Day 4

WMI

WMIC

wmic /node:localhost path win32_processor get architecture

wmic path win32_logicaldisk /?

wmic path win32_logicaldisk get "deviceid,freespace,size"

Backup WMI

Page 99 Powershell step by step

• 1. Right click on my computer and select manage

  2. Expand Services and Applications

  3. Right click on WMI Control and select properties

  4. Select Backup/Restore

wbemtest

go to start run and type wbemtest

WMI CIM Studio

Part of the WMI Administrative tools lets you search for class

wmi queries

$wmisearcher = [wmisearcher]'select * from win32_process where handlecount > 200'

$wmisearcher.Get() | sort handlecount | ft name, handlecount, __Path -auto

$WQL = Select deviceid,size,freespace from win32_logicaldisk where drivetype =3"

get-wmiobject -class win32_logicaldisk -filter "drivetype=3" -property deviceid, size, freespace

Efficient queries

$wql = "select caption, handlecount, handle from win32_process where handlecount > 200"

Notes

% is an alias for Foreach-object

Get a list of all 1 character aliases

Get-Alias ?

powershell accelerators

[wmi]

[ADSI]

Active Directory

Page 147 lists some ADSI providers

[ADSI]"<PROVIDER><Distinguised Name>

Provider is case sensitive LDAP

 # ==============================================================================================

#

# NAME: CreateOU.ps1

#

# AUTHOR: Ed Wilson , microsoft

# DATE  : 2/2/2007

#

# COMMENT: Creates an OU

#1. Creates an OU called mred

#2. Uses the [ADSI] accelerator

#3. Uses the create and the setinfo methods

# ==============================================================================================

$strCLass = "organizationalUnit"

$StrOUName = "ou=MyTestOU"

$objADSI = [ADSI]"LDAP://dc=nwtraders,dc=msft"

$objOU = $objADSI.create($strCLass, $StrOUName)

$objOU.setInfo()

[ADSI]"LDAP://dc=nwtraders,dc=msft"

Depending where you are in AD you will have different methods available in the example on page 146 you have the $objADSI.create because you are in a container in the documentation you can see that the "IADsContainer Interface" has a create method if you where in a user you would not have this method "IADsUser Interface"

objou | Get-Member | sort name              #no members

objou.psbase | Get-Member | sort name       #still no create method

repladmin showmeta to see who modified an object

Page 176 example

 set string includes 4 arguments seperated by a semicolon see table 8-1

SearchBase;filter:attributes to return;search scope

$strQuery = "<LDAP://dc=nwtraders,dc=msft>;;name;subtree"