Nagios XI - WMI Authentication Problems


Problem Description

When a query is submitted with a correct set of credentials, but a user does not have access to the WMI class, absolutely NO output is returned by wmic.

 

Explanation

When a Windows user is added to a group, that user is given an Authentication token. For each group a user is a member of, a separate token is issued. When a request to access an object is issued, the token containing the permissions level of the object is compared to that of the user.

With Windows Server 2003 and below, authenticating users automatically used the highest level of authentication available to them. This means that any user added to the Administrators group was authenticated at that level for every request.

Beginning with Windows Server 2008, things changed. Authenticating users automatically used the highest level of authentication when executing WMI queries locally, but when executing queries remotely, users are expected to use domain credentials to validate permissions. However, if the server is not part of a domain and is instead configured to use a workgroup, remotely authenticated users are given regular user-level permissions, despite existing in the Administrators group. There is no way to change this behavior.

 

Solutions

 

 

Additional Information

This problem was identified by the Nagios Support Forum user thanks_st_ignucius in the following forum thread:

https://support.nagios.com/forum/viewtopic.php?f=6&t=36953&p=171370#p171336

 

Final Thoughts

For any support related questions please visit the Nagios Support Forums at:

http://support.nagios.com/forum/



Article ID: 476
Created On: Thu, Feb 25, 2016 at 6:04 PM
Last Updated On: Tue, Sep 18, 2018 at 1:03 AM
Authored by: tlea

Online URL: https://support.nagios.com/kb/secure/nagios-xi-wmi-authentication-problems-476.html