[Today’s post comes to us courtesy of Mark Stanfill]
By default, TMG disallows WMI traffic as part of its security hardening. However, the Microsoft IT Environment Health Scanner (direct download) requires WMI to collect data for its analysis. To work around this limitation, you must temporarily create an exception to allow the Health Scanner to successfully complete. On a default run, you will see an error like the one below:
To prevent this error, you must explicitly configure TMG to allow WMI traffic from the computer where you are running the IT Environment Health Scanner. The steps below show us running the Health Scanner from the Messaging Server for demonstration purposes, but the same principles apply to running the tool from any server or workstation.