Having the same issue, have a PS script making calls to the SCCM server to pull build relevant data and now failing. Please can this be remediated for Windows PE, it's a real problem for our build solutioning.
DCom hardening breaks remote WMI in Windows PE?
I recently found out that the DCom hardening soluition Microsoft shipped with the June updates causes remote WMI from Windows PE to fail with an access denied message. When implementing the temporary registry key workaround, remote WMI queries do work.
My situation is one where I use a pre-start command in the Configuration Manager boot image to run a powershell script that uses WMI to query the configuration manager environment to check the local UUID against the database to see whether a system is already in Config Manager. The script uses a valid user account for the WMI query. With the June updates this query returns an access denied message.
When implementing the registry key highlighted in KB5004442 (HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Ole\AppCompat) on the server, the WMI request works again.
Running the same piece of code form a regular Windows 10 machine, with the same credentials, does not get an access denied and returns the request like expected.
My question is how can I configure DCOM/Remote WMI in Windows PE to use the same security level as a regular Windows 10 system?
3 answers
Sort by: Most helpful
-
-
Nicky Bries 5 Reputation points
2023-05-22T09:04:47.4333333+00:00 Rewrite your scripts to use the administration service.
https://learn.microsoft.com/en-us/mem/configmgr/develop/adminservice/usage
-
Nicky Bries 5 Reputation points
2023-09-19T09:43:37.1366667+00:00 We fixed this issue by replacing wmi querys with admin service based query's.
https://learn.microsoft.com/en-us/mem/configmgr/develop/adminservice/overview