This discussion has been locked. The information referenced herein may be inaccurate due to age, software updates, or external references.
You can no longer post new replies to this discussion. If you have a similar question you can start a new discussion in this forum.

Using RPC during device scan

Hello Thwack team,

In my lab, I have free IPMonitor 10.9.1 running on Windows Server 2012R2.  Service runs as Local System.  Target is a Windows 10 Home PC.  No domains, just straight Workgroup.  I can use WMI Explorer 2.0 and connect via RPC to target when I specify a local administrator.  In IPM, I created a credential with that local administrator information.  When I try and add the Windows 10 Home as a new device, I scan the IP with the IPM credentials.  IPM tries for a while but just comes back with PING and some other metric. 

I then tried to just create a monitor and bypass a device scan.  I used CPU and said use RPC.  Gave it IP and credentials and it immediately came back with

No CPUs were found at "192.168.111.22". To resolve this issue, ensure that:

The IP Address / Domain Name, UDP Port and Community Name are entered correctly.

A firewall is not blocking access to the remote device.

Like I said - WMI Explorer works just fine.  I've addressed firewall.

Any help would be appreciated.

J

  • I found the answer for my situation.

    1. It seems device scan will use WMI/RPC when you specify a credential.  (Solarwinds please correct me on this)
    2. Since I'm using Workgroups, authentication is performed locally.
      • To use local administrator "Admin", you must prefix with .\     so .\Admin
    3. I knew firewalls would need attention.  In my case it's Norton so just create a Norton firewall rule to allow your IPM server access.
    4. Finally, this is Windows 10 Home which has a greatly reduced functionality.  You must enable a locval policy.
      • In this case the policy is LocalAccountTokenFilterPolicy
      • I did this by running this command as administrator:  winrm quickconfig
      • C:\WINDOWS\system32>winrm quickconfig

      • WinRM is not set up to receive requests on this machine.

      • The following changes must be made:

      • Start the WinRM service.

      • Set the WinRM service type to delayed auto start.

      • Make these changes [y/n]? y

      • WinRM has been updated to receive requests.

      • WinRM service type changed successfully.

      • WinRM service started.

      • WinRM is not set up to allow remote access to this machine for management.

      • The following changes must be made:

      • Enable the WinRM firewall exception.

      • Configure LocalAccountTokenFilterPolicy to grant administrative rights remotely to local users.

      • Make these changes [y/n]? y

      • WinRM has been updated for remote management.

      • WinRM firewall exception enabled.

      • Configured LocalAccountTokenFilterPolicy to grant administrative rights remotely to local users.

    I'm now able to add WMI monitors from my IPM server to my Windows 10 Home PCs.

    J