Find an Answer
Windows Management Instrumentation (WMI) is the protocol that the Crawler uses to gather information from Windows computers. This page describes some of the possible problems with WMI configuration and the resolution.
Topics in this article:
The Crawler was able to connect to the computer, but the username, domain or password was incorrect.
Make sure that you are using the Netbios version of the domain, not the DNS version, e.g. ACME\\username. Try entering the password again. Double check that the credential you are using has domain level administrative rights.
The name or IP address of the local machine was used to test WMI against. Credentials cannot be tested against the local machine.
Enter the name or IP address of a different computer on the network.
The remote computer did not respond at all to the request.
This can be due to a number of reasons:
- There is a firewall blocking the connection to the computer. The firewall may be software running on the remote computer, or it could be a network firewall.
- The IP address or domain name was entered incorrectly.
- The remote computer is turned off.
A software firewall is the most common problem preventing the Crawler from being able to collect information. See Configuring Windows Firewalls for WMI below for information on resolving firewall issues.
If the connection is being blocked by a network firewall the solution is to open TCP ports 135 and 445 to allow traffic between the Crawler and the remote computer.
The built-in Windows firewall on Windows XP and newer will block WMI connections in many cases. There is a standard firewall exception called the "Remote Administration Exception" to allow WMI, though unfortunately this exception cannot be enabled through the firewall UI.
The exception can be enabled one computer at a time using the command line or using group policy it can be enabled for all computers on the domain. The instructions that follow describe each of these techniques:
1. On the computer you want to access, open a command window.
2. Into the command window enter:netsh firewall set service remoteadmin enable
3. This command will have enabled the remote administration exception. Now use the Crawler credential test to verify that the Crawler can now access this computer.
1. On your Windows Domain Controller, open the Active Directory Users and Computers utility.
2. Select or create the Organizational unit to which you want your policy assigned.
3. Right click the unit, open Properties, and select the Group Policy tab.
4. Add a remote WMI policy object, or select an existing object, and click Edit.
5. Double-click Administrative Templates > Network > Network Connections > Windows Firewall.
6. If the computer is in the domain, then double-click Domain Profile. Otherwise, double-click Standard Profile.
7. Click Windows Firewall: Allow remote administration exception.
8. On the Action menu, select Properties.
9. Click Enable, and then click OK and close out of the Group Policy Editor.
10. Now place the computers that should have Remote Administration enabled on their firewalls into the entity with the new Group Policy.
11. The next time the new policy is applied (e.g. when the current user logs in again or the computer is rebooted), the Crawler will have access to them.
To test whether the computer adopted the policy, click Start > Run, and launch rsop.msc. Open the location referenced in step 5, and verify Windows Firewall: Allow remote administration exception with the value of enabled. Your Crawler should now be able to gather WMI information from your Windows computers. If you are unfamiliar with Group Policy, much more detailed information can be found on the web.
See Connecting Through Windows Firewall for more information about WMI access through firewalls.