Wednesday, August 24, 2016

Setting static/fixed WMI port in Windows 2012 R2

Here's a quick how-to on setting up a static port for Windows Management Instrumentation (WMI). I'm assuming that you have specific reasons to do so, in my case, I wanted to limit the firewall rule scope to a single port instead of the default range of ports. Microsoft allows you to run a quick command and after restarting the WMI services, you end up with the fixed port 24158 for WMI. While that's the default fixed port, there are ways of changing to one of your liking and I'll also demonstrate that.

Step 1 - Elevated Command Prompt

From an elevated command prompt, run the following command:
winmgmt -standalonehost

Step 1

Step 2 - Restart WMI Services

Stop and restart the WMI service (also from an elevated command prompt):
net stop winmgmt && net start winmgmt

Step 2

At this point, if you're not using the Windows 2012 firewall, you are done. WMI has been set to static port 24158. The following steps are optional, depending on your configurations and needs.

Step 3 - Set Preferred TCP Port (Optional)

Launch Component Services from Run or the command prompt.

Step 3a

From Component Services, navigate to Computers\My Computer\DCOM Config\Windows Management & Instrumentation

Step 3b
Step 3c

Right click on Windows Management and Instrumentation and select Properties.

Step 3d
Step 3e

Change the TCP port to the one of your choice.

Step 3f

Step 4 - Add Firewall Rule (Optional)

If you're using the built in Windows firewall, you'll need to add a new incoming rule to allow WMI traffic on the newly designated static port. On the following command, we're assuming that the static port is 24158 and that the new firewall rule is called WMIFixedPort, although you can name it anything you want. Make sure you run the following from an elevated command prompt.
netsh firewall add portopening TCP 24158 WMIFixedPort

Undo WMI Changes

If you would like to go back to default WMI port/behavior, run the following from an elevated command prompt.
winmgmt -sharedhost


Binary2Dec - WMI Fixed Port
MSDN - winmgmt