wmic vs gwmi

This topic contains 4 replies, has 3 voices, and was last updated by Profile photo of GJ GJ 1 year, 5 months ago.

  • Author
  • #24888
    Profile photo of GJ

    Hello All,

    I am in need of getting the RDP certhash of a remote machine. I found a way to get the same using wmic and it works absolutely fine. I am trying the same with powershell on the same console but I am receiving Access Denied error. Am I doing something wrong?

    PS C:\> wmic /node:Testserver /namespace:\\root\CIMV2\TerminalServices PATH Win32_TSGeneralSetting get SSLCertificateSHA1Hash
    PS C:\>
    PS C:\> gwmi Win32_TSGeneralSetting  -Namespace "root\cimv2\terminalservices" -ComputerName Testserver | select -ExpandProperty SSLCertificateSHA1Hash
    gwmi : Access denied
    At line:1 char:1
    + gwmi Win32_TSGeneralSetting  -Namespace "root\cimv2\terminalservices" -ComputerN ...
    + ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
        + CategoryInfo          : InvalidOperation: (:) [Get-WmiObject], ManagementException
        + FullyQualifiedErrorId : GetWMIManagementException,Microsoft.PowerShell.Commands.GetWmiObjectCommand
  • #24889
    Profile photo of Richard Siddaway
    Richard Siddaway

    I just tried this

    Get-WmiObject -Namespace root\cimv2\TerminalServices -Class Win32_TSgeneralSetting -ComputerName W12R2SUS

    against a remote Windows 2012 R2 machine and it worked.

    Access denied is usually a permissions problem. Can you access a standard class on the remote machine using Get-WmiObject?

    You may need to create a credential object and use that with Get-WmiObject.

    Alternatively try Get-CimInstance. It runs over WSMAN and doesn't trip over so many issues as Get-WmiObject
    Get-CimInstance -Namespace root\cimv2\TerminalServices -ClassName Win32_TSgeneralSetting -ComputerName W12R2SUS

  • #24892
    Profile photo of GJ

    Thanks Richard. I have admin rights on the remote machine and I am able to access the remote server's standard class wmi using gwmi such as win32_bios. I have also tried supplying the credential (domain as well the local built in admin) as suggested – but still no luck.

    My environment is not setup with PS remoting yet but I still enabled it only on this remote machine to check this issue with get-ciminstance. But I was getting "A DMTF resource URI was used to access a non-DMTF class. Try again using a non-DMTF resource URI.". Then I saw your article and got to know the problem is due to wsman3 and 2 connection conflicts. I was running these commands from windows 2012 (PS3) to the remote Windows 2008R2 machine. Finally I managed to get it working with mix and match WSMAN and DCOM based CIM sessions and I could get the RDP certhash.

    I tried using the same gwmi command from windows 2012(PS V3) to remote windows 2008/2012/R2 machines and still have the same problem. But when i use it from windows 2012 R2 to remote machines with any os 2008/12/R2 everything works fine. So looks like it is fixed in PS V4. .

  • #24904
    Profile photo of albvar01

    When ever you see Access denied (raised by: Get-WmiObject) simply add -Authentication PacketPrivacy to the gwmi cmdlet.
    gwmi Win32_TSGeneralSetting -Namespace "root\cimv2\terminalservices" -Computername blah -Authentication PacketPrivacy

  • #24914
    Profile photo of GJ

    @albvar01 – Awesome. Thank you. It works with -Authentication PacketPrivacy on PS v3.

You must be logged in to reply to this topic.