Setting Up a Fixed Port for WMI
WMI runs as part of a shared service host with ports assigned through DCOM by default. Starting with Windows Vista, you can set up the WMI service to run as the only process in a separate host and specify a fixed port.
A fixed port makes WMI easier to use behind firewalls, but in Windows Vista you cannot use scripts that make asynchronous calls. For more information about asynchronous calls, see Calling a Method.
The following procedure is an automated setup to allow WMI to have a fixed port. The procedure uses the winmgmt command-line tool.
To set up a fixed port for WMI
- At the command prompt, type winmgmt -standalonehost
- Stop the WMI service by typing the command net stop "Windows Management Instrumentation", or use the short name of net stop winmgmt
- Restart the WMI service again in a new service host by typing net start "Windows Management Instrumentation" or net start winmgmt
- Establish a new port number for the WMI service by typing netsh firewall add portopening TCP 24158 WMIFixedPort
Note Windows Vistaand Windows Server 2008: the netsh firewall command has been depreciated. Instead, you can use netsh advfirewall firewall command. For more information, see the following KB article, or Connecting to WMI Remotely Starting with Windows Vista.
To undo any changes you make to WMI, type winmgmt /sharedhost, then stop and start the winmgmt service again.
For a script that sets up a fixed port for WMI, see the following Scripting Gallery code sample.
For a PowerShell code example that enables or disables the WMI port settings, see the Set-WmiSinglePort example on TechNet Gallery.
- Connecting to WMI on a Remote Computer
- Connecting to WMI Remotely Starting with Vista
- Provider Hosting and Security