Understanding the Windows Management Instrumentation (WMI)
Windows Management Instrumentation, otherwise known as WMI, provides a standard interface in order to allow interaction with Windows-based system regardless of the hardware and Windows version. In this tutorial, you will learn what Windows Management Instrumentation (WMI) is and how to interact with it.
Setup
If you have not already done so, click open Windows PowerShell ISE.
The Concept:
There is a particular order to WMI, a hierarchy if you will. At the bottom we have the Managed Objects, which are the things you interact with like physical devices on the system (memory, DVD-ROM drive, etc). At the very top of the hierarchy we have the Management Applications, which are the programs and scripts that we use and in between the two, is the WMI Management Infrastructure, which is the actual thing we interact with. It is made of two components: CIM Object Manager (CIMOM) and the CIMOM Repository. The repository contains a list of objects you can use to interact with the system. The actual CIMON is in charge of providing us a standard method for interacting with the system.
Step one.
Every object that WMI exposes is available through a namespace. Namespaces
are naming conventions that uniquely identify a class (the definition of an
object). They provide an easier way to group related classes together. A
majority of the WMI classes that we work with are stored in the root\CIMV2
namespace.
To find out what WMI namespaces are defined within your system, follow the
steps listed below:
1. Choose Start, Run.
2. Enter wmimgmt.msc and press OK
3. Right-click WMI Control (local) and select Properties.
4. Click the Security tab.
5. Double-click the Root folder to see the entire namespace tree.
The window will appear as follows:
This is called the WMI MMC snap-in.
Step two.
WMI gives you the ability to query and make changes to managed objects locally as well as remotely. This being said, automatically one thing comes to mind, security. You can actually set the security using the same WMI MMC snap-in. All that needs to be done is the selection of the namespace and click the security button.
Below is a table of specific permissions you can allow or deny for the namespaces:
|
Permission |
Description |
|
Execute Methods |
Allows running of methods provided by WMI classes. |
|
Full Write |
Full permission to read, write, and even delete all WMI classes and instances. |
|
Partial Write |
Write access to static WMI objects. |
|
Provider Write |
Write access to objects provided by providers. |
|
Enable Account |
Read access to WMI objects. |
|
Remote Enable |
Remote access to WMI objects. |
|
Read Security |
Can view WMI permissions but not change them. |
|
Edit Security |
Can view and modify WMI permissions. |
Remarks last but not least…
This is only Part I of II for WMI usage and how to interact with it. We discuss PowerShell interaction with WMI, command and common WMI classes. Join us next time for additional Windows PowerShell tutorials! Till then