Share via

Allow WMI/PowerShell Remote Access on a Device (Standard 8)

  • Article

7/8/2014

Learn how to allow WMI and Powershell remote access on your Windows Embedded 8 Standard (Standard 8) device.

For VAMT 3.0 to activate a device remotely, the device must have Windows Management Instrumentation (WMI) and Windows PowerShell enabled for remote access. For more information, see Configure Client Computers.

Prerequisites

  • Your device has Windows Embedded 8 Standard (Standard 8) installed.
  • You have administrator user rights to your device.

To enable WMI/PowerShell remote access on a device

  1. If your device is in a workgroup, you may need to disable Remote UAC. Open a command prompt with administrator user rights and type the following to disable Remote UAC:

    reg add HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\system /v LocalAccountTokenFilterPolicy /t REG_DWORD /d 1 /f

  2. Type the following to enable the Remote Administration exception:

    netsh advfirewall set service RemoteAdmin enable

  3. Type the following to enable WMI traffic at a command prompt by using a WMI rule:

    netsh advfirewall firewall set rule group="windows management instrumentation (wmi)" new enable=yes

  4. Type the following to establish a firewall exception for DCOM port 135:

    netsh advfirewall firewall add rule dir=in name="DCOM" program=%systemroot%\system32\svchost.exe service=rpcss action=allow protocol=TCP localport=135

  5. Type the following to establish a firewall exception for the WMI service:

    netsh advfirewall firewall add rule dir=in name ="WMI" program=%systemroot%\system32\svchost.exe service=winmgmt action = allow protocol=TCP localport=any

  6. Type the following to establish a firewall exception for the sink that receives callbacks from a remote device:

    netsh advfirewall firewall add rule dir=in name ="UnsecApp" program=%systemroot%\system32\wbem\unsecapp.exe action=allow

  7. Type the following to establish a firewall exception for outgoing connections to a remote device that the local computer is communicating with asynchronously:

    netsh advfirewall firewall add rule dir=out name ="WMI_OUT" program=%systemroot%\system32\svchost.exe service=winmgmt action=allow protocol=TCP localport=any

See Also

Concepts

Manage Activation Using Volume Activation Management Tool