PowerShell/Systems Management

This lesson introduces PowerShell systems management using Windows Management Instrumentation (WMI), Remote WMI, and PowerShell Remoting.

Objectives and Skills

edit

After completing this lesson, you will be able to:

  • Describe basic PowerShell WMI concepts.
  • Create PowerShell scripts to process WMI content.
  • Use PowerShell Remoting to run commands on a remote computer.

Readings

edit
  1. Wikipedia: Systems management
  2. Wikipedia: Windows Management Instrumentation
  3. BonusBits: Mastering PowerShell Chapter 18 - WMI
  4. Windows IT Pro: PowerShell Basics: Remote Management

Multimedia

edit
  1. YouTube: WMI and PowerShell

Examples

edit

Get-WmiObject List

edit

The Get-WmiObject cmdlet gets instances of WMI classes or information about the available WMI classes.[1]

Get-WmiObject -List

Win32_BIOS

edit

The Win32_BIOS WMI class represents the attributes of the computer system's basic input/output services (BIOS) that are installed on a computer.[2]

Get-WmiObject -Class Win32_BIOS

Win32_ComputerSystem

edit

The Win32_ComputerSystem class represents a computer system operating in a Windows environment.[3]

Get-WmiObject -Class Win32_ComputerSystem

Example output:

Domain              : MY_DOMAIN_NAME
Manufacturer        : MY_COMPUTER_Manufacturer_Inc.
Model               : My_Model
Name                : My_Computer_name
PrimaryOwnerName    :
TotalPhysicalMemory : 17024573440

Win32_NetworkAdapterConfiguration

edit

The Win32_NetworkAdapterConfiguration class represents the attributes and behaviors of a network adapter.[4]

Get-WmiObject -Class Win32_NetworkAdapterConfiguration

win32_logicaldisk

edit

The win32_logicaldisk class presents information about logicaldisks, size and free space available.

get-WmiObject win32_logicaldisk

DeviceID     : C:
DriveType    : 3
ProviderName :
FreeSpace    : 438228828160
Size         : 498396557312
VolumeName   : OS

DeviceID     : D:
DriveType    : 5
ProviderName :
FreeSpace    :
Size         :
VolumeName   :

Get-PSDrive command can also be used to obtain disk information.

Get-Member

edit

The Get-Member cmdlet gets the members (properties and methods) of objects.[5]

Get-WmiObject -Class Win32_BIOS | Get-Member

Object properties may be accessed using . notation.

$bios = Get-WmiObject -Class Win32_BIOS
'Computer Name: ' + $bios.PSComputerName
'Manufacturer:  ' + $bios.Manufacturer
'BIOS Version:  ' + $bios.SMBIOSBIOSVersion

Object methods are called the same way.

$service = Get-WmiObject -Class Win32_Service -Filter "Name='Spooler'"
$service.StopService()
$service.StartService()

Enable Remote WMI

edit

The following command enables remote WMI traffic through the local Windows firewall.[6]

netsh advfirewall firewall set rule group="windows management instrumentation (wmi)" new enable=yes

Disable Remote WMI

edit

The following command disables remote WMI traffic through the local Windows firewall.[7]

netsh advfirewall firewall set rule group="windows management instrumentation (wmi)" new enable=no

Use Remote WMI

edit

The Get-WmiObject cmdlet may be used to connect to remote computers using the -ComputerName parameter, with a specified Credential if necessary.[8]

Get-WmiObject -Class Win32_BIOS -ComputerName 'RemoteHost'

Get-WmiObject -Class Win32_BIOS -ComputerName 'RemoteHost' -Credential 'RemoteHost\Username'

Enable-PSRemoting

edit

The Enable-PSRemoting cmdlet configures the computer to receive Windows PowerShell remote commands that are sent by using the WS-Management technology.[9]

Enable-PSRemoting -Force

Disable-PSRemoting

edit

The Disable-PSRemoting cmdlet prevents users on other computers from running commands on the local computer.[10]

Disable-PSRemoting -Force

Trusted Hosts

edit

TrustedHosts allows a local computer to send authentication credentials to a remote computer in a non-domain environment. The Set-Item cmdlet is used to add a remote host to the TrustedHosts list. Specify the computer name or IP address for the RemoteHost.[11][12]

Set-Item -Path WSMan:\localhost\Client\TrustedHosts -Value 'RemoteHost'

Enter-PSSession

edit

The Enter-PSSession cmdlet starts an interactive PowerShell session with a single remote computer. During the session, the commands that you type run on the remote computer, just as though you were typing directly on the remote computer. You can have only one interactive session at a time.[13]

Enter-PSSession -Computer RemoteHost

Exit-PSSession

edit

The Exit-PSSession cmdlet ends interactive sessions that you started by using Enter-PSSession.[14]

Exit-PSSession

Activities

edit
  1. Review Microsoft TechNet: Using the Get-WMiObject Cmdlet. Create a script to retrieve BIOS information from the local system. Compare the results with the most recent BIOS version available from your system's manufacturer. If a BIOS update is available, review the update information and determine whether or not you should upgrade your BIOS.
  2. Create a script that uses the WMI Win32_ComputerSystem and Win32_NetworkAdapterConfiguration to collect information for your computer. Use Get-Member to identify properties available in these classes. Include:
    • Computer Name
    • Manufacturer
    • Model
    • RAM
    • User Name
    • IP Addresses (could have more than one)
    • MAC Addresses (could have more than one)
    • Any other information you would like to include
  3. Review Microsoft MSDN: Connecting to WMI Remotely Starting with Windows Vista and Microsoft MSDN: Connecting to WMI on a Remote Computer by Using Windows PowerShell. Enable remote WMI on one or more computers on your network. Create a script that uses Get-WmiObject with the -Computer parameter to extend the computer information script from above and gather information from remote computers on the network.
  4. Review Microsoft TechNet: Enable-PSRemoting and Microsoft TechNet: Running Remote Commands. Enable remote PowerShell on one or more computers on your network. Create a script that uses the Enter-PSSession cmdlet to enter a session on a remote computer and gather the same computer information from above. Identify situations in which PowerShell Remoting would be a better solution than Remote WMI.

Lesson Summary

edit
  • Systems management refers to enterprise-wide administration of distributed systems, including computer systems.[15]
  • Centralized management has a time and effort trade-off that is related to the size of the company, the expertise of the IT staff, and the amount of technology being used.[16]
  • Windows Management Instrumentation (WMI) is a set of extensions to the Windows Driver Model that provides an operating system interface through which instrumented components provide information and notification.[17]
  • WMI is Microsoft's implementation of the Web-Based Enterprise Management (WBEM) and Common Information Model (CIM) standards from the Distributed Management Task Force (DMTF).[18]
  • WMI allows scripting languages like VBScript or Windows PowerShell to manage Microsoft Windows personal computers and servers, both locally and remotely, and is preinstalled in Windows 2000 and newer OSs.[19]
  • Most leading management-software packages are WMI-enabled and capable of consuming and providing WMI information through various user interfaces.[20]
  • WMI features include:[21]
    • Automation interfaces
    • .NET Management interfaces
    • C/C++ COM/DCOM programming interfaces
    • Remoting capabilities over DCOM and SOAP
    • Support for queries
    • Eventing capabilities
    • Code template generator
    • Predictability
    • Protects existing customer investments
    • Provides a logical and unified administration model
  • The Get-WmiObject cmdlet gets instances of WMI classes or information about the available WMI classes.[22]
  • The Win32_BIOS WMI class represents the attributes of the computer system's basic input/output services (BIOS) that are installed on a computer.[23]
  • The Win32_ComputerSystem class represents a computer system operating in a Windows environment.[24]
  • The Win32_NetworkAdapterConfiguration class represents the attributes and behaviors of a network adapter.[25]
  • The Get-Member cmdlet gets the members (properties and methods) of objects.[26] Object properties and methods may be accessed using . notation.
  • The netsh command enables and disables remote WMI traffic through the local Windows firewall.[27]
  • The Get-WmiObject cmdlet may be used to connect to remote computers using the -ComputerName parameter, with a specified Credential if necessary.[28]
  • The Enable-PSRemoting cmdlet configures the computer to receive Windows PowerShell remote commands that are sent by using the WS-Management technology.[29]
  • The Disable-PSRemoting cmdlet prevents users on other computers from running commands on the local computer.[30]
  • TrustedHosts allows a local computer to send authentication credentials to a remote computer in a non-domain environment. The Set-Item cmdlet is used to add a remote host to the TrustedHosts list.[31][32]
  • The Enter-PSSession cmdlet starts an interactive PowerShell session with a single remote computer. During the session, the commands that you type run on the remote computer, just as though you were typing directly on the remote computer. You can have only one interactive session at a time.[33]
  • The Exit-PSSession cmdlet ends interactive sessions that you started by using Enter-PSSession.[34]

Key Terms

edit
Common Information Model (CIM)
An open standard that defines how managed elements in an IT environment are represented as a common set of objects and relationships between them.[35]
Distributed Management Task Force (DMTF)
An organization of companies that collaborate on the development, validation and promotion of infrastructure management standards that enable effective management of IT environments.[36]
Web-Based Enterprise Management (WBEM)
A set of systems management technologies developed to unify the management of distributed computing environments.[37]
Windows Driver Model (WDM)
A framework for device drivers that was introduced with Windows 98 and Windows 2000 to replace the older VxD, and Windows NT Driver models.[38]

Review Questions

edit
Enable JavaScript to hide answers.
Click on a question to see the answer.
1. Systems management refers to _____.
Systems management refers to enterprise-wide administration of distributed systems, including computer systems.
2. Centralized management has a _____ that is related to _____.
Centralized management has a time and effort trade-off that is related to the size of the company, the expertise of the IT staff, and the amount of technology being used.
3. Windows Management Instrumentation (WMI) is _____.
Windows Management Instrumentation (WMI) is a set of extensions to the Windows Driver Model that provides an operating system interface through which instrumented components provide information and notification.
4. WMI is _____.
WMI is Microsoft's implementation of the Web-Based Enterprise Management (WBEM) and Common Information Model (CIM) standards from the Distributed Management Task Force (DMTF).
5. WMI allows _____ to _____, and is preinstalled in Windows _____ and newer OSs.
WMI allows scripting languages like VBScript or Windows PowerShell to manage Microsoft Windows personal computers and servers, both locally and remotely, and is preinstalled in Windows 2000 and newer OSs.
6. Most leading management-software packages are WMI-_____ and capable of _____.
Most leading management-software packages are WMI-enabled and capable of consuming and providing WMI information through various user interfaces.
7. WMI features include:
WMI features include:

Automation interfaces
.NET Management interfaces
C/C++ COM/DCOM programming interfaces
Remoting capabilities over DCOM and SOAP
Support for queries
Eventing capabilities
Code template generator
Predictability
Protects existing customer investments
Provides a logical and unified administration model

8. The Get-WmiObject cmdlet _____.
The Get-WmiObject cmdlet gets instances of WMI classes or information about the available WMI classes.
9. The Win32_BIOS WMI class _____.
The Win32_BIOS WMI class represents the attributes of the computer system's basic input/output services (BIOS) that are installed on a computer.
10. The Win32_ComputerSystem class _____.
The Win32_ComputerSystem class represents a computer system operating in a Windows environment.
11. The Win32_NetworkAdapterConfiguration class _____.
The Win32_NetworkAdapterConfiguration class represents the attributes and behaviors of a network adapter.
12. The Get-Member cmdlet _____.
The Get-Member cmdlet gets the members (properties and methods) of objects. Object properties and methods may be accessed using . notation.
13. The netsh command _____.
The netsh command enables and disables remote WMI traffic through the local Windows firewall.
14. The Get-WmiObject cmdlet _____.
The Get-WmiObject cmdlet may be used to connect to remote computers using the -ComputerName parameter, with a specified Credential if necessary.
15. The Enable-PSRemoting cmdlet _____.
The Enable-PSRemoting cmdlet configures the computer to receive Windows PowerShell remote commands that are sent by using the WS-Management technology.
16. The Disable-PSRemoting cmdlet _____.
The Disable-PSRemoting cmdlet prevents users on other computers from running commands on the local computer.
17. TrustedHosts allows a local computer to _____.
TrustedHosts allows a local computer to send authentication credentials to a remote computer in a non-domain environment.
18. The Set-Item cmdlet is used to _____.
The Set-Item cmdlet is used to add a remote host to the TrustedHosts list.
19. The Enter-PSSession cmdlet _____. During the session, the commands that you type _____. You can have _____ interactive session(s) at a time.
The Enter-PSSession cmdlet starts an interactive PowerShell session with a single remote computer. During the session, the commands that you type run on the remote computer, just as though you were typing directly on the remote computer. You can have only one interactive session at a time.
20. The Exit-PSSession cmdlet _____.
The Exit-PSSession cmdlet ends interactive sessions that you started by using Enter-PSSession.

Assessments

edit

See Also

edit

References

edit
  Type classification: this is a lesson resource.
  Completion status: this resource is considered to be complete.
  1. Microsoft TechNet:Get-WmiObject
  2. Microsoft MSDN: Win32_BIOS Class
  3. Microsoft MSDN: Operating System Classes
  4. Microsoft MSDN: Win32_NetworkAdapterConfiguration class
  5. Microsoft TechNet: Get-Member
  6. Microsoft MSDN: Connecting to WMI Remotely Starting with Windows Vista
  7. Microsoft MSDN: Connecting to WMI Remotely Starting with Windows Vista
  8. Microsoft MSDN: Connecting to WMI on a Remote Computer by Using Windows PowerShell
  9. Microsoft TechNet: Enable-PSRemoting
  10. Microsoft TechNet: Disable-PSRemoting
  11. Microsoft TechNet: Non-Domain Remoting
  12. Microsoft TechNet: Enable and Use Remote Commands in Windows PowerShell
  13. Microsoft TechNet: Enter-PSSession
  14. Microsoft TechNet: Exit-PSSession
  15. Wikipedia: Systems management
  16. Wikipedia: Systems management
  17. Wikipedia: Windows Management Instrumentation
  18. Wikipedia: Windows Management Instrumentation
  19. Wikipedia: Windows Management Instrumentation
  20. Wikipedia: Windows Management Instrumentation
  21. Wikipedia: Windows Management Instrumentation
  22. Microsoft TechNet:Get-WmiObject
  23. Microsoft MSDN: Win32_BIOS Class
  24. Microsoft MSDN: Operating System Classes
  25. Microsoft MSDN: Win32_NetworkAdapterConfiguration class
  26. Microsoft TechNet: Get-Member
  27. Microsoft MSDN: Connecting to WMI Remotely Starting with Windows Vista
  28. Microsoft MSDN: Connecting to WMI on a Remote Computer by Using Windows PowerShell
  29. Microsoft TechNet: Enable-PSRemoting
  30. Microsoft TechNet: Disable-PSRemoting
  31. Microsoft TechNet: Non-Domain Remoting
  32. Microsoft TechNet: Enable and Use Remote Commands in Windows PowerShell
  33. Microsoft TechNet: Enter-PSSession
  34. Microsoft TechNet: Exit-PSSession
  35. Wikipedia: Common Information Model (computing)
  36. Wikipedia: Distributed Management Task Force
  37. Wikipedia: Web-Based Enterprise Management
  38. Wikipedia: Windows Driver Model