Windows WMI discovery fails. How to troubleshoot this?

Please have a look to following video:

It covers following points that help Troubleshooting Windows WMI discovery failures:

1) Verify that the account used for the scan has sufficient permissions to do a complete discovery.

If the scan is using a credential proxy, the credential should have local Administrator rights on the target server.

If the scan is using an Active Directory proxy, the proxy service should be running as a domain authenticated account with local Administrator rights and the “log on as user” right on the target server.

Note: The documentation at Windows proxy permissions has details about WMI access in specific discovery methods and WMI access permissions.

2) Run a credential test. If the test fails, confirm the password by checking the "set password" box in the credential and re-typing it.

3) Discovery Appliance or Outpost scans port 135 to determine whether the port is open and therefore the target is likely to be a Windows host. If the port is open, then further discovery is undertaken using the Windows proxy or Outpost. If the port is blocked, no Windows discovery is attempted. 

To test this, open a command line on the Discovery scanner that initial the scan (Discovery Appliance or Outpost) and enter “telnet <target> 135”, where "<target>" is the IP Address of the Windows host to be discovered. 

4) Check for firewalls between the proxy and the target. Verify that required ports are open. Please note that Windows discovery requires more than just port 135 to be opened. 

For information on the ports used for Windows discovery, please refer to chapter "Windows ports used for discovery " in Network ports used for discovery communications.

5) Confirm network connectivity. From the proxy, test connection to the target using PING and TRACERT.

6) Confirm that WMI is active and working correctly on the target server.
Open Windows Command Prompt (CMD) and execute "wmic path Win32_Processor get /value" command to verify it returns no error.
In some cases, starting or restarting the WMI service on the target may be helpful.

7) Test WMI connectivity outside of Discovery using WMIC or WBEMtest tools.
If this test returns an error starting with 0x800, please refer to Discovery: A WMI scan or wmic fails with an error starting with "0x800". 

8) If WMI connectivity works using the WBEMTEST utility or WMIC command, but WMI still fails during a discovery scan, then increase the WMI timeout from the proxy/Outpost configuration and check the scan behavior. 

To increase the timeout: 

• • For Windows proxy:
    Go to Discovery UI > Manage > Credentials > Manage Windows Credential Proxy > <Windows_proxy> > WMI and set the timeout to 180 seconds or above. 
  • For Outpost: 
    Go to Outpost UI > Manage > Configuration > Use WMI and set the timeout to 180 seconds or above.

If increasing the WMI timeout resolves the scanning issue, consult the Windows team to determine why WMI is responding slowly. 

9) If the problem is still not resolved, do the following:

- Rescan the endpoint with Discovery and Proxy logs in debug mode
- Open a Support case and provide these logs. 
- Also, gather the Windows event logs (system, application, security) from the target system and the proxy machine at the time of failure, and provide these also.
- Include a list of all troubleshooting steps already done and their results.