Sdílet prostřednictvím


Hey Admins! Gathering information from remote machines using WMI (the easy way).

 

Those who are just getting into scripting might be wondering how to query info from remote machines using WMI and how to find useful information to query. When I started out trying to learn some of the WMI syntax and gathering info, I started with ScriptoMatic

I found this tool to be quick and painless for finding out what could be pulled from WMI and how it was done, if you've never played with it, go grab it and check it out.  

  

When you click the "run" button it'll dump out whatever you asked scriptomatic to search for:

==========================================
Computer: ServerA
==========================================
Caption: Domain
ClientSiteName: NA-WA-SITE
CreationClassName: Win32_NTDomain
DcSiteName: NA-WA-SITE
Description: Domain
DnsForestName: microsoft.com
DomainControllerAddress: \\2002:4898:dc5:33:218:feff:fe75:904
DomainControllerAddressType: 1
DomainControllerName: \\DC-DC-35
DomainGuid: {F488EF59-EEEF-11D2-A5DA-00805F9F34DE}
DomainName: Domain
DSDirectoryServiceFlag: True
DSDnsControllerFlag: False
DSDnsDomainFlag: False
DSDnsForestFlag: True
DSGlobalCatalogFlag: True
DSKerberosDistributionCenterFlag: True
DSPrimaryDomainControllerFlag: False
DSTimeServiceFlag: True
DSWritableFlag: True

Name: Domain: Domain
PrimaryOwnerContact:
PrimaryOwnerName:
Roles:
Status: OK

Other site with WMI scripts prepopulated for you:

WMI has a plethora of information that can be gathered locally or remotely from systems so it might be daunting to find out what you want to gather. I stumbled upon this site today and found a ton of stuff that will be useful to admins: WMI Tasks for Scripts and Applications.

Here are the the task categories and descriptions from the page:

Accounts and Domains
Obtain information such as the computer domain or the currently logged-on user. Many domain- or account-related tasks are best performed with ADSI scripts. For examples, see the TechNet ScriptCenter at https://www.microsoft.com/technet.

Computer Hardware
Obtain information about the presence, state, or properties of hardware components. For example, you can determine whether a computer is a desktop or laptop.

Computer Software
Obtain information such as which software is installed by the Windows Installer (MSI) and software versions.

Connecting to the WMI Service
To get data from WMI, either on the local computer or from a remote computer, you must connect to the WMI service by connecting to a specific namespace. In most cases, use either the shorthand moniker connection or the Locator connection.

Dates and Times
Windows XP introduced several WMI classes and a scripting object to parse or convert the CIM datetime format.

Desktop Management
Obtain data from or control remote desktops. For example, you can determine whether or not the screensaver requires a password. WMI also gives you the ability shut down a remote computer.

Disks and File Systems
Obtain information about disk drive hardware state, logical volumes.

Event Logs
Obtain event data from NT Event log files and perform operations like backing up or clearing log files.

Files and Folders
Change file or folder properties through WMI, including creating a share or renaming a file.

Networking
Manage and obtain information about connections and IP or MAC addresses.

Operating Systems
Obtain information about the operating system such as version, whether it is activated, or which hotfixes are installed.

Performance Monitoring
Use the WMI classes that obtain data from performance counters to access and refresh data about computer performance.

Processes
Obtain information such as the account under which a process is running. You can perform actions like creating processes.

Printers and Printing
Manage and obtain data about printers, such as finding or setting the default printer.

Registry
Create and modify registry keys and values.

Scheduled Tasks
Create and get information about scheduled tasks.

Services
Obtain information about services, including dependent or antecedent services.

One last thing:

Scritpomatic does have a twin for ADSI too: ADSI ScriptoMatic.

Comments

  • Anonymous
    September 11, 2015
    The freeware WMI Tools from AdRem Software lets you access WMI information both locally and remotely, as well as run custom WMI queries:http://www.adremsoft.com/wmitools