Executing Privileged Operations
Privileged operations require security privileges such as SeLoadDriverPrivilege (wbemPrivilegeLoadDriver in the Scripting API Constants), a privilege that must be enabled for an account that is loading a device driver. You cannot add privileges to an administrator or user through WMI, you can only enable privileges that the account already has. For a list of privileges, see Privilege_Constants.
By default, a local user on a computer can read static data from the WMI repository, write to instances supplied by providers, and execute provider methods, unless the provider enforces special security requirements of its own. Only administrators can connect to a remote computer, change security descriptors, or change static WMI repository data, such as a WMI class definition. All privileges are enabled for a remote connection. For more information, see Securing a Remote WMI Connection.
The privilege constants for C++ differ from those that are used by automation languages such as Visual Basic. Scripts must use the value of the constant rather than the name. For more information, see Executing Privileged Operations Using C++ or Executing Privileged Operations Using VBScript.
A common cause of access denied errors when using WMI is the lack of an enabled privilege for operations, such as getting all instances of Win32_NTEventlogFile. Without enabling the SeSecurity privilege, you cannot access the Security log file.
The following VBScript code example shows how to set the SeSecurity privilege in the moniker string. When used in the moniker, the privilege name in parentheses drops the initial "Se". For more information, see Constructing a Moniker String.
strComputer = "."
Set objWMIService = GetObject("winmgmts:" _
& "{impersonationLevel=impersonate,(Security)}!\\" _
& strComputer & "\root\cimv2")
Set colFiles = objWMIService.ExecQuery _
("Select * from Win32_NTEventLogFile " _
& "Where LogFileName='Security'")
For Each LogFile in colFiles
Wscript.Echo LogFile.NumberOfRecords
Next
Related topics
Feedback
Coming soon: Throughout 2024 we will be phasing out GitHub Issues as the feedback mechanism for content and replacing it with a new feedback system. For more information see: https://aka.ms/ContentUserFeedback.
Submit and view feedback for