TECHNOLOGY

Working with WMI classes and objects – PowerShell and Windows Management Instrumentation (WMI)

Albert0 Comments
Working with WMI classes and objects - PowerShell and Windows Management Instrumentation (WMI)

When working with WMI classes and objects in PowerShell, there are several key concepts to keep in mind:

  1. WMI Class: A WMI class is a representation of a specific type of system information. For example, the Win32_OperatingSystem class corresponds to the operating system on the computer. Each class has properties that contain specific information about that class. You can use classes to query and retrieve system information.
  2. Get-WmiObject (or Get-CimInstance): The Get-WmiObject cmdlet (or Get-CimInstance in newer versions of PowerShell) is used to retrieve instances of a specific WMI class. For example, to retrieve information about the operating system, you can use the following command:
   Get-WmiObject -Class Win32_OperatingSystem
  1. Property: A property represents a specific attribute of a WMI object or class. For example, the Version property of the Win32_OperatingSystem class represents the version of the operating system. You can access properties using dot notation, like $object.PropertyName.
  2. Method: A method is an action you can perform on a WMI object or class. Methods are typically used to perform tasks or actions, such as starting or stopping a service. You can invoke methods on WMI objects using the Invoke-WmiMethod cmdlet. For example, to shut down the computer, you can use the following command:
   Invoke-WmiMethod -Class Win32_OperatingSystem -Name Shutdown
  1. WMI Namespace: WMI classes are organized into namespaces, which provide a way to group related classes together. The default namespace for WMI is root\cimv2. You can specify a namespace when querying or using WMI classes in PowerShell.
  2. Filtering: You can use the -Filter parameter with Get-WmiObject or Get-CimInstance to filter the results based on specific criteria. For example, to get information about processes with a specific name, you can use the following command:
   Get-WmiObject -Class Win32_Process -Filter "Name='processName'"
  1. Updating Objects: To update the values of properties in a WMI object, you can use the Set-WmiInstance cmdlet. For example, to change the caption of the operating system, you can use the following command:
   $operatingSystem = Get-WmiObject -Class Win32_OperatingSystem
   $operatingSystem.Caption = "New Caption"
   $operatingSystem.Put()

These concepts should help you understand the basics of working with WMI classes and objects in PowerShell. By leveraging these concepts, you can query, retrieve, and update system information using WMI in PowerShell effectively.

Working with WMI classes and objects in PowerShell allows you to retrieve and manipulate system information in a structured manner. Here’s an overview of how you can interact with WMI classes and objects using PowerShell:

Retrieving WMI Class Information:
PowerShell provides the Get-WmiObject cmdlet (or Get-CimInstance in newer PowerShell versions) to retrieve information from WMI classes. You can use this cmdlet to query specific classes and retrieve instances of those classes.

For example, to retrieve information about the network adapters on a system using the Win32_NetworkAdapter class, you can use the following command:


Get-WmiObject -Class Win32_NetworkAdapter

This command retrieves all instances of the `Win32_NetworkAdapter` class, providing details such as the adapter name, MAC address, speed, and more.

Accessing WMI Object Properties:
Once you have retrieved WMI objects, you can access their properties to retrieve specific information. PowerShell allows you to access the properties using the dot notation or the Select-Object cmdlet.

For example, to retrieve the name and description of a network adapter, you can use the following command:


$adapter = Get-WmiObject -Class Win32_NetworkAdapter | Where-Object { $_.Name -like "*Ethernet*" }
$adapter.Name
$adapter.Description

This code retrieves the network adapter with a name containing “Ethernet” and displays its name and description.

Working with WMI Object Methods:
WMI classes often contain methods that allow you to perform actions on the associated objects. PowerShell enables you to invoke these methods using the Invoke-CimMethod cmdlet.

For example, the Win32_Process class has a Terminate method that allows you to end a running process. To terminate a process with a specific Process ID (PID), you can use the following code:


$process = Get-WmiObject -Class Win32_Process | Where-Object { $_.ProcessId -eq 1234 }
$process.Terminate()

This code retrieves the process with the specified PID and terminates it by invoking the `Terminate` method.

Filter WMI Objects:
PowerShell provides the Where-Object cmdlet to filter WMI objects based on specific conditions. You can use this cmdlet to narrow down your results based on property values.

For example, to retrieve only the running processes with a specific name, you can use the following code:


Get-WmiObject -Class Win32_Process | Where-Object { $_.Name -eq "explorer.exe" }

This code retrieves the running processes with the name “explorer.exe”.
These are some basic techniques for working with WMI classes and objects in PowerShell. You can explore the extensive WMI class library and their associated properties and methods to gather system information, perform management tasks, and automate administrative operations on Windows systems.

SHARE
By Albert

Leave a Reply

Your email address will not be published. Required fields are marked *

No widgets found. Go to Widget page and add the widget in Offcanvas Sidebar Widget Area.