Securing WMI Namespaces
Access to WMI namespaces and their data is controlled by security descriptors. You can protect data in your namespaces by adjusting the namespace security descriptor to control who has access to the data and methods. For more information, see Access to WMI Securable Objects.
The following topics describe WMI namespace security and how to control access to namespaces.
-
WMI namespace security relies on standard Windows user security identifiers (SIDs) and access control lists. Administrators and users have different default permissions.
-
After a namespace exists in the WMI repository, you can change the security on the namespace by using the WMI Control or by calling the methods of __SystemSecurity.
-
The RequiresEncryption qualifier on a namespace requires the WMI client application or script to use the authentication level which encrypts remote procedure calls. Both incoming data requests and asynchronous callbacks must be encrypted.
-
You can control whether a child namespace inherits the security descriptor of the parent namespace.
Related topics