Tip: Windows internals using wmi

Collapse
This topic is closed.
X
X
 
  • Time
  • Show
Clear All
new posts
  • Colin Brown

    Tip: Windows internals using wmi


    Recently I was looking for remote management tools and came across
    "Windows Management Instrumentation ". There is a python interface
    available:



    I was amazed how easy it became to access just about anything under
    the hood (later versions of NT, 2000, XP) using a couple of lines of code!
    If you have privileged access to remote computers you can interrogate
    them as well. My attempts to modify things were less successful :-(

    Colin Brown
    PyNZ

    With python, win32all and wmi installed, try these code snippets
    to get some idea of what is available:

    -------------------------------
    import wmi
    w = wmi.WMI()
    for process in w.Win32_Process ():
    if process == 'python':
    print process
    -------------------------------
    import wmi
    c = wmi.WMI()
    list = c.classes
    out = []
    for item in list:
    if item[:1] <> '_':
    out.append(item )

    open('classes.t xt','w').write( '\r\n'.join(out ))
    print 'View classes.txt in a browser'
    ---------------------------
    import wmi
    c = wmi.WMI()
    for x in c.Win32_Network Adapter():
    print x
    --------------------------


  • Tim Golden

    #2
    Re: Tip: Windows internals using wmi

    "Colin Brown" <cbrown@metserv ice.com> wrote in message news:<3f7ccaee$ 1@news.iconz.co .nz>...[color=blue]
    > Recently I was looking for remote management tools and came across
    > "Windows Management Instrumentation ". There is a python interface
    > available:
    >
    > http://tgolden.sc.sabren.com/python/wmi.html
    >
    > I was amazed how easy it became to access just about anything under
    > the hood (later versions of NT, 2000, XP) using a couple of lines of code![/color]

    Well it's always nice to know one's code is being
    used - thank you for the free advertising! Just in
    case it wasn't well-known, you can get WMI patches
    for Win9x and NT4 (not 3.51, I think) which is
    essential for those of us still running quite a number
    of older machines.

    I suspect you've already seen it, but the cookbook page
    (http://tgolden.sc.sabren.com/python/wmi_cookbook.html)
    is always happy to receive new examples of things you've
    found useful. Just email me with your examples.

    The business of remote administration can be quite
    a pain. You need to go through the levels of WMI,
    DCOM, NT/2K(3) and possibly AD security to get the
    access you want. I'm trying to put together a useful
    hints page - any experience you have (good or bad)
    will be gratefully received.

    TJG

    Comment

    • Hamster

      #3
      Re: Windows internals using wmi

      Hi

      This run OK on my Windows-XP, but no-run on Windows-2000 :


      def wprocess(lstSup pr=[]):
      import win32com,win32c om.client
      WMIService
      =win32com.clien t.GetObject(r'w inmgmts:{impers onationLevel=im personate}!//.\r
      oot\cimv2')
      listProcess = WMIService.Exec Query('Select * from Win32_Process')
      for item in listProcess:
      print ''
      print 'Nom :',item.Name
      print 'Ligne de commande :',item.Command Line
      print 'Descriptif :',item.Descrip tion
      print 'Path d\'exécution :',item.Executa blePath
      print 'Statut :',item.Status
      print 'Pririté :',item.Priorit y
      print 'Caption :',item.Caption
      print 'IdProcess :',item.Process Id
      print 'IdProcess Parent :',item.ParentP rocessId
      if item.name in lstSuppr:
      try:
      item.Terminate( )
      except:
      pass


      #wprocess()
      wprocess(['notepad.exe',' WINWORD.EXE']) # supprime certains process





      @-salutations
      --
      michel Claveau


      Comment

      • MetalOne

        #4
        Re: Tip: Windows internals using wmi

        Can WMI be used to change environment variables such as PATH.
        The Environment Variables Dialog in Windows is complete crap.
        I might like to write a new environment variable editor in Python.

        Comment

        • Colin Brown

          #5
          Re: Tip: Windows internals using wmi

          "MetalOne" <jcb@iteris.com > wrote in message
          news:92c59a2c.0 310031541.e8ddc 48@posting.goog le.com...[color=blue]
          > Can WMI be used to change environment variables such as PATH.
          > The Environment Variables Dialog in Windows is complete crap.
          > I might like to write a new environment variable editor in Python.[/color]

          ----------------------------------------------------------------------------
          ---------------------------
          Hi MetalOne

          I am not an expert on wmi having only just chanced upon it myself. However
          some quick browsing gives:

          The documentation for Win32_Environme nt (Google Win32_Environme nt) says that
          wmi returns registry
          information but does not provide methods for changing them.

          From: http://support.microsoft.com/default...-us;Q322756#3f
          Use Windows Management Instrumentation
          Windows Management Instrumentation (WMI) is a component of the Microsoft
          Windows operating system and is the Microsoft implementation of Web-Based
          Enterprise Management (WBEM). WBEM is an industry initiative to develop a
          standard technology for accessing management information in an enterprise
          environment. You can use WMI to automate administrative tasks (such as
          editing the registry) in an enterprise environment. You can use WMI in
          scripting languages that have an engine on Windows and handle Microsoft
          ActiveX objects. You can also use the WMI Command-Line utility (Wmic.exe) to
          modify the Windows registry.

          For additional information about WMI, visit the following Microsoft Web
          site:
          Find official documentation, practical know-how, and expert guidance for builders working and troubleshooting in Microsoft products.


          For additional information about the Wmic.exe, click the following article
          number to view the article in the Microsoft Knowledge Base:
          290216 A Description of the Windows Management Instrumentation Command-Line
          Utility

          Following down these links gets to:


          ml/scripting061120 02.asp


          ml/scripting081320 02.asp

          These are well worth a look if you want to know what wmi is all about. Table
          1 indicates that you use the "Registry provider" wmi interface for
          modifying registry settings. I do not know if the python wmi interface
          supports this.

          There is a utility for testing wmi: run wbemtest


          Colin Brown
          PyNZ



          Comment

          • Colin Brown

            #6
            Re: Tip: Windows internals using wmi


            Thanks for your comments Tim. Sadly I find myself in the same position
            as yourself with regard to need and time to investigate this further.

            I note that there is a third article in WMI Scripting Primer's:


            ml/scripting061120 02.asp

            which states:
            "Modifying the Properties of a Managed Resource
            In Windows 2000, WMI is primarily a read-only technology. Of the 4,395
            properties defined in the Windows 2000 root\cimv2 namespace, only 39
            properties are writeable. Those numbers improve in Microsoft® Windows® XP,
            where 145 of approximately 6560 properties are writeable. And the numbers
            get even better in Windows Server 2003."

            It appears to be evolving technology, currently targetted more at inspection
            than management!

            Colin Brown
            PyNZ



            Comment

            • Tim Golden

              #7
              Re: Tip: Windows internals using wmi

              "Colin Brown" <cbrown@metserv ice.com> wrote in message news:<3f831c27@ news.iconz.co.n z>...[color=blue]
              > Thanks for your comments Tim. Sadly I find myself in the same position
              > as yourself with regard to need and time to investigate this further.
              >
              > I note that there is a third article in WMI Scripting Primer's:
              >
              > http://msdn.microsoft.com/library/de...us/dnclinic/ht
              > ml/scripting061120 02.asp
              >
              > which states:
              > "Modifying the Properties of a Managed Resource
              > In Windows 2000, WMI is primarily a read-only technology. Of the 4,395
              > properties defined in the Windows 2000 root\cimv2 namespace, only 39
              > properties are writeable. Those numbers improve in Microsoft® Windows® XP,
              > where 145 of approximately 6560 properties are writeable. And the numbers
              > get even better in Windows Server 2003."
              >
              > It appears to be evolving technology, currently targetted more at inspection
              > than management!
              >
              > Colin Brown
              > PyNZ[/color]

              Interesting indeed. Further investigation
              (which I *really* didn't have the time to do!)
              threw up several articles by Microsoft which
              talked about having to compile / set something
              up / register COM services / other arcane stuff
              in order to use the Registry provider.

              I can't lay my hands on the URL (and it would
              have changed by the time you read this) but it
              put me off somewhat -- also, I can't understand
              why they didn't just build it in from the start:
              it's not as though the Registry is some little-used
              backwater of the Operating System!

              If you come across anything useful, or find the
              energy to get something working with this, let me
              know.

              Thanks. TJG

              Comment

              Working...