Encrypting Data When Running WMI–Based Remote Administration Scripts (IIS 6.0)
WMI-based administration scripts operating on an IIS server over a remote connection send data over the network in clear text. You can enhance security by modifying WMI-based administration scripts to establish an encrypted remote connection.
For Windows Server 2003 with Service Pack 1 (SP1), WMI-based remote administration scripts must be modified to encrypt authentication credentials and data as outlined in this topic. If you do not modify the scripts, they will fail.
Use one of the following two methods to establish an encrypted remote connection:
To establish an encrypted connection to a remote server when an administrator user name and password must be provided, use the ConnectServer method to connect to the server, and then set the AuthenticationLevel property to encrypt the connection. The following code example illustrates this.
The ConnectServer call encrypts the administrator user name and password.
You must be a member of the Administrators group on the local computer to run scripts and executables. As a security best practice, log on to your computer by using an account that is not in the Administrators group, and then use the runas command to run your script or executable as an administrator. At a command prompt, type runas /profile /User:MyComputer\Administrator cmd to open a command window with administrator rights and then type cscript.exeScriptName (include the script's full path and any parameters).
var locatorObj=new ActiveXObject("WbemScripting.SWbemLocator"); provObj=locatorObj.ConnectServer(Server_Name,"root/MicrosoftIISv2", AdministratorUserName, AdministratorPassword); var wbemAuthenticationLevelPktPrivacy=6; provObj.Security_.AuthenticationLevel=wbemAuthenticationLevelPktPrivacy;
To establish an encrypted connection to a remote server when an administrator user name and password do not need to be provided, use the GetObject function, and then set the AuthenticationLevel property to pktPrivacy. The following code example illustrates this.