DCOM Security
As we have already intimated, security at the WMI level is only part of the story. It is all very well for WMI to decide which operations should be allowed for different groups of users, but this works in practice only if WMI has a way of knowing who is trying to use it! This problem is handled by the DCOM security model, which not only has mechanisms for authenticating attempted connections (locally or remotely) but also can provide a DCOM application (in this case, winmgmt.exe) with the caller’s credentials. It can even allow this application to impersonate the caller, giving the application permissions it would not otherwise have. If this sounds rather confusing, the next few paragraphs should make it more clear.
Consider once ...
Get Windows Management Instrumentation (WMI) now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.