Performing Management tasks using Cimcmdlets - Processes

WMI provides a standardized system management infrastructure that can be leveraged by a number of different clients. WMI providers and the classes exposed by the providers help in various management tasks.

Our MSDN documentation lists a bunch of management scenarios and the corresponding Visual Basic samples, but it is much easier for an IT administrator to perform the same operations using PowerShell.

Customers have been requesting samples that will help them perform management tasks using PowerShell – therefore, in this series of blog posts we will be covering the PowerShell implementation of scenarios that are listed at the following MSDN page: https://msdn.microsoft.com/en-us/library/aa394585(v=vs.85).aspx

In this post we will be going over the scenarios specific to "Process Management" listed at : https://msdn.microsoft.com/en-us/library/aa394599(v=vs.85).aspx

 

Here are the corresponding PowerShell snippets:

1. Run an application in a hidden window:

PS:> $processStartupClass = Get-CimClass -ClassName Win32_ProcessStartup -Namespace root/cimv2 $processStartupInfo = New-CimInstance -cimclass $processStartupClass -Property @{ShowWindow =0} –Local  PS:> $processClass = Get-CimClass -ClassName Win32_Process -Namespace root/cimv2 PS:> Invoke-CimMethod -CimClass $processClass -MethodName Create -Arguments @{commandline="notepad.exe"; ProcessStartupInformation = [CimInstance]$processStartupInfo}

 

2. Determine which scripts are running on the local computer:

PS:> $query = "SELECT * FROM Win32_Process WHERE Name = 'cscript.exe' OR Name = 'wscript.exe'" PS:> $insts = Get-CimInstance -Query $query -Namespace root/cimv2 PS:> $insts | Select Name, commandline

 

3. Find out the account name under which a process is running:

PS:> $query = "Select * from Win32_Process" PS:> $insts = Get-CimInstance -Query $query -Namespace root/cimv2 PS:> # OR PS:> $insts = Get-CimInstance –ClassName Win32_Process –Namespace root/cimv2 PS:> $insts | %{                          Write-host $_.CimInstanceProperties["Name"]                           $owner = Invoke-CimMethod -InputObject $_ -MethodName GetOwner                           $owner | Select Domain, User, PSComputerName                        }

 

4. Change the priority of a running process:

PS:> $query = "Select * from Win32_Process Where Name = 'Notepad.exe'" PS:> $insts = Get-CimInstance -Query $query -Namespace root/cimv2 PS:> $aboveNormal = 32768 PS:> $insts | %{     Invoke-CimMethod -InputObject $_ -MethodName SetPriority -Arguments @{Priority = [Uint32]$aboveNormal} }

 

5. Terminate a process using a script:

PS:> $query = "Select * from Win32_Process Where Name = 'Notepad.exe'" PS:> Invoke-CimMethod -Query $query -MethodName Terminate

 

6. Determine how much processor time and memory each process is using:

$query = "Select * from win32_process" $procs = Get-CimInstance -Query $query # OR $procs = Get-CimInstance –ClassName Win32_Process –Namespace root/cimv2   foreach($proc in $procs) {     $result = New-Object PSObject -Property @{                                 processorTime = ($proc.KernalModeTime + $proc.UserModeTime) / 10000000                                 Name = $proc.Name                                 ProcessID = $proc.ProcessId                                 WorkingSetSize = $proc.WorkingSetSize                                 PageFileUsage = $proc.PageFileUsage                                 PageFaults = $proc.PageFaults                             }                                                                $result | Format-Table -Property @("Name", "ProcessID", "WorkingSetSize", "PageFileUsage", "PageFaults", "ProcessorTime") }

 

7. Determine what applications are running on a remote computer:

$cimSession = New-CimSession remoteMachine –Credential $psCreds $query = "Select * from Win32_Process" $procs = Get-CimInstance -Query $query -CimSession $cimSession # OR $procs = Get-CimInstance –ClassName Win32_Process –Namespace root/cimv2 $procs | Format-Table –Property @(“Name", “ProcessID", “ThreadCount", “PageFileUsage", “PageFaults", “WorkingSetSize")

 

As mentioned above, this blog series will cover various management scenarios. The next post will be about Computer Hardware Management scenarios listed at: https://msdn.microsoft.com/en-us/library/aa394587(v=vs.85).aspx

 

Thanks

Vaibhav Chugh [MSFT]

Standards Based Management

Comments

• Anonymous
  June 30, 2014
  I can't see why I'd want to use this approach to addressing the scenarios you've based this on.   For example #1, running an application in a hidden window.    I'd perfer:    Start-Process (Get-Command notepad).Source -WindowStyle Hidden It seems like all these scenarios (except perhaps #3 - getting owner of a process) have simpler solutions using the standard PowerShell features that have been around since PowerShell version 1.      

• Anonymous
  July 01, 2014
  I agree with you, PowerShell certainly has easier ways of achieving the above mentioned scenarios. This blog post and the examples were specifically designed to show the users how CimCmdlets and WMI providers can be used to perform various operations.