PowerShell Ezine, Logon Scripts

Guy's Scripting Ezine 9 - WMI Part 1

Contents of Guy's Scripting Ezine 9 - WMI Part 1

Note, See more on WMI a whole section here

Why and where you can use WMI scripts

Why bother to learn WMI (Windows Management Instrumentation) scripting?  Well here are four reasons.

  1. You want change settings automatically - say at logon. 
  2. You want to gather operating system information on a remote machine - There is no easy interface.
  3. Save repetitive tasks - change a department name. 
  4. To me the best reason is because WMI scripting is the way of the future.

 

This week's secret

To master WMI, you really need to read three different accounts, or have three different people explain the concepts behind WMI.  For now you will have to make do with Guy wearing three different hats.

Mr Deep Theory

The operating system knows everything!  When you think about it, Windows Server 2003 or XP must know how much memory each process is using.  When it booted, the operating system checked on which services need to start and in which order.  It made sense for Microsoft to produce a monitor or manager which could share such information on system resources, well that monitor is WMI.

The final link in our chain is VBScript.  We right lines of code which gather system information, or we write scripts which can control the registry or Active Directory.  Well thank you Mr Deep Theory, that is enough for this week.

Mr Infrastructure Manager

Let us take stock of WMI.  Here are there are 4 components:

CIMOM CIM Repository Providers WMI
Script Library "winmgmts"
 

Common Information Object Manager

 

  

Schema for dynamic resources

  

Active Directory

Registry

Event Log

Win32

  

Consistent model to read or modify objects.  Supports VBScript, Jscript and ActivePerl
Keyword - Manager Keyword - Schema Key concept - service Key concept - interpreter

 

Mr Vis Basic

What is interesting about the Providers, is their namespaces.  From other of my scripts you may have already seen 'root\cimv2'.  This is a portal to the Event Log and all the Win 32 processes.  Active Directory can be found through root\directory\ldap.

Perhaps you remember this script from Ezine 6?  Let us dissect some of the relevant terms.  (If you do run this script, be patient, it takes ages to check through a big log.)

WMI Tip  For much more on WMI, see my WMI Section here.

ˆ

Script - revisited:

'VBScript to check the System Event log for Improper Shutdowns.

strComputer = "."
Set objWMIService = GetObject("winmgmts:" _
& "{impersonationLevel=impersonate}!\\" & strComputer & "\root\cimv2")
Set colLoggedEvents = objWMIService.ExecQuery _
("Select * from Win32_NTLogEvent Where Logfile = 'System' and " _
& "EventCode = '6008'")
Wscript.Echo "Improper shutdowns: " & colLoggedEvents.Count
 

 

  1. strComputer = "."   This means use the current machine.  You could substitute strComputer = "BigServer"  (Where BigServer = a remote server)
  2. "winmgmts" is an alias for the script library.  Set objWMIService = GetObject("winmgmts:" _   Here the script contacts the WMI manager and connects to the that library. 
  3. " & strComputer & "\root\cimv2".  This phrase contacts the Event Log Provider cimv2 (the default is root\default).  If you needed to access Active Directory, then the reference would \root\default\ldap, instead of \root\cimv2.

This week's script

The idea behind this week's script is to persuade WMI to interrogate the operating system.  We are going to discover facts that are not easily found by browsing through GUIs.   There is no one interface that displays all the information created by the script.  However the actual data is not important, what is exciting is that thanks to scripting, we can interrogate Windows Server 2003 in any way that we wish.

If the output gives you just one idea for a script of you own then I will be happy.  My point is, that there is no need to collect ALL this data, however, one or two items in the output may spark an idea for a new project.

Instructions.

This week I urge you to type this script rather than copy paste.  Now I don't often make this request, but to get the feel of what is going on I exhort you to print it out and type it in, just to get an understanding of what the script is achieving.  Dare I say, if you get the odd syntax error, then you will learn even more.

Script 1 (Short)

'

' VBScript to interrogate the operating system
strComputer = "."
set objWMIService = GetObject("Winmgmts:\\" & strComputer)
set colOperatingSystems = objWMIService.InstancesOf("win32_OperatingSystem")
For each objOperatingSystem In colOperatingSystems
WScript.echo "Name : " & objOperatingSystem.name & vbCRLf & _
"Free Virt Mem : " & objOperatingSystem.freevirtualmemory & vbcrlf & _
"Current Users : " & objOperatingSystem.numberofusers & vbcrlf
Next
 

 

 Learning Points from the WMI Script

  1. strComputer = "."  I expect you remember that this means - local machine.  I challenge you to change the "." to the name of different computer on your network.
  2. set objWMIService   This is different from logon scripts which begin - Set WshShell  Here we connect to WMI rather than prepare a network shell connection.
  3. InstancesOf  This is useful Method to case the win32_OperatingSystem object.
  4. For each ....... next.  Creates a loop to keep checking the OperatingSystem object.
  5. Col refers to a 'Collection', similar to an array.  Note error 800A01C3, means that you misspelled OperatingSystems or for get the final 's'.
  6. WScript.echo  is an old friend to produce a message box.
  7. & VBCRLF   This is useful control feature to produce a carriage return.
  8. Beware if you copy and paste to reorder the lines, the last line has a shorter ending that the others. & vbcrlf is correct  (not & vbcrlf & _)

Script 2 (Full)

Do copy and paste this fuller version.  Unless you are feeling virtuous, in which case just type in the extra lines!

'

' VBScript to interrogate the operating system
strComputer = "."
set objWMIService = GetObject("Winmgmts:\\" & strComputer)
set colOperatingSystems = objWMIService.InstancesOf("win32_OperatingSystem")
For each objOperatingSystem In colOperatingSystems
WScript.echo "Name : " & objOperatingSystem.name & vbCRLf & _
"CS Name : " & objOperatingSystem.csname & vbcrlf & _
"Caption : " & objOperatingSystem.caption & vbcrlf & _
"Version : " & objOperatingSystem.version & vbcrlf & _
"OS Type : " & objOperatingSystem.OsType & vbcrlf & _
"Service Pack : " & objOperatingSystem.ServicePackMajorVersion & vbcrlf & _
"Locale : " & objOperatingSystem.Locale & vbcrlf & _
"Time Zone : " & objOperatingSystem.CurrentTimeZone & vbcrlf & _
"Install Date : " & objOperatingSystem.installdate & vbcrlf & _
"Boot Device : " & objOperatingSystem.BootDevice & vbcrlf & _
"Free Phys Mem : " & objOperatingSystem.freephysicalmemory & vbcrlf & _
"Free Virt Mem : " & objOperatingSystem.freevirtualmemory & vbcrlf & _
"Current Users : " & objOperatingSystem.numberofusers & vbcrlf
Next

Troubleshooting Resources

 

ˇ

Ezine 10 - WMI Part 2

This week I just wanted to give you a taster of what WMI can do.  In the next Ezine I will show you how to choose objects like OperatingSystem, and where you can get a list of properties like InstallDate or FreePhysicalMemory.

WMI Tip  For much more on WMI, see my WMI Section here.

Computer Training Software - Recommended Training VideosGuy Thomas recommends Computer Training Software

Their topics and material are ideal for getting you started with VBScript.  The videos are easy to follow and you can control the pace.  Try their free demo material and then see if you want to buy the full package. See more about VB Script Training CD.

 *

Google

Webcomputerperformance.co.uk

GFi Events Manager

Guy Recommends: GFi EventsManager

Here is a solution to monitor, manage and archive thousands of events that are generated by devices across your entire network.  Get your free evaluation copy of GFI EventsManager.

 

Home Copyright © 1999-2008 Computer Performance LTD All rights reserved

Please report a broken link, or an error.