Contact UsContact Us

Enabling WMI to Work with School Manager

This article is for IT support.

"WMI" Windows Management Instrumentation and School Manager can work together to monitor the appliances and devices on your network. This guide will explain how to configure the permissions to allow WMI to communicate security events to School Manager.

Before You Start

Please contact Linewize Support before enabling WMI services for School Manager.

WMI will not populate the Users list in School Manager. You will need to sync School Manager with your LDAP or Azure Active Directory before adding WMI to allow School Manager to associate machine names from WMI with your Users.

You should use a domain administrator account to collect domain controller events and to authenticate your Users in School Manager. To maintain system security, you should not allow a non-domain administrator account to collect security events.

There are four steps in this process:

  1. Automatically Enable Services
  2. Check Event Viewer Logs
  3. Create and Configure the Log Reader User
  4. Configure WMI Settings

Automatically Enable Services

Confirm that the Server, DCOM, and WMI services are set to automatically start by opening the Services MMC snap-in.

  1. Open the Run window (Windows Key + R).
  2. Type services.msc and then select OK.
  3. The services should have a Startup Type of Automatic.
    If the service is a different Startup Type, change it to Automatic.
  4. Close the Services window.

Check Event Viewer Logs

Check the Event Viewer to ensure that the Domain Controller correctly logs events needed for WMI.

  1. Open the Run window (Windows Key + R).
  2. Type eventvwr and then select OK.
  3. Select Windows Logs > Security.
  4. Select Filter Current Log… from Action menu.
  5. Type 4768 in the <All Event IDs> box, then select OK.

Create and Configure the Log Reader User

  1. Create a new user called Linewize Log Reader.
    1. Open the Run window (Windows Key + R).
    2. Type dsa.msc and then select OK.
    3. Expand the domain from the left hand menu.
    4. Right click the Users object and select New > User.
    5. In the First name box type Linewize.
    6. In the Last name box type Log Reader.
    7. In the User logon name box, type linewize.
    8. Click Next.
    9. Type a Password and Confirm the password.
    10. Uncheck User must change password at next logon.
    11. Check Password never expires.
    12. Click Next.
    13. Click Finish.
  2. Add the new user to Distributed COM Users and Event Log Readers groups.
  3. Right click the Linewize Log Reader user.
    1. Click the Member Of tab.
    2. Click Add...
    3. Type Distributed COM User and click Check Names.
    4. Type Event Log Readers and click Check Names.
    5. Click OK.

Tip

Add a user to your server’s local Event Log Readers group when the server is a member of the domain but not a Domain Controller.

  1. Create a new user called Linewize Log Reader.
    1. Open the Run window (Windows Key + R).
    2. Type lusrmgr.msc and then select OK.
    3. Right click Users and select New User…
    4. In the User name box type linewize.
    5. In the Full name box type Linewize Log Reader.
    6. Type a Password and Confirm the password.
    7. Uncheck User must change password at next logon.
    8. Check Password never expires.
    9. Click Create.
    10. Add the new user to Event Log Readers groups.
    11. Click the Linewize Log Reader user.
    12. Click the Member Of tab.
    13. Click Add...
    14. Type Distributed COM Users and click Check Names.
    15. Type Event Log Readers and click Check Names.
    16. Click OK.
    17. Click Apply and OK.
  2. Create a new user called Linewize Log Reader.
    1. Open the Run window (Windows Key + R).
    2. Type lusrmgr.msc and then select OK.
    3. Right click Users and select New User…
    4. In the User name box type linewize.
    5. In the Full name box type Linewize Log Reader.
    6. Type a Password and Confirm the password.
    7. Uncheck User must change password at next logon.
    8. Check Password never expires.
    9. Click Create.
    10. Add the new user to Event Log Readers groups.
    11. Click the Linewize Log Reader user.
    12. Click the Member Of tab.
    13. Click Add...
    14. Type Distributed COM Users and click Check Names.
    15. Type Event Log Readers and click Check Names.
    16. Click OK.
    17. Click Apply and OK.
  3. Go to the Default Properties tab, ensure:
    1. Enable Distributed COM on this computer is checked.
    2. Default Authentication is set to Connect.
    3. Default Impersonation Level is Identify.
  4. Go to the COM Security tab, and ensure both Access Permissions and Activation permissions are configured.
    1. Under Access Permissions, click Edit Default…
    2. Click Add... then type Linewize Log Reader.
    3. Click Check Names and then OK.
    4. Check both Allow for Local Access and Remote Access permissions.
    5. Click OK.
    6. Move down to Launch and Activation Permissions, click Edit Default…
    7. Click Add... then type Linewize Log Reader.
    8. Click Check Names and then OK.
    9. Check the following Allow Local Launch, Remote Launch, Local Activation, and Remote Activation permissions.
    10. Click OK.

Configure WMI Settings

Configure WMI settings through Windows Management Instrumentation (WMI).

  1. Open the Run window (Windows Key + R).
  2. Type wmimgmt.msc and select OK.
  3. Right click WMI Control and select Properties.
  4. Go to the Security tab, expand the dropdown and select CIMV2.
  5. Click Security.
  6. Select the Linewize Log Reader user, then click Advanced.
  7. Select the Linewize Log Reader user, then click Edit.
  8. Click Select a principal link.
  9. Type Linewize Log Reader and click Check Names.
  10. Click OK.
  11. In the Type field, select Allow.
  12. In the Applies to field, select This namespace only.
  13. Check the following Permissions:
    1. Select Execute Methods.
    2. Partial Write.
    3. Provider Write.
    4. Enable Account.
    5. Remote Enable.
    6. Read Security.
    7. Edit Security.
  14. Click OK.
  15. Click Apply then OK.