I’m starting to learn how powerful the Windows Management Instrumentation aka Windows WMI is. One of the simpliest ways I found of accessing the information is via Windows PowerShell. Here is a simple PowerShell command that will return the Win32_OperatingSystem information.
The following command returned the following on my Windows XP box, and yes, anywhere you see XXXXX I censored the data for my personal privacy…
SystemDirectory : C:\WINDOWS\system32 Organization : XXXXX BuildNumber : 2600 RegisteredUser : XXXXX SerialNumber : XXXXX-XXX-XXXXXXX-XXXXX Version : 5.1.2600
If we use a pipe command, we can return the information in a table
PS H:\powershell> Get-WmiObject Win32_OperatingSystem | format-table SystemDirecto Organization BuildNumber RegisteredUs SerialNumber Version ry er ------------- ------------ ----------- ------------ ------------ ------- C:\WINDOWS... XXXXX... 2600 XXXXX... XXXXX-XXX... 5.1.2600
Of course, what if we just wanted to return the Windows Version and not all of the miscellaneous/irrelevant data? We can pipe the Get-Member command to see all of the properties that are hidden in that class.
Get-WmiObject Win32_OperatingSystem | Get-Member
Running this command shows us a list of MemberType, if you see a MemberType of Property we can query to see what is contained within that property field by using the Format Table command “ft.” For example
PS H:\powershell> Get-WmiObject Win32_OperatingSystem | ft Version, ServicePackMajorVersion Version ServicePackMajorVersion ------- ----------------------- 5.1.2600 3
Now, what if we want to access information on a remote client or server? Simple! just concat the computer name to the WMI call. Just make sure to change “ComputerName” to the client/server name.
PS H:\powershell> Get-WmiObject Win32_OperatingSystem -computer "ComputerName" | ft Version, ServicePackMajorVersion
That’s great, but if you don’t have access to client/server under your normal Windows or AD credentials, we can authenticate as a different user. To do this we are going to assign our credentials to the variable $cred (short for credentials), you can change this name to whatever you want. Once we’ve logged in, we will pass those to the client or server that we are trying to authenticate against to login and view the WMI system info. When we call Get-Credential this causes a Windows popup asking us to login.
PS H:\powershell> $cred = Get-Credential cmdlet Get-Credential at command pipeline position 1 Supply values for the following parameters: Credential PS H:\powershell> Get-WmiObject Win32_OperatingSystem -computer dev-ghost -Credential $cred SystemDirectory : C:\WINDOWS\system32 Organization : XXXXX BuildNumber : 3790 RegisteredUser : XXXXX SerialNumber : XXXXX-XXX-XXXXXXX-XXXXX Version : 5.2.3790