Documenti di Didattica
Documenti di Professioni
Documenti di Cultura
Jeffery Hicks MCSE, MCT Principal Architect JDH Information Technology Solutions jhicks@jdhitsolutions.com
What is WMI?
n n n
Windows Management Instrumentation Based on Industry Standards Enterprise Management of hardware and software elements
WMI Overview
n n n
WMI Architecture
n n n n
WMI SDK
n n n n n
Documentation Sample scripts and applications Object Browser Event Registration/Event Viewer CIM Studio
Scripting WMI
WMI Paths SWebmLocator Monikers Properties & Methods
WMI Paths
n n n n
Security
n n n n
Impersonation levels
Name wbemImpersonationLevelAnonymous wbemImpersonationLevelIdentify wbemImpersonationLevelImpersonate Value 1 2 3 Moniker name Anonymous Identify Impersonate Meaning Hides the credentials of the caller. Calls to WMI may fail with this impersonation level. Allows objects to query the credentials of the caller. Calls to WMI may fail with this impersonation level. Allows objects to use the credentials of the caller. This is the recommended impersonation level for WMI Scripting API calls. Allows objects to permit other objects to use the credentials of the caller. This impersonation, which will work with WMI Scripting API calls but may constitute an unnecessary security risk, is supported only under Windows 2000.
wbemImpersonationLevelDelegate
Delegate
Authentication levels
Name wbemAuthenticationLevelDefault wbemAuthenticationLevelNone WbemAuthenticationLevelConnect WbemAuthenticationLevelCall WbemAuthenticationLevelPkt WbemAuthenticationLevelPktIntegrity WbemAuthenticationLevelPktPrivacy Value 0 1 2 3 4 5 6 Moniker name Default None Connect Call Pkt PktIntegrity PktPrivacy Meaning WMI uses the default Windows Authentication setting. Uses no authentication. Authenticates the credentials of the client only when the client establishes a relationship with the server. Authenticates only at the beginning of each call when the server receives the request. Authenticates that all data received is from the expected client. Authenticates and verifies that none of the data transferred between client and server has been modified. Authenticates all previous impersonation levels and encrypts the argument value of each remote procedure call.
Classes are abstract templates for managed objects Instances are real-world representations of a class.
SWbemLocator
Methods ConnectServer Properties Security
ConnectServer
oLoc=CreateObject(WbemScripting.SWbemLocator) owbemServices = oLoc.ConnectServer( strServer,strNameSpace,strUser,strPassword, strLocale,strAuthority)
Example Connect to server SRV01 with different credentials objwbemServices = objwbemLocator.ConnectServer( \\SRV01,Root\cimv2,AdminXP,Secret61Pass)
SWbemServices
Dim oLoc,oSwbemSvc Set oLoc=CreateObject(WbemScripting.SwbemLocator) Set oSwbemSvc=oLoc.ConnectServer oSwbemSvc.Security_.impersonationLevel=3
SWbemServices Methods AssociatorsOf DeleteAsync ExecNotificationQuery ExecQueryAsync InstancesOf ReferencesToAsync AssociatorsOfAsync ExecMethod ExecNotificationQueryAsync Get InstancesOfAsync SubclassesOf
JDH Information Technology Solutions
Monikers
With SWbemServices Dim oLoc,oSwbemSvc Set oLoc=CreateObject(WbemScripting.SwbemLocator) Set oSwbemSvc=oLoc.ConnectServer(MyServer) oSwbemSvc.Security_.impersonationLevel=3 Set oRef=oSwbemSvc.InstancesOf(Win32_LogicalDisk) With Moniker Dim oWMI Set oWMI=GetObject(winmgmts:{impersonationlevel= _ impersonate}!Myserver//root//cimv2:Win32_LogicalDisk _ =C:)
InstancesOf
Dim oWMI Set oWMI=GetObject("Winmgmts:").InstancesOf _ ("Win32_Process") for each item in oWMI wscript.echo item.Name & vbtab & item.Handle Next Set oWMI=Nothing
WQL
n n n n n
Subset of ANSI SQL Retrieval Only Data Queries Event Queries Schema Queries
WQL Examples
Dim objWMI,objSet strQuery="Select Name,Handle,WorkingSetSize, & _ ThreadCount,Priority FROM Win32_Process" Set objWMI=GetObject("winmgmts://") Set objSet=objWMI.ExecQuery(strQuery) For each x in objSet wscript.echo x.name & , & x.handle & , & _ x.Priority & , & x.WorkingSetSize & , & _ x.ThreadCount next
WMIC
n n n
WBEMDUMP
n n n
Part of WMI SDK C:\Program Files\WMI\Utilities Syntax: wbemdump [switches] [Namespace [Class|ObjectPath] ] wbemdump /Q [switches] Namespace QueryLanguage Query
WBEMDUMP
WBEMDUMP /S /E root\default WBEMDUMP /S /E /M /M2 root\default WBEMDUMP root\default foo WBEMDUMP root\default foo.name=\"bar\" WBEMDUMP /S2 /M root Dumps everything in root\default Dump all class & instance mofs Dumps all instances of the foo class Dumps one instance of the foo class Dumps mofs for all nonsystem classes in all NS's
System Information
n n n n
System Configuration
n n n n n
Installed Software Date and Time Free drive space Display Information Services
n n n n n
System Reboot
' Copyright (c) 1997-1999 Microsoft Corporation ' WMI Sample Script - System reboot (VBScript) ' Invokes the Reboot method of the Win32_OperatingSystem class ' NOTE: You must have the Shutdown privilege to successfully invoke the Shutdown method Set OpSysSet = GetObject("winmgmts:{(Shutdown)}//./root/cimv2").ExecQuery _ ("select * from Win32_OperatingSystem where Primary=true") for each OpSys in OpSysSet OpSys.Reboot() next
Remote Shutdown
Copyright (c) 1997-1999 Microsoft Corporation WMI Sample Script - REMOTE system shutdown (VBScript) Invokes the Shutdown method of the Win32_OperatingSystem class. Fill in REMOTE_SYSTEM_NAME with the name of the ' remote system to shutdown. NOTE: You must have the RemoteShutdown privilege to successfully invoke the Shutdown method Set OpSysSet = GetObject("winmgmts:{(Debug,RemoteShutdown)}//REMOTE_SYSTEM_ NAME/root/cimv2").ExecQuery("select * from Win32_OperatingSystem where Primary=true") for each OpSys in OpSysSet OpSys.Shutdown() next
JDH Information Technology Solutions
Enable DHCP
Copyright (c) 1997-1999 Microsoft Corporation WMI Sample Script - Enable DHCP on adapter (VBScript) This script demonstrates how to enable DHCP use on instance of Win32_NetworkAdapterConfiguration. In this case we specify the adapter with an Index of 0. The correct index should be selected from Win32_NetworkAdapter instances for other interfaces. Supported on NT platforms only Set Adapter = GetObject("winmgmts:Win32_NetworkAdapterConfiguration=0") RetVal = Adapter.EnableDHCP() if RetVal = 0 then WScript.Echo "DHCP Enabled" else WScript.Echo "DHCP enable failed" end if
JDH Information Technology Solutions
Event Notification
n
n n n n
Occurrences of Interest in the managed world Changes to the CIM Repository Event Providers Event Consumers Temporary vs Permanent Subscriptions
JDH Information Technology Solutions
Synchronous Notification
n n
Script halts until query is complete ExecNotificationQuery method to execute Next method to block
Asynchronous Notification
n n n n
Script Execution continues Able to register for multiple events ExecNotificationQueryAsync Requires IWebmSinkObject
Sinks
n
Event Providers
Win32_NTLogEvent SNMP Registry Select * from _InstanceCreationEvent WITHIN 30 where TargetInstance ISA Win32_Process
JDH Information Technology Solutions
Polling interval
Monitoring Applications
n n n n n n
Specific NT Event Log CPU Usage Disk Space Usage Services stopping and starting Processes starting and stopping Dont forget to CANCEL
JDH Information Technology Solutions
Other Applications
n n
Other Applications
Additional Resources
n
Online
Additional Resources
n
Microsoft Courses
Course 2433 - Microsoft Visual Basic Scripting Edition and Microsoft Windows Script Host Essentials Course 2439 - Scripting Using Microsoft Windows Management Instrumentation
Additional Resources
n
Books
WMI Essentials for Automating Windows Management Marcin Policht Windows Management Instrumentation Matthew Lavey & Ashley Meggitt Scripting Windows 2000 - Jeffrey Honeyman Managing Enterprise Systems with Windows Script Host Stein Borge
jhicks@jdhitsolutions.com