HP dx7200 HP Client Management Interface Technical White Paper - Page 24

Configuring WMI Security

Get HP dx7200 - Microtower PC PDF manuals and user guides View all HP dx7200 manuals
Add to My Manuals
Save this manual to your list of manuals

Page 24 highlights

strComputer & strNamespace) Set colItems = objWMIService.ExecQuery(strQuery,,lFlags) For each objItem in colItems objItem.SetBiosSetting oReturn, _ "Hyper-Threading", _ "Enable", _ strPassword Next Dim strResult Select Case oReturn Case 0 strReturn = "Success" Case 1 strReturn = "Not Supported" Case 2 strReturn = "Unspecified Error" Case 3 strReturn = "Timeout" Case 4 strReturn = "Failed" Case 5 strReturn = "Invalid Parameter" Case 6 strReturn = "Access Denied" Case Else strReturn = "..." End Select WScript.Echo "SetBiosSetting() returned: (" & oReturn _ & ") " & strReturn Note that in order to use the HP Client Management Interface Password Control as an automation component, it must be registered as an ActiveX automation component. To do this, just execute "hppwdctl.exe /install". Configuring WMI Security Windows Management Instrumentation (WMI) security is based on namespaces. The WMI schema is logically partitioned into namespaces for organizational and security purposes. This partitioning allows for varying security configurations to be applied to each namespace within the schema, or common security configurations to be inherited between namespaces within the schema. The WMIMGMT.MMC Microsoft Management Console (MMC) snap-in allows system administrators to modify the security attributes on WMI namespaces. In this tool, you can set security that is based off of the root or select individual namespaces. You can also use inheritance that is based on namespace hierarchy. Use the following steps to modify WMI namespace security: 1. Click Start, click Run, type wmimgmt.msc, and then click Enter. 2. Right-click WMI Control, and then click on Properties from the context menu. 3. Click the Security tab to see the namespace navigation pane. 4. Highlight a namespace and click the Security button to see the allowable permissions. 5. Set the inheritance on the namespace. Enable: To grant read access to objects within the namespace. Execute Methods: Allows object methods exported from the CIM Object Manager to be run. Full Control: To grant full read/write/delete access to all CIM objects, classes, and instances. Partial Write: To grant write access to static objects in the repository. Provider Write: To grant write access to objects that are provided by the provider. Read Security: To grant read-only access to WMI security information. Edit Security: To grant read/write access to WMI security information. Remote Access: To grant a remote computer the same rights that are allowed when connecting from a local computer. 24

  • 1
  • 2
  • 3
  • 4
  • 5
  • 6
  • 7
  • 8
  • 9
  • 10
  • 11
  • 12
  • 13
  • 14
  • 15
  • 16
  • 17
  • 18
  • 19
  • 20
  • 21
  • 22
  • 23
  • 24
  • 25
  • 26
24
strComputer & strNamespace)
Set colItems = objWMIService.ExecQuery(strQuery,,lFlags)
For each objItem in colItems
objItem.SetBiosSetting oReturn, _
"Hyper-Threading", _
"Enable", _
strPassword
Next
Dim strResult
Select Case oReturn
Case 0 strReturn = "Success"
Case 1 strReturn = "Not Supported"
Case 2 strReturn = "Unspecified Error"
Case 3 strReturn = "Timeout"
Case 4 strReturn = "Failed"
Case 5 strReturn = "Invalid Parameter"
Case 6 strReturn = "Access Denied"
Case Else strReturn = "..."
End Select
WScript.Echo "SetBiosSetting() returned: (" & oReturn _
& ") " & strReturn
Note that in order to use the HP Client Management Interface Password Control as an automation
component, it must be registered as an ActiveX automation component. To do this, just execute
“hppwdctl.exe /install”.
Configuring WMI Security
Windows Management Instrumentation (WMI) security is based on namespaces. The WMI schema is
logically partitioned into namespaces for organizational and security purposes. This partitioning
allows for varying security configurations to be applied to each namespace within the schema, or
common security configurations to be inherited between namespaces within the schema. The
WMIMGMT.MMC Microsoft Management Console (MMC) snap-in allows system administrators to
modify the security attributes on WMI namespaces. In this tool, you can set security that is based off
of the root or select individual namespaces. You can also use inheritance that is based on namespace
hierarchy.
Use the following steps to modify WMI namespace security:
1.
Click
Start
, click
Run
, type
wmimgmt.msc
, and then click
Enter
.
2.
Right-click
WMI Control
, and then click on
Properties
from the context menu.
3.
Click the
Security
tab to see the namespace navigation pane.
4.
Highlight a namespace and click the
Security
button to see the allowable permissions.
5.
Set the inheritance on the namespace.
Enable
: To grant read access to objects within the namespace.
Execute Methods
: Allows object methods exported from the CIM Object Manager to be run.
Full Control
: To grant full read/write/delete access to all CIM objects, classes, and instances.
Partial Write
: To grant write access to static objects in the repository.
Provider Write
: To grant write access to objects that are provided by the provider.
Read Security
: To grant read-only access to WMI security information.
Edit Security
: To grant read/write access to WMI security information.
Remote Access
: To grant a remote computer the same rights that are allowed when connecting
from a local computer.