DCom hardening breaks remote WMI in Windows PE?

Marco[73] 6 Reputation points

I recently found out that the DCom hardening soluition Microsoft shipped with the June updates causes remote WMI from Windows PE to fail with an access denied message. When implementing the temporary registry key workaround, remote WMI queries do work.

My situation is one where I use a pre-start command in the Configuration Manager boot image to run a powershell script that uses WMI to query the configuration manager environment to check the local UUID against the database to see whether a system is already in Config Manager. The script uses a valid user account for the WMI query. With the June updates this query returns an access denied message.

When implementing the registry key highlighted in KB5004442 (HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Ole\AppCompat) on the server, the WMI request works again.

Running the same piece of code form a regular Windows 10 machine, with the same credentials, does not get an access denied and returns the request like expected.

My question is how can I configure DCOM/Remote WMI in Windows PE to use the same security level as a regular Windows 10 system?

Windows Server
Windows Server
A family of Microsoft server operating systems that support enterprise-level management, data storage, applications, and communications.
8,826 questions
Microsoft Configuration Manager
1 vote