get-wmiobject causes stream of errors in output window
Posted: Sat Sep 29, 2018 3:05 pm
Product, version and build: PowerShell Studio 2018 v5.5.154
32 or 64 bit version of product:64
Operating system: Win10
32 or 64 bit OS: 64
I'm referencing a post from Aug 11, 2016 "gwmi causes wmi browser to start slowing things down"
viewtopic.php?f=12&t=10455&p=56604&hili ... ser#p56604
I found it when looking for the same issue, and since there was no response from the poster with details, I'll post additional info here for reference.
As soon as i put gwmi or Get-WMIObject into the code screen, and primal sense recognizes the cmdlet, my output window fills up with Access Denied messages...
WMI Browser: (\\.\Root\CCMVDI) Access denied
WMI Browser: (\\.\Root\Microsoft\Windows\DesiredStateConfiguration) Access denied
WMI Browser: (\\.\Root\Microsoft\Windows\DesiredStateConfigurationProxy) Access denied
WMI Browser: (\\.\Root\PEH) Access denied
WMI Browser: (\\.\Root\RSOP\Computer) Access denied
WMI Browser: (\\.\Root\RSOP\User) Access denied
WMI Browser: (\\.\Root\SECURITY) Access denied
WMI Browser: (\\.\Root\ServiceModel) Access denied
WMI Browser: (\\.\Root\ccm\CCMPasswordSettings) Access denied
WMI Browser: (\\.\Root\ccm\CIModels) Access denied
WMI Browser: (\\.\Root\ccm\CIStore) Access denied
WMI Browser: (\\.\Root\ccm\CITasks) Access denied
WMI Browser: (\\.\Root\ccm\CMBITSManager) Access denied
WMI Browser: (\\.\Root\ccm\ContentTransferManager) Access denied
WMI Browser: (\\.\Root\ccm\DCMAgent) Access denied
WMI Browser: (\\.\Root\ccm\Events) Access denied
WMI Browser: (\\.\Root\ccm\LocationServices) Access denied
WMI Browser: (\\.\Root\ccm\Messaging) Access denied
WMI Browser: (\\.\Root\ccm\NetworkConfig) Access denied
WMI Browser: (\\.\Root\ccm\PeerDPAgent) Access denied
WMI Browser: (\\.\Root\ccm\Policy) Access denied
WMI Browser: (\\.\Root\ccm\PowerManagementAgent) Access denied
WMI Browser: (\\.\Root\ccm\RebootManagement) Access denied
WMI Browser: (\\.\Root\ccm\ScanAgent) Access denied
WMI Browser: (\\.\Root\ccm\Scheduler) Access denied
WMI Browser: (\\.\Root\ccm\SettingsAgent) Access denied
WMI Browser: (\\.\Root\ccm\SoftMgmtAgent) Access denied
WMI Browser: (\\.\Root\ccm\SoftwareMeteringAgent) Access denied
WMI Browser: (\\.\Root\ccm\SoftwareUpdates) Access denied
WMI Browser: (\\.\Root\ccm\StateMsg) Access denied
WMI Browser: (\\.\Root\ccm\VulnerabilityAssessment) Access denied
WMI Browser: (\\.\Root\ccm\XmlStore) Access denied
WMI Browser: (\\.\Root\ccm\evaltest) Access denied
WMI Browser: (\\.\Root\cimv2\Security\MicrosoftTpm) Access denied
WMI Browser: (\\.\Root\cimv2\Security\MicrosoftVolumeEncryption) Access denied
WMI Browser: (\\.\Root\cimv2\mdm\dmmap) Access denied
It takes several minutes, because it doesn't quit until it's been satisfactorily denied on every class, and yes, PSS slows to a crawl while this is going on. Per the linked topic, you don't have to run anything. Just putting the command into the code editor starts the errors in the output window. Seems like primal sense is trying to read them all.
When I run PSS as an account with local admin, this doesn't happen. Please let us know if there's a way to turn off the WMI Browser function. I rarely run as admin because I can't get to our Git with that account.
One thing I noticed, however, is that with the admin account, it immediately gave me primal sense options for all my classes. With my standard account, after it (finally!) failed on every one, primal sense would work on subsequent GWMI commands. Maybe PSS is trying to read them 'too deep'? instead of just reading the class names? IDK... just a thought.
32 or 64 bit version of product:64
Operating system: Win10
32 or 64 bit OS: 64
I'm referencing a post from Aug 11, 2016 "gwmi causes wmi browser to start slowing things down"
viewtopic.php?f=12&t=10455&p=56604&hili ... ser#p56604
I found it when looking for the same issue, and since there was no response from the poster with details, I'll post additional info here for reference.
As soon as i put gwmi or Get-WMIObject into the code screen, and primal sense recognizes the cmdlet, my output window fills up with Access Denied messages...
WMI Browser: (\\.\Root\CCMVDI) Access denied
WMI Browser: (\\.\Root\Microsoft\Windows\DesiredStateConfiguration) Access denied
WMI Browser: (\\.\Root\Microsoft\Windows\DesiredStateConfigurationProxy) Access denied
WMI Browser: (\\.\Root\PEH) Access denied
WMI Browser: (\\.\Root\RSOP\Computer) Access denied
WMI Browser: (\\.\Root\RSOP\User) Access denied
WMI Browser: (\\.\Root\SECURITY) Access denied
WMI Browser: (\\.\Root\ServiceModel) Access denied
WMI Browser: (\\.\Root\ccm\CCMPasswordSettings) Access denied
WMI Browser: (\\.\Root\ccm\CIModels) Access denied
WMI Browser: (\\.\Root\ccm\CIStore) Access denied
WMI Browser: (\\.\Root\ccm\CITasks) Access denied
WMI Browser: (\\.\Root\ccm\CMBITSManager) Access denied
WMI Browser: (\\.\Root\ccm\ContentTransferManager) Access denied
WMI Browser: (\\.\Root\ccm\DCMAgent) Access denied
WMI Browser: (\\.\Root\ccm\Events) Access denied
WMI Browser: (\\.\Root\ccm\LocationServices) Access denied
WMI Browser: (\\.\Root\ccm\Messaging) Access denied
WMI Browser: (\\.\Root\ccm\NetworkConfig) Access denied
WMI Browser: (\\.\Root\ccm\PeerDPAgent) Access denied
WMI Browser: (\\.\Root\ccm\Policy) Access denied
WMI Browser: (\\.\Root\ccm\PowerManagementAgent) Access denied
WMI Browser: (\\.\Root\ccm\RebootManagement) Access denied
WMI Browser: (\\.\Root\ccm\ScanAgent) Access denied
WMI Browser: (\\.\Root\ccm\Scheduler) Access denied
WMI Browser: (\\.\Root\ccm\SettingsAgent) Access denied
WMI Browser: (\\.\Root\ccm\SoftMgmtAgent) Access denied
WMI Browser: (\\.\Root\ccm\SoftwareMeteringAgent) Access denied
WMI Browser: (\\.\Root\ccm\SoftwareUpdates) Access denied
WMI Browser: (\\.\Root\ccm\StateMsg) Access denied
WMI Browser: (\\.\Root\ccm\VulnerabilityAssessment) Access denied
WMI Browser: (\\.\Root\ccm\XmlStore) Access denied
WMI Browser: (\\.\Root\ccm\evaltest) Access denied
WMI Browser: (\\.\Root\cimv2\Security\MicrosoftTpm) Access denied
WMI Browser: (\\.\Root\cimv2\Security\MicrosoftVolumeEncryption) Access denied
WMI Browser: (\\.\Root\cimv2\mdm\dmmap) Access denied
It takes several minutes, because it doesn't quit until it's been satisfactorily denied on every class, and yes, PSS slows to a crawl while this is going on. Per the linked topic, you don't have to run anything. Just putting the command into the code editor starts the errors in the output window. Seems like primal sense is trying to read them all.
When I run PSS as an account with local admin, this doesn't happen. Please let us know if there's a way to turn off the WMI Browser function. I rarely run as admin because I can't get to our Git with that account.
One thing I noticed, however, is that with the admin account, it immediately gave me primal sense options for all my classes. With my standard account, after it (finally!) failed on every one, primal sense would work on subsequent GWMI commands. Maybe PSS is trying to read them 'too deep'? instead of just reading the class names? IDK... just a thought.