Chapter 17. WMI over WSMAN

 

This chapter covers

  • WSMAN protocols
  • Using WMI through WSMAN
  • Using CredSSP
  • Comparing WSMAN and other remoting techniques

In the previous chapters, we’ve looked at using the capabilities built into the WMI cmdlets to provide access to remote systems. Using the -ComputerName parameter is a simple method of creating a connection to a remote machine, and this is the approach we’ve used in the majority of the techniques explored in previous chapters. But there are a number of scenarios where this approach isn’t enough:

  • WMI uses Distributed COM (DCOM) to connect to a remote machine. This may not be available or may be blocked by a firewall.
  • You may want to run multiple WMI commands against the same machine— this involves creating and destroying multiple connections. It would be more efficient to create one session and run multiple commands. Some information about the connection is cached, but it’s still quicker to create one session and run multiple commands.
  • You may need to perform out-of-band hardware management (accessing the hardware by dedicated management links that aren’t used by general users) or access non-Windows machines.

17.1. Remoting protocols

17.2. Using WSMAN

17.3. Using CredSSP to access remote machines

17.4. How to choose between WMI, remoting, and WSMAN

17.5. Summary