about_WMI_Cmdlets - PowerShell


 

Provides background information about Windows Management Instrumentation (about_WMI_Cmdlets)

   
# TOPIC
about_WMI_cmdlets

# SHORT DESCRIPTION
Provides background information about Windows Management Instrumentation
(WMI) and Windows PowerShell.

# LONG DESCRIPTION
This topic provides information about WMI technology, the WMI cmdlets for
Windows PowerShell, WMI-based remoting, WMI accelerators,
and WMI troubleshooting. This topic also provides links to more information
about WMI.

About WMI

Windows Management Instrumentation (WMI) is the Microsoft implementation
of Web-Based Enterprise Management (WBEM), which is an industry
initiative to develop a standard technology for accessing management
information in an enterprise environment. WMI uses the Common Information
Model (CIM) industry standard to represent systems, applications,
networks, devices, and other managed components. CIM is developed and
maintained by the Distributed Management Task Force (DMTF). You can use
WMI to manage both local and remote computers. For example, you can use
WMI to do the following:

-- Start a process on a remote computer.

-- Restart a computer remotely.

-- Get a list of the applications that are installed on a local or
remote computer.

-- Query the Windows event logs on a local or remote computer.

The WMI Cmdlets for Windows PowerShell

Windows PowerShell implements WMI functionality through a set of cmdlets
that are available in Windows PowerShell by default. You can use these
cmdlets to complete the end-to-end tasks necessary to manage local and
remote computers.

The following WMI cmdlets are included.

Cmdlet Description
------------------ ----------------------------------------------
Get-WmiObject Gets instances of WMI classes or information
about the available classes.

Invoke-WmiMethod Calls WMI methods.

Register-WmiEvent Subscribes to a WMI event.

Remove-WmiObject Deletes WMI classes and instances.

Set-WmiInstance Creates or modifies instances of WMI classes.

Sample Commands

The following command displays the BIOS information for the local
computer.

C:\PS> get-wmiobject win32_bios | format-list *

The following command displays information about the WinRM service
for three remote computers.

C:\PS> get-wmiobject -query "select * from win32_service where name='WinRM'" -computername server01, server01, server03

The following more complex command exits all instances of a program.

C:\PS> notepad.exe
C:\PS> $np = get-wmiobject -query "select * from win32_process where name='notepad.exe'"
C:\PS> $np | remove-wmiobject

WMI-Based Remoting

While the ability to manage a local system through WMI is useful, it is
the remoting capabilities that make WMI a powerful administrative tool.
WMI uses Microsoft's Distributed Component Object Model (DCOM) to
connect to and manage systems. You might have to configure some systems
to allow DCOM connections. Firewall settings and locked-down DCOM
permissions can block WMI's ability to remotely manage systems.

WMI Type Accelerators

Windows PowerShell includes WMI type accelerators. These WMI type
accelerators (shortcuts) allow more direct access to a WMI objects
than a non-type accelerator approach would allow.

The following type accelerators are supported with WMI:

[WMISEARCHER] - A shortcut for searching for WMI objects.

[WMICLASS] - A shortcut for accessing the static properties
and methods of a class.

[WMI] - A shortcut for getting a single instance of a class.

[WMISEARCHER] is a type accelerator for a ManagementObjectSearcher.
It can take a string constructor to create a searcher that you can then
do a GET() on.

For example:

PS> $s = [WmiSearcher]'Select * from Win32_Process where Handlecount > 1000'
PS> $s.Get() |sort handlecount |ft handlecount,__path,name -auto

handlecount __PATH name
----------- ------ ----
1105 \\SERVER01\root\cimv2:Win32_Process.Handle="3724" powershell...
1132 \\SERVER01\root\cimv2:Win32_Process.Handle="1388" winlogon.exe
1495 \\SERVER01\root\cimv2:Win32_Process.Handle="2852" iexplore.exe
1699 \\SERVER01\root\cimv2:Win32_Process.Handle="1204" OUTLOOK.EXE
1719 \\SERVER01\root\cimv2:Win32_Process.Handle="1912" iexplore.exe
2579 \\SERVER01\root\cimv2:Win32_Process.Handle="1768" svchost.exe

[WMICLASS] is a type accelerator for ManagementClass. This has a
string constructor that takes a local or absolute WMI path to a WMI
class and returns an object that is bound to that class.

For example:

PS> $c = [WMICLASS]"root\cimv2:WIn32_Process"
PS> $c |fl *
Name : Win32_Process
__GENUS : 1
__CLASS : Win32_Process
__SUPERCLASS : CIM_Process
__DYNASTY : CIM_ManagedSystemElement
__RELPATH : Win32_Process
__PROPERTY_COUNT : 45
__DERIVATION : {CIM_Process, CIM_LogicalElement, CIM_ManagedSystemElement}
__SERVER : SERVER01
__NAMESPACE : ROOT\cimv2
__PATH : \\SERVER01\ROOT\cimv2:Win32_Process

[WMI] is a type accelerator for ManagementObject. This has a string
constructor that takes a local or absolute WMI path to a WMI instance
and returns an object that is bound to that instance.

For example:

PS> $p = [WMI]'\\SERVER01\root\cimv2:Win32_Process.Handle="1204"'
PS> $p.Name
OUTLOOK.EXE

WMI Troubleshooting

The following problems are the most common problems that might occur
when you try to connect to a remote computer.

Problem 1: The remote computer is not online.

If a computer is offline, you will not be able to connect to it by
using WMI. You may receive the following error message:

"Remote server machine does not exist or is unavailable"

If you receive this error message, verify that the computer is online.
Try to ping the remote computer.

Problem 2: You do not have local administrator rights on the remote
computer.

To use WMI remotely, you must have local administrator rights on the
remote computer. If you do not, access to that computer will be denied.

To verify namespace security:

a. Click Start, right-click My Computer, and then click Manage.

b. In Computer Management, expand Services and Applications,
right-click WMI Control, and then click Properties.

c. In the WMI Control Properties dialog box, click the Security tab.

Problem 3: A firewall is blocking access to the remote computer.

WMI uses the DCOM (Distributed COM) and RPC (Remote Procedure Call)
protocols to traverse the network. By default, many firewalls block
DCOM and RPC traffic. If your firewall is blocking these protocols,
your connection will fail. For example, Windows Firewall in Microsoft
Windows XP Service Pack 2 is configured to automatically block all
unsolicited network traffic, including DCOM and WMI. In its default
configuration, Windows Firewall rejects an incoming WMI request, and
you receive the following error message:

"Remote server machine does not exist or is unavailable"

More Information about WMI

For more information about WMI, see the following topics in the MSDN
(Microsoft Developer Network) library:

"About WMI:
http://go.microsoft.com/fwlink/?LinkId=142212

"WMI Troubleshooting"
http://go.microsoft.com/fwlink/?LinkId=142213

And, see "Secrets of Windows Management Instrumentation - Troubleshooting
and Tips" in the Microsoft TechNet Script Center:

http://go.microsoft.com/fwlink/?LinkId=142214

SEE ALSO
Online version: http://go.microsoft.com/fwlink/?LinkId=142219
Get-WmiObject
Invoke-WmiMethod
Register-WmiEvent
Remove-WmiObject
Set-WmiInstance

C:\Windows>powershell get-help about_WS-Management_Cmdlets -full

ColorConsole [Version 1.7.1000] PowerShell 2.0-Export
Microsoft Windows [Version 6.1.7600]
Copyright (c) 2014 Microsoft Corporation.

OS: Windows 10, 8.1, 8, 7, Vista / Windows Server 2016, 2012, 2008
»»»» ColorConsole








Windows-10





Windows-10

... facebook.de
... Windows-10 FAQ
... Windows-10 Info


Become a Sponsor
... Your button here?





PowerShell: Provides background information about Windows Management Instrumentation

HTTP: ... PS_Windows/en/about_WMI_Cmdlets.htm
0.156
15215

How to change the activation key to activate Windows 10, 8.1, Seven?

 /

Windows 10 Zwischenablage funktioniert nicht mehr, was habe ich falsch gemacht?

 /

For what the flipped and rotated image search?

 /

Desktop shortcut for windows 8.1 / 10 fax and scan or pin to start or task-bar!

 /

Bug with time zones / summer time!

 /

Extra traces on Windows 10 / 8.1, ... leave behind!

 /

The Quad-Explorer for Windows 10!

 /

Quad-Directory Explorer View, can I select multiple files by using checkbox?

 /

Skalieren der Größe von Text, Symbolen und Apps in Windows 10?

 /

Where are fonts stored in Windows 10 and the font folder location?

 /

Open and customize default programs settings in Windows 8/8.1/10 for fileextensions, formats, types?

 /

To download the latest version Of Windows 10, but where?

 /