Fix Pack

PowerShell session

To discover Windows computer systems, you can use either the WMI or the PowerShell session. In comparison to the WMI session, with the PowerShell session TADDM sends fewer requests to access target systems, which reduces the number of events that are logged. The PowerShell session can be used only with the script-based sensors. If you want to start using the PowerShell session, you must enable it because it is disabled by default.

You can use both sessions at the same time. If you are running regular and script-based discoveries, you cannot disable the WMI session because the regular discovery fails without it. However, you can prioritize the usage of the PowerShell session.
Important: If you run only regular discoveries, PowerShell session is not supported.
You can control the usage and prioritization of the PowerShell session by using the following properties:
  • Fix Pack
  • Fix Pack
  • Fix Pack
  • com.collation.PowerShellAccessEnabled=false
  • com.collation.WmiAccessEnabled=true
  • com.collation.PreferPowerShellOverWMI=true
  • com.collation.PowerShellPorts=5985,5986
  • com.collation.PowerShellTimeoutFudge=10000
  • Fix Pack
To enable the PowerShell session, set the com.collation.PowerShellAccessEnabled property to true. The PowerShell session is preferred over the WMI session by default.

To learn more about these properties, see Configuring the file entries for the Windows computer system sensor.

Note: In a very specific case, when you configured your firewall to allow communication via PowerShell session only, you must open PowerShell ports and configure the Ping sensor property. For details, see Configuring for discovery through a firewall without an anchor.

Example scenarios

Depending on how you discover your Windows target systems, you can configure the preceding properties in the following ways.
  • You are using only the sensors that support script-based discovery. In such case, you can enable PowerShell session by setting the com.collation.PowerShellAccessEnabled property to true and disable the WMI session by setting the com.collation.WmiAccessEnabled property to false. However, when PowerShell is not available, the session and discovery fails.
  • You are using sensors that support script-based and regular discovery. In such case, do not disable the WMI session, because it results in the failure of the regular discovery. Enable the PowerShell session by setting the com.collation.PowerShellAccessEnabled property to true. To establish the PowerShell session whenever possible, do not change the default value of the com.collation.PreferPowerShellOverWMI property. In such case, TADDM creates a hybrid session that is capable to use both PowerShell and WMI functions. The WMI session is used only when the PowerShell session is not capable to execute tasks that are requested by the regular sensors.