Categories

A sample text widget

Etiam pulvinar consectetur dolor sed malesuada. Ut convallis euismod dolor nec pretium. Nunc ut tristique massa.

Nam sodales mi vitae dolor ullamcorper et vulputate enim accumsan. Morbi orci magna, tincidunt vitae molestie nec, molestie at mi. Nulla nulla lorem, suscipit in posuere in, interdum non magna.

Accessing WMI Information From PowerShell

I’m starting to learn how powerful the Windows Management Instrumentation aka Windows WMI is. One of the simpliest ways I found of accessing the information is via Windows PowerShell. Here is a simple PowerShell command that will return the Win32_OperatingSystem information.

Get-WmiObject Win32_OperatingSystem

The following command returned the following on my Windows XP box, and yes, anywhere you see XXXXX I censored the data for my personal privacy…

SystemDirectory : C:\WINDOWS\system32
Organization    : XXXXX
BuildNumber     : 2600
RegisteredUser  : XXXXX
SerialNumber    : XXXXX-XXX-XXXXXXX-XXXXX
Version         : 5.1.2600

If we use a pipe command, we can return the information in a table

PS H:\powershell> Get-WmiObject Win32_OperatingSystem | format-table

SystemDirecto Organization  BuildNumber  RegisteredUs SerialNumber Version
ry                                       er
------------- ------------  -----------  ------------ ------------ -------
C:\WINDOWS... XXXXX...      2600         XXXXX...     XXXXX-XXX... 5.1.2600

Of course, what if we just wanted to return the Windows Version and not all of the miscellaneous/irrelevant data? We can pipe the Get-Member command to see all of the properties that are hidden in that class.

Get-WmiObject Win32_OperatingSystem | Get-Member

Running this command shows us a list of MemberType, if you see a MemberType of Property we can query to see what is contained within that property field by using the Format Table command “ft.” For example

PS H:\powershell> Get-WmiObject Win32_OperatingSystem | ft Version, ServicePackMajorVersion

Version                                                 ServicePackMajorVersion
-------                                                 -----------------------
5.1.2600                                                                      3

Now, what if we want to access information on a remote client or server? Simple! just concat the computer name to the WMI call. Just make sure to change “ComputerName” to the client/server name.

PS H:\powershell> Get-WmiObject Win32_OperatingSystem -computer "ComputerName" | ft Version, ServicePackMajorVersion

That’s great, but if you don’t have access to client/server under your normal Windows or AD credentials, we can authenticate as a different user. To do this we are going to assign our credentials to the variable $cred (short for credentials), you can change this name to whatever you want. Once we’ve logged in, we will pass those to the client or server that we are trying to authenticate against to login and view the WMI system info. When we call Get-Credential this causes a Windows popup asking us to login.

PS H:\powershell> $cred = Get-Credential

cmdlet Get-Credential at command pipeline position 1
Supply values for the following parameters:
Credential

PS H:\powershell> Get-WmiObject Win32_OperatingSystem -computer dev-ghost -Credential $cred

SystemDirectory : C:\WINDOWS\system32
Organization    : XXXXX
BuildNumber     : 3790
RegisteredUser  : XXXXX
SerialNumber    : XXXXX-XXX-XXXXXXX-XXXXX
Version         : 5.2.3790

Leave a Reply