PowerShell/Systems Management
This lesson introduces PowerShell systems management using Windows Management Instrumentation (WMI), Remote WMI, and PowerShell Remoting.
Objectives and Skills
editAfter completing this lesson, you will be able to:
- Describe basic PowerShell WMI concepts.
- Create PowerShell scripts to process WMI content.
- Use PowerShell Remoting to run commands on a remote computer.
Readings
editMultimedia
editExamples
editGet-WmiObject List
editThe Get-WmiObject cmdlet gets instances of WMI classes or information about the available WMI classes.[1]
Get-WmiObject -List
Win32_BIOS
editThe Win32_BIOS WMI class represents the attributes of the computer system's basic input/output services (BIOS) that are installed on a computer.[2]
Get-WmiObject -Class Win32_BIOS
Win32_ComputerSystem
editThe Win32_ComputerSystem class represents a computer system operating in a Windows environment.[3]
Get-WmiObject -Class Win32_ComputerSystem
Example output:
Domain : MY_DOMAIN_NAME Manufacturer : MY_COMPUTER_Manufacturer_Inc. Model : My_Model Name : My_Computer_name PrimaryOwnerName : TotalPhysicalMemory : 17024573440
Win32_NetworkAdapterConfiguration
editThe Win32_NetworkAdapterConfiguration class represents the attributes and behaviors of a network adapter.[4]
Get-WmiObject -Class Win32_NetworkAdapterConfiguration
win32_logicaldisk
editThe win32_logicaldisk class presents information about logicaldisks, size and free space available.
get-WmiObject win32_logicaldisk
DeviceID : C:
DriveType : 3
ProviderName :
FreeSpace : 438228828160
Size : 498396557312
VolumeName : OS
DeviceID : D:
DriveType : 5
ProviderName :
FreeSpace :
Size :
VolumeName :
Get-PSDrive command can also be used to obtain disk information.
Get-Member
editThe Get-Member cmdlet gets the members (properties and methods) of objects.[5]
Get-WmiObject -Class Win32_BIOS | Get-Member
Object properties may be accessed using . notation.
$bios = Get-WmiObject -Class Win32_BIOS
'Computer Name: ' + $bios.PSComputerName
'Manufacturer: ' + $bios.Manufacturer
'BIOS Version: ' + $bios.SMBIOSBIOSVersion
Object methods are called the same way.
$service = Get-WmiObject -Class Win32_Service -Filter "Name='Spooler'"
$service.StopService()
$service.StartService()
Enable Remote WMI
editThe following command enables remote WMI traffic through the local Windows firewall.[6]
netsh advfirewall firewall set rule group="windows management instrumentation (wmi)" new enable=yes
Disable Remote WMI
editThe following command disables remote WMI traffic through the local Windows firewall.[7]
netsh advfirewall firewall set rule group="windows management instrumentation (wmi)" new enable=no
Use Remote WMI
editThe Get-WmiObject cmdlet may be used to connect to remote computers using the -ComputerName parameter, with a specified Credential if necessary.[8]
Get-WmiObject -Class Win32_BIOS -ComputerName 'RemoteHost'
Get-WmiObject -Class Win32_BIOS -ComputerName 'RemoteHost' -Credential 'RemoteHost\Username'
Enable-PSRemoting
editThe Enable-PSRemoting cmdlet configures the computer to receive Windows PowerShell remote commands that are sent by using the WS-Management technology.[9]
Enable-PSRemoting -Force
Disable-PSRemoting
editThe Disable-PSRemoting cmdlet prevents users on other computers from running commands on the local computer.[10]
Disable-PSRemoting -Force
Trusted Hosts
editTrustedHosts allows a local computer to send authentication credentials to a remote computer in a non-domain environment. The Set-Item cmdlet is used to add a remote host to the TrustedHosts list. Specify the computer name or IP address for the RemoteHost.[11][12]
Set-Item -Path WSMan:\localhost\Client\TrustedHosts -Value 'RemoteHost'
Enter-PSSession
editThe Enter-PSSession cmdlet starts an interactive PowerShell session with a single remote computer. During the session, the commands that you type run on the remote computer, just as though you were typing directly on the remote computer. You can have only one interactive session at a time.[13]
Enter-PSSession -Computer RemoteHost
Exit-PSSession
editThe Exit-PSSession cmdlet ends interactive sessions that you started by using Enter-PSSession.[14]
Exit-PSSession
Activities
edit- Review Microsoft TechNet: Using the Get-WMiObject Cmdlet. Create a script to retrieve BIOS information from the local system. Compare the results with the most recent BIOS version available from your system's manufacturer. If a BIOS update is available, review the update information and determine whether or not you should upgrade your BIOS.
- Create a script that uses the WMI Win32_ComputerSystem and Win32_NetworkAdapterConfiguration to collect information for your computer. Use Get-Member to identify properties available in these classes. Include:
- Computer Name
- Manufacturer
- Model
- RAM
- User Name
- IP Addresses (could have more than one)
- MAC Addresses (could have more than one)
- Any other information you would like to include
- Review Microsoft MSDN: Connecting to WMI Remotely Starting with Windows Vista and Microsoft MSDN: Connecting to WMI on a Remote Computer by Using Windows PowerShell. Enable remote WMI on one or more computers on your network. Create a script that uses Get-WmiObject with the -Computer parameter to extend the computer information script from above and gather information from remote computers on the network.
- Review Microsoft TechNet: Enable-PSRemoting and Microsoft TechNet: Running Remote Commands. Enable remote PowerShell on one or more computers on your network. Create a script that uses the Enter-PSSession cmdlet to enter a session on a remote computer and gather the same computer information from above. Identify situations in which PowerShell Remoting would be a better solution than Remote WMI.
Lesson Summary
edit- Systems management refers to enterprise-wide administration of distributed systems, including computer systems.[15]
- Centralized management has a time and effort trade-off that is related to the size of the company, the expertise of the IT staff, and the amount of technology being used.[16]
- Windows Management Instrumentation (WMI) is a set of extensions to the Windows Driver Model that provides an operating system interface through which instrumented components provide information and notification.[17]
- WMI is Microsoft's implementation of the Web-Based Enterprise Management (WBEM) and Common Information Model (CIM) standards from the Distributed Management Task Force (DMTF).[18]
- WMI allows scripting languages like VBScript or Windows PowerShell to manage Microsoft Windows personal computers and servers, both locally and remotely, and is preinstalled in Windows 2000 and newer OSs.[19]
- Most leading management-software packages are WMI-enabled and capable of consuming and providing WMI information through various user interfaces.[20]
- WMI features include:[21]
- Automation interfaces
- .NET Management interfaces
- C/C++ COM/DCOM programming interfaces
- Remoting capabilities over DCOM and SOAP
- Support for queries
- Eventing capabilities
- Code template generator
- Predictability
- Protects existing customer investments
- Provides a logical and unified administration model
- The Get-WmiObject cmdlet gets instances of WMI classes or information about the available WMI classes.[22]
- The Win32_BIOS WMI class represents the attributes of the computer system's basic input/output services (BIOS) that are installed on a computer.[23]
- The Win32_ComputerSystem class represents a computer system operating in a Windows environment.[24]
- The Win32_NetworkAdapterConfiguration class represents the attributes and behaviors of a network adapter.[25]
- The Get-Member cmdlet gets the members (properties and methods) of objects.[26] Object properties and methods may be accessed using . notation.
- The netsh command enables and disables remote WMI traffic through the local Windows firewall.[27]
- The Get-WmiObject cmdlet may be used to connect to remote computers using the -ComputerName parameter, with a specified Credential if necessary.[28]
- The Enable-PSRemoting cmdlet configures the computer to receive Windows PowerShell remote commands that are sent by using the WS-Management technology.[29]
- The Disable-PSRemoting cmdlet prevents users on other computers from running commands on the local computer.[30]
- TrustedHosts allows a local computer to send authentication credentials to a remote computer in a non-domain environment. The Set-Item cmdlet is used to add a remote host to the TrustedHosts list.[31][32]
- The Enter-PSSession cmdlet starts an interactive PowerShell session with a single remote computer. During the session, the commands that you type run on the remote computer, just as though you were typing directly on the remote computer. You can have only one interactive session at a time.[33]
- The Exit-PSSession cmdlet ends interactive sessions that you started by using Enter-PSSession.[34]
Key Terms
edit- Common Information Model (CIM)
- An open standard that defines how managed elements in an IT environment are represented as a common set of objects and relationships between them.[35]
- Distributed Management Task Force (DMTF)
- An organization of companies that collaborate on the development, validation and promotion of infrastructure management standards that enable effective management of IT environments.[36]
- Web-Based Enterprise Management (WBEM)
- A set of systems management technologies developed to unify the management of distributed computing environments.[37]
- Windows Driver Model (WDM)
- A framework for device drivers that was introduced with Windows 98 and Windows 2000 to replace the older VxD, and Windows NT Driver models.[38]
Review Questions
editAutomation interfaces
.NET Management interfaces
C/C++ COM/DCOM programming interfaces
Remoting capabilities over DCOM and SOAP
Support for queries
Eventing capabilities
Code template generator
Predictability
Protects existing customer investments
Provides a logical and unified administration model
Assessments
editSee Also
editReferences
edit- ↑ Microsoft TechNet:Get-WmiObject
- ↑ Microsoft MSDN: Win32_BIOS Class
- ↑ Microsoft MSDN: Operating System Classes
- ↑ Microsoft MSDN: Win32_NetworkAdapterConfiguration class
- ↑ Microsoft TechNet: Get-Member
- ↑ Microsoft MSDN: Connecting to WMI Remotely Starting with Windows Vista
- ↑ Microsoft MSDN: Connecting to WMI Remotely Starting with Windows Vista
- ↑ Microsoft MSDN: Connecting to WMI on a Remote Computer by Using Windows PowerShell
- ↑ Microsoft TechNet: Enable-PSRemoting
- ↑ Microsoft TechNet: Disable-PSRemoting
- ↑ Microsoft TechNet: Non-Domain Remoting
- ↑ Microsoft TechNet: Enable and Use Remote Commands in Windows PowerShell
- ↑ Microsoft TechNet: Enter-PSSession
- ↑ Microsoft TechNet: Exit-PSSession
- ↑ Wikipedia: Systems management
- ↑ Wikipedia: Systems management
- ↑ Wikipedia: Windows Management Instrumentation
- ↑ Wikipedia: Windows Management Instrumentation
- ↑ Wikipedia: Windows Management Instrumentation
- ↑ Wikipedia: Windows Management Instrumentation
- ↑ Wikipedia: Windows Management Instrumentation
- ↑ Microsoft TechNet:Get-WmiObject
- ↑ Microsoft MSDN: Win32_BIOS Class
- ↑ Microsoft MSDN: Operating System Classes
- ↑ Microsoft MSDN: Win32_NetworkAdapterConfiguration class
- ↑ Microsoft TechNet: Get-Member
- ↑ Microsoft MSDN: Connecting to WMI Remotely Starting with Windows Vista
- ↑ Microsoft MSDN: Connecting to WMI on a Remote Computer by Using Windows PowerShell
- ↑ Microsoft TechNet: Enable-PSRemoting
- ↑ Microsoft TechNet: Disable-PSRemoting
- ↑ Microsoft TechNet: Non-Domain Remoting
- ↑ Microsoft TechNet: Enable and Use Remote Commands in Windows PowerShell
- ↑ Microsoft TechNet: Enter-PSSession
- ↑ Microsoft TechNet: Exit-PSSession
- ↑ Wikipedia: Common Information Model (computing)
- ↑ Wikipedia: Distributed Management Task Force
- ↑ Wikipedia: Web-Based Enterprise Management
- ↑ Wikipedia: Windows Driver Model