This guide will show you how to Enable and Disable WMI Traffic through Windows CMD. If you want to enable or disable a particular Windows management Instrumentations (WMI) traffic rule, you can use a special command that targets only the service you wish to activate or deactivate. To enable or disable all WMI traffic rules at once see Remote WMI Connection: How to Enable or Disable WMI Traffic at Command Prompt Using WMI Rule Group.

In this guide, we will see how to enable and disable specific WMI traffic rules through the command prompt.

Here are other related guides: Windows Management Instrumentation: WMI Commands, How to enable or disable a Remote WMI Connection in Windows, and Windows Management Instrumentation Commands.

Configuring Independent Guidelines

To use separate commands for each DCOM, WMI service, and sink, open the Start Menu by pressing the Windows key on your computer, then search for cmd and run the command prompt as administrator.

Then, to enable particular WMI traffic, copy and paste any of the commands listed below. To establish a firewall exception for DCOM port 135, use the following command:

netsh advfirewall firewall add rule dir=in name="DCOM" program=%systemroot%\system32\svchost.exe service=rpcss action=allow protocol=TCP localport=135

This command returns OK, which indicates that the operation was successful. To establish a firewall exception for the WMI service, use the following command:

netsh advfirewall firewall add rule dir=in name ="WMI" program=%systemroot%\system32\svchost.exe service=winmgmt action = allow protocol=TCP localport=any

This command returns OK, which indicates that the operation was successful. To establish a firewall exception for the sink that receives callbacks from a remote computer, use the following command:

netsh advfirewall firewall add rule dir=in name ="WMI" program=%systemroot%\system32\svchost.exe service=winmgmt action = allow protocol=TCP localport=any

This command returns OK, which indicates that the operation was successful.

To establish a firewall exception for outgoing connections to a remote computer that the local computer is communicating with asynchronously, use the following command:

netsh advfirewall firewall add rule dir=out name ="WMI_OUT" program=%systemroot%\system32\svchost.exe service=winmgmt action=allow protocol=TCP localport=any

This command returns OK, which indicates that the operation was successful.

Please see see how to query a list of installed programs in Windows via Windows Settings, Control Panel, WMIC, PowerShell and Windows Registry, and How to setup and configure Remote Desktop Services via Standard Deployment on Windows Server.

Configuring Windows Management Instrumentation with Individual Rules

Run the command prompt as administrator. Then copy and paste any of the below commands to disable a specific WMI traffic rule. To disable the DCOM exception:

netsh advfirewall firewall delete rule name="DCOM"

The command returns Deleted 1 rule(s), then Ok. To disable the WMI service exception:

netsh advfirewall firewall delete rule name="WMI"

The command returns Deleted 1 rule(s), then Ok. To disable the sink exception:

netsh advfirewall firewall delete rule name="UnsecApp"

To enhance system management, and enable WMI traffic. When executed, the command yields “Deleted 1 rule(s), then Ok.” If needed, disable the outgoing exception:

netsh advfirewall firewall delete rule name="WMI_OUT"

The command returns Deleted 1 rule(s), then Ok.

I hope you found this blog post on how to Enable and Disable WMI Traffic through Windows CMD helpful. If you have any questions, please let me know in the comment session.