncryption")

You can use one of these authentication levels:

Name/value	Description
WbemAuthenticationLevelDefault 0	Moniker: Default WMI uses the default Windows Authentication setting. This is the recommended setting that allows WMI to negotiate to the level required by the server returning data. However, if the namespace requires encryption, use WbemAuthenticationLevelPktPrivacy.
WbemAuthenticationLevelNone 1	Moniker: None Uses no authentication.
WbemAuthenticationLevelConnect 2	Moniker: Connect Authenticates the credentials of the client only when the client establishes a relationship with the server.
WbemAuthenticationLevelCall 3	Call Authenticates only at the beginning of each call when the server receives the request.
WbemAuthenticationLevelPkt 4	Moniker: Pkt Authenticates that all data received is from the expected client.
WbemAuthenticationLevelPktIntegrity 5	Moniker: PktIntegrity Authenticates and verifies that none of the data transferred between client and server has been modified.
WbemAuthenticationLevelPktPrivacy 6	Moniker: PktPrivacy Authenticates all previous impersonation levels and encrypts the argument value of each remote procedure call. Use this setting if the namespace to which you are connecting requires an encrypted connection.

Name/value

Description

WbemAuthenticationLevelDefault

Moniker: Default

WMI uses the default Windows Authentication setting. This is the recommended setting that allows WMI to negotiate to the level required by the server returning data. However, if the namespace requires encryption, use WbemAuthenticationLevelPktPrivacy.

WbemAuthenticationLevelNone

Moniker: None

Uses no authentication.

WbemAuthenticationLevelConnect

Moniker: Connect

Authenticates the credentials of the client only when the client establishes a relationship with the server.

WbemAuthenticationLevelCall

Call

Authenticates only at the beginning of each call when the server receives the request.

WbemAuthenticationLevelPkt

Moniker: Pkt

Authenticates that all data received is from the expected client.

WbemAuthenticationLevelPktIntegrity

Moniker: PktIntegrity

Authenticates and verifies that none of the data transferred between client and server has been modified.

WbemAuthenticationLevelPktPrivacy

Moniker: PktPrivacy

Authenticates all previous impersonation levels and encrypts the argument value of each remote procedure call. Use this setting if the namespace to which you are connecting requires an encrypted connection.

Source: MSDN Library

How to access WMI namespaces on remote computers that require encryption?

Did that help?

Submit a Comment

Tape Label Studio

Recent Posts

Recent Comments

How to access WMI namespaces on remote computers that require encryption?

Did that help?

Submit a Comment

Tape Label Studio

Recent Posts

Recent Comments

Tags