[This is preliminary documentation and subject to change.]
The WBEM User Manager can be used in conjunction with the Windows NT User Manager to create user accounts and groups that provide the following security:
Windows NT systems include two built-in groups that can be used to manage WBEM security:
All users who belong to this group have full local and remote access to the CIM Object Manager (CIMOM). Full access means read/write/delete access to all CIM objects in all namespaces (including ROOT\SECURITY). Users with access to ROOT\SECURITY can change security information.
This group is created immediately after installing WBEM, when CIMOM starts. By default, this group contains no members and provides read-only access to all namespaces except ROOT\SECURITY.
You can manage most access to CIMOM by controlling the membership of these two groups using the Windows NT User Manager.
You can use the WBEM User Manager to create groups with combinations of permissions different from those provided by the built-in groups. You can also create individual users, if needed.