This article is intended for IT support.
Windows Management Instrumentation (WMI) receives logon events from the Domain Controller and can communicate authenticated users and machine identities to School Manager.
Before you begin
- Sync from your directory service or manually create Local Users and Groups in School Manager before enabling WMI.
- Complete the Enabling WMI to Work with School Manager.
We recommend you disable WMI Logging of machine login events when you do not need the logs. The Windows Event Viewer Logging will generate excess events in School Manager > Statistics > Realtime > Alerts and Events. Any failed login events will be recorded by machine name (with no associated user) in School Manager for WMI managed devices during the time logging is enabled.
Configuring WMI in School Manager
- Navigate to Configuration > Authentication > WMI
- Select Add Domain Controller.
- A new row will appear, select the Edit icon.
- Tick Enabled.
- Select Type. You can select from Radius NPS Logins or Domain Logins.
- Enter the Server IP address for your Domain Controller.
- Enter the Domain. For example domain.local
- Enter the Username of the service account.
- Enter the Password of the service account.
- You have the option to enter any User Exceptions. Any user selected here will not be authenticated. This is commonly used for Administrator accounts that run background scripts or processes. Any users entered will need to be comma-separated with no spaces.
- When complete, select Save.
Verify WMI Integration
- Log into the school’s network using a test user on a test device.
- In your Windows Administrative Tools, go to the Domain Controller Security logs.
- In the Windows Event Viewer, find the event code "4768" to verify the “Audit Success” matches the time you logged in with the test user.
Alternatively, in School Manager go to Statistics > Realtime > Alerts and Events and search for “provider.wmi.dc” events.
Please sign in to leave a comment.