i created a user and added it to administrators group. when i open powershell normally ( not as administrator ) and type get-wmiobject, i get access denied. what i done
- ran wmi control, added user specifically and granted full access
- added user to Distributed COM users and granted full permissions
- opened GPO and added user to Local Sec policy > Computer Configuration > Windows Settings > Security Settings > Local policies > Security Options > DCOM: Machine Access Restrictions in Security Descriptor Definition Language syntax
when i open PowerShell as admin, type get-wmiobject -namespace root\wmi -class Lenovo firmware setting ( can be any that requires elevation ) , it works. then while session is active, it works when PowerShell is run without administrative access.
What am I missing so I can call wmi without elevating the console?