ActiveXperts Network Monitor KB - Monitoring Windows / WMI (DCOM)
'Monitoring Windows / WMI (DCOM)' Knowledge Base Articles
| Q7250005 | What ports do I need to open in the firewall to enable communication between the ActiveXperts Network Monitor server and the monitored Windows servers? We're using WMI through DCOM. |
| WMI through DCOM uses TCP ports 135 and 445, as well as dynamically-assigned ports above 1024. If you monitor Windows machines through a firewall, it is recommended to use WMI over WinRM, because that uses only one port (default: 5986 for secure HTTPs access, or 5985 for non-secure HTTP acce ... | |
| Q7250010 | For one of my Windows servers, I get the error: "Unable to connect to [myserver]; WMI Error 0x800706BA: The RPC server is unavailable". We're using WMI through DCOM. |
| Most common reason are: DCOM is disabled on that server Firewall settings on the monitored server block all RPC data The account used is not a member of the built-in local Administrator For enabling/disabling DCOM, see FAQ #Q7250017 The solutions are described below. Fire ... | |
| Q7250015 | How to verify WMI access through DCOM? |
| To test whether you can connect to the remote computer using DCOM, run the following command in Powershell: New-CimSession -ComputerName REMOTEMACHINE -SessionOption (New-CimSessionOption -Protocol Dcom) or (with alternate credentials): New-CimSession -ComputerName REMOTEMACHINE ... | |
| Q7250017 | How to enable/disable WMI through DCOM on a standalone Windows server? |
| Enabling/disabling WMI through DCOM on a standalone Windows server can be done using the following steps: Open the "Component Services" console by typing "dcomcnfg" in the "Run" dialog box or from the "Start" menu search bar. In the console, expand the "Component Services" node and then ... | |
| Q7250018 | How to enable/disable WMI through DCOM on a Windows member server using a Group Policy? |
| To enable/disable WMI through DCOM on a Windows member server through a group policy, you can follow the steps below: Open the Group Policy Management Console (GPMC) on a domain controller or a server with the Group Policy Management feature installed. Create a new Group Policy Object (GPO) ... | |
| Q7250020 | For one of my Windows servers, I get the error: "Unable to connect to [myserver]; WMI Error 0x80070005: Access is denied". We're using WMI through DCOM. |
| In most situation, the credentials do not suffice. Make sure that the credentials, used for the ActiveXperts Network Monitor Engine service to login, have full permissions on the monitored server. Or use alternate credentials for the particular check, so that ActiveXperts doesn't use the service ... | |
| Q7250050 | When I try to monitor my TMG server, ActiveXperts tells me that the RPC Server is unavailable (error 0x800706BA). We're using WMI through DCOM. |
| Incoming WMI requests are denied by the TMG policy by default. To enable RPC, open the 'Configure RPC protocol policy' configuration window, and disable the 'Enforce strict RPC compliance' option. This way, the policy will allow RPC type protocol such as DCOM. ... | |
| Q7250060 | We've raised the authentication level to require RPC_C_AUTHN_LEVEL_PKT_INTEGRITY on all of our Windows servers. Is ActiveXperts able to handle it? We're using WMI through DCOM. |
| By default, ActiveXperts uses the RPC_C_AUTHN_LEVEL_DEFAULT level to connect to remote Windows Servers. This will not suffice for servers that require RPC_C_AUTHN_LEVEL_PKT_INTEGRITY authentication. You need to change the following registry entry: HKLM\Software\ActiveXperts\Network Monitor\ ... | |
| Q7250065 | We receive the following error when executing a Windows check: "Please raise the activation authentication level at least to RPC_C_AUTHN_LEVEL_PKT_INTEGRITY in client application". We're using WMI through DCOM. |
| Microsoft has strengthened the authentication used between DCOM clients and servers, ensuring that none of the data transferred between the client and server has been modified. More more information, see FAQ #Q7250060 ... | |
| Q7250070 | Is there a way to bypass the DCOM hardening changes that forces RPC_C_AUTHN_LEVEL_PKT_INTEGRITY authentication? We're using WMI through DCOM. |
| Yes you can. First of all, you need to make sure you have the September 2021 patches or later installed. Registry setting to enable or disable the hardening changes for CVE-2021-26414, you can use the following registry key: Path : HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Ole\AppCompat V ... |
Contact Support
If you cannot find an answer to your question(s) in our Knowledge Base, or if you need additional information or assistance, please contact our Customer Support using the Contact Support form:
Contact Support »