Hello,
I'm a little confused about how Windows validates credentials within ServiceNow.
I'm trying to create a PowerShell step in a custom action with inline credentials for WinRM, but the script consistently fails with an "Access Denied" error. Running the script directly using the MID Server Service User works perfectly. Digging deeper, I discovered that PSSteps apparently trigger a Windows credential validation via WMI.
Here's the specific command used:
gwmi win32_operatingsystem -computer $computer -credential $cred -impersonation 3 -authentication 6 -EA "Stop"
https://www.servicenow.com/docs/bundle/xanadu-integrate-applications/page/product/orchestration/refe...
While gwmi is an alias for Get-WmiObject, it uses the older DCOM-based WMI method, which is considered obsolete since PowerShell 3.0 (released over a decade ago). Our internal configuration reflects this, with DCOM disabled on all machines, firewalls blocking DCOM traffic, and IPS monitoring it.
In my opinion the validation should use something like:
Test-WSMan -ComputerName $computer -Credential $cred -ErrorAction Stop
So, my question is: Am I missing something here? Is there a modern WinRM approach for ServiceNow to handle credential validation? Does ServiceNow still rely on DCOM for basic Windows functionality?
