I am trying to monitor windows machine with the help of wmi and powershell remoting. I managed to successfully start remote session with that machine throught non-admin user account, but now I have a problem with running WMI queries. My user is in the following groups (I followed this answer to setup account for that user):
[192.168.173.206]: PS C:\Users\lpu\Documents> Get-ADPrincipalGroupMembership $env:username | Format-table name
name
----
Domain Users
Performance Monitor Users
Distributed COM Users
Remote Management Users
____________________________________________________________________________________________________________________________________________________________________________________________________________________________________________
[192.168.173.206]: PS C:\Users\lpu\Documents> os_caption
Get-WmiObject : Access denied
At line:2 char:6
+ (Get-WmiObject -class Win32_OperatingSystem).Caption
+ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+ CategoryInfo : InvalidOperation: (:) [Get-WmiObject], ManagementException
+ FullyQualifiedErrorId : GetWMIManagementException,Microsoft.PowerShell.Commands.GetWmiObjectCommand
As my collegue told me, I need to turn off User Account Control.
You cold do this with the following commands, I got from this answer: