Agentless WMI setup:
These steps are required to be performed on a Domain Controller by a Windows Admin in order for the WMI features to work. Create a FireScope WMI Credential using a domain user that is a member of 'Domain Admins' - This grants access to the WMI CIMV2 namespace where device data is queried from. - It's recommended that a dedicated WMI user be created (as member of 'Domain Admins') for this purpose. Create the dedicated user via Administrative Tools > Active Directory Users and Computers. For a visual reference to most of the remaining steps below, refer to the following instructional link: https://www.infrasightlabs.com/how-to-enable-winrm-on-windows-servers-clients Create the Group Policy that will enable WinRM services and open required WinRM firewall ports on each Windows devices in the domain - Run Group Policy Management (via Administrative Tools or commandline gpmc.msc) - Create an 'Enable WinRM' Group Policy object (GPO) under your domain then edit it. - Enable 'Windows Remote Management' listeners - Navigate through Computer Configuration > Policies > Administrative Templates: Policy definitions > Windows Components > Windows Remote Management (WinRM) > WinRM Service. - Edit 'Remote Server Management through WinRM' (or 'Allow automatic configuration of listeners') then select Enable and specify '*' for IPv4 and IPv6 filters. - Automatically start the 'Windows Remote Management (WS-Management)' service - Navigate through Computer Configuration > Preferences > Control Panel Settings > Services. - Create a new service with Service Name of WinRM (aka 'Windows Remote Management (WS-Management)'), Startup of Automatic, and Service Action of Start. - Open firewall for WinRM traffic - Navigate through Computer Configuration > Policies > Windows Settings > Security Settings > Windows Firewall with Advanced Security > Windows Firewall with Advanced Security > Inbound Rules. - Add new Inbound rule of type Predefined: Windows Remote Management, click Next and checkmark only 'Windows Remote Management(HTTP-In)', then click Next and 'Allow the connection'. - Add new Inbound rule of type Predefined: File and Printer Sharing, click Next and checkmark only 'File and Printer Sharing(Echo Request - ICMPv4-In)', then click Next and 'Allow the connection'. - This GPO will take time to propagate from the Domain Controller to all Windows devices in the domain. To forcefully update individual Windows devices, type 'gpupdate /force' via DOS commandline on each device.