I've been working with the new WMI probes in 5.2 and would like some feedback from the developers or other users on how to use these probes without compromising security on target Windows machines. Please correct me if any of the following are wrong:
1) WMI probes only work correctly against Windows Server 2003/2008 servers if the NT services account listed in the Intermapper server is in the target machine's Administrator group. 2) Command Line debug output in Intermapper shows the user name and password for WMI probes are being passed in the clear. 3)There are no clear instructions on the Firewall port rules required to allow WMI probes to pass through successfully on a Windows Server 2003/2008 target machine. I was able to piece this out but it took way too long, there should be crystal clear instructions regarding this so that additional ports are NOT opened that are unnecessary. In light of these observations, is there any way to use WMI safely? Opening firewall ports and allowing an administrator credentials to pass over the net in the clear doesn't seem like a good tradeoff for WMI information. I'd really like to be wrong on this because we really need these probes. Thanks! -------------------- m2f -------------------- Read this topic online here: http://forums.dartware.com/viewtopic.php?p=2191#2191 ____________________________________________________________________ List archives: http://www.mail-archive.com/intermapper-talk%40list.dartware.com/ To unsubscribe: send email to: [email protected]
