Export (0) Print
Expand All

WMI Provider Hosting

Updated: August 5, 2011

Applies To: Windows Server 2008 R2

WMI resides in a shared service host with several other services. To avoid stopping all of the services when a provider fails, providers are loaded into a separate host process named "Wmiprvse.exe." More than one process with this name can be running. Each can run under a different account with different security. For computers running on the Vista operating system, use the winmgmt command to run WMI in a separate process, by itself, using a fixed port.

The shared host can run under one of the following system accounts in a Wmiprvse.exe host process:

  • LocalSystem
  • NetworkService
  • LocalService

A provider can also be a local COM server (.exe), or self-hosted, which does not require a WMI provider host.

Events

Event ID Source Message

63

Microsoft-Windows-WMI

The %1 provider has been registered in the WMI namespace, %2, to use the LocalSystem account. This account is privileged and the provider may cause a security violation if it does not correctly impersonate user requests.

Related Management Information

WMI Service

Management Infrastructure

Was this page helpful?
(1500 characters remaining)
Thank you for your feedback

Community Additions

ADD
Show:
© 2014 Microsoft