Configuring remote systems for use with WhoCrashed
In order to allow WhoCashed perform analysis of a remote computer on the network, the remote system must be accessible and configured accordingly.
Access to admin shares
The user who is running WhoCrashed should have acess to the admin shares on the remote machine to be analyzed so that
the crash dump files on the remote machine can be accessed by WhoCrashed. If the remote system is running Windows 8 or Windows
2012 Server, the remote admin share is disabled by default and needs to be explicitly enabled.
Enabling the remote system for WMI
In addition to remote admin share access, WhoCrashed requires that a remote system is configured for WMI for crash dump analysis to succeed. On Windows Vista and
later operating systems, this normally involves creating an exception for WMI in the Firewall applet which is accessible from
the control panel. For more information, refer to the following MSDN article:
Connecting to WMI Remotely Starting with Windows Vista