中国DOS联盟

This is my last post in the forum. I hope everyone will forgive what I said before, please forgive me!

WMIC: A Brand-New Super Command-Line Management Tool

While the graphical interface of Microsoft Windows Server provides convenience for network management, it has been criticized by Windows administrators for consuming excessive resources and operating slowly. To provide an alternative to the graphical management interface, Microsoft has introduced the brand-new command-line management tool WMIC, which combines the power of WMI with the simplicity of the command line. It is claimed that the command line of Windows Server 2003 with WMIC can perform almost all management tasks.

Microsoft, which started with DOS, finally dominated the world with the graphical interface. The traditional graphical interface of Microsoft Windows Server, while making system management simple and easy, has excessive resource consumption and slow operation speed, which not only makes many IT Pro-level system administrators complain but also makes it difficult for many system administrators switching from Unix and NetWare to adapt in a short time. Although Microsoft has developed WMI (Windows Management Instrumentation) and provided a large number of WMI-based scripts in Support Tools and Resource Kits for administrators to use for server management from the command line, complex script programming also deters many administrators because not every administrator is a script programming expert. From another perspective, the graphical interface is like a black box, depriving many administrators of the opportunity and fun to tailor management tasks, and they can only follow more and more wizards step by step, constantly clicking "Next".

In view of the above reasons, Microsoft integrated the power of WMI with the simplicity of the command line in Windows Server 2003 and launched the brand-new command-line management tool WMIC, whose full English name is Windows Management Instrumentation Command-line. And it is claimed that by using WMIC and other existing command-line tools, administrators can almost complete all management tasks without relying too much on those graphical interfaces.

This article will give a simple introduction to WMIC. Since Windows Server 2003 was not officially released when the author was writing, all technologies are based on Windows Server 2003 RC2 (Build 3718), and there may be changes after the final version is officially released.

Background: WMI, WBEM, and CIM

We have mentioned WMI many times in previous articles and have had specific applications, such as "Using VS.NET to Implement WMI Calls" (January 2003 issue), "Limiting Multi-Point Logins of Domain Users" and "Write a Script to Kill Mike's Song" (February 2003 issue), etc. Here, it will not be explained in detail but only briefly introduced.

WMI is a specific implementation of Microsoft based on the concept and standard of Web-based Enterprise Management (WBEM) and provides complete support for CIM (Common Information Model). WMI consists of an object repository (Object Repository) that complies with CIM standards and a CIM object manager (WMI Object Manager). The object repository is a database for object definitions, and the object manager is responsible for processing the collection and operation of objects in the repository and collecting information from WMI providers (WMI Provider). The WMI provider acts as an intermediary between WMI and operating system components, applications, and other systems, and the two exchange information through the WMI provider. The main function of the WMI provider is to provide relevant information of the lower-layer objects for WMI and allow WMI to manage the lower-layer objects through it. For example, the registry provider provides information from the registry, and the SNMP provider provides data and events from SNMP devices, etc.

WMI is used by many computer management tools, such as Microsoft Systems Management Server, Microsoft Health Monitor, and Microsoft Operations Manager, etc.

Overview of WMIC

WMIC is a newly appeared command-line management tool in Windows Server 2003. With WMIC, you can not only manage the local computer but also manage all remote computers in the same Windows domain (with necessary permissions), and the managed remote computers do not need to install WMIC in advance, only need to support WMI.

WMIC has an engine that can analyze, interpret, and execute aliases (Alias) received from the command line. It is an executable file named WMIC.exe, which is usually located in the "c:\windows\system32\wbem" folder and runs on the computer where the user is currently logged in. Any extended performance of the WMIC command line is defined or registered through the alias file. Alias is also called a friendly name (Friendly Names) and is defined in the MOF (Management Object Format) format. After receiving the input command, the WMIC engine first analyzes it. If the command is an alias, WMIC will call the definition of the alias from the current operation namespace (such as root\cli), apply the current environment settings (such as the target namespace), and correspond the alias command with its original command, and then execute it.

Specifically, you can use WMIC to achieve the following management tasks:

1. Local computer management

2. Remote single computer management

3. Remote multiple computer management

4. Computer management using remote sessions (such as Telnet)

5. Automatic management using management scripts

Only members of the local administrator group can start WMIC. Since WMIC is essentially a client of WMI, the security of WMIC is limited by the security of WMI. When WMIC is used in a remote session, such as Telnet, terminal services, etc., by default, it uses the security context of the user who initiated this session. Before using WMIC to manage a remote computer, WMIC will ping the remote computer to determine its status.

When using the WMIC command line, you can always use "/?" to get help information of the current command context.

Execution Modes

WMIC can be executed in two modes: interactive mode (Interactive mode) and non-interactive mode (Non-Interactive mode). Administrators who often use the Netsh command line should be very familiar with these two modes.

Interactive mode. If you only enter "WMIC" at the command prompt or through the "Run" menu, you will enter the interactive mode of WMIC. Whenever a command is executed, the system will return to the WMIC prompt, such as "Root\cli". Interactive mode is usually used when multiple WMIC instructions need to be executed. When you need to first execute the "CONTEXT" command to view environment variables and then use the "OS" command to view current operating system messages, you can use interactive mode, as shown in Figure 1. Interactive mode sometimes also requires confirmation for some sensitive operations, such as deletion operations, to prevent administrators from making mistakes to the greatest extent.

Non-interactive mode. Non-interactive mode means directly putting the WMIC instruction as a parameter of WMIC after WMIC. After the instruction is executed, it returns to the ordinary command prompt instead of entering the WMIC context environment. The non-interactive mode of WMIC is mainly used in batch processing or other script files. For example, the above "OS" command can be executed in non-interactive mode in the following way:

wmic os /?

Managing the System with WMIC

WMIC contains many switches, commands, and built-in aliases. The detailed contents are shown in Tables 1, 2, and 3. Let's experience the powerful functions of WMIC through specific examples.

Simple Management Tasks

With WMIC, some simple management tasks can be completed, such as viewing hardware and operating system information. If WMIC is not used, querying hardware such as BIOS, CPU, operating system, etc., is usually to program using the API interface provided by the system or write a short script program, which is a relatively troublesome thing. For example, Table 4 is a traditional VBScript script for querying BIOS information. If WMIC is used, the situation is completely different, and only a simple command can be used to get it done:

wmic bios list full

The result is shown in Figure 2.

You may have noticed that there are also two parameters list and full in the above command line. list determines the information format and range to be displayed. It has multiple parameters such as Brief, Full, Instance, Status, System, Writeable, etc. full is just one of its parameters and is also the default parameter of list, which means displaying all information. The other parameters are as the name implies. For example, Brief means displaying only summary information, Instance means displaying only object instances, Status means displaying object status, Writeable means displaying only the writable attribute information of the object, etc.

In the management process, especially when performing remote system management, administrators mostly like to list the process list to understand the programs running in the current system. The following command can achieve this purpose:

wmic process list brief

It will display some summary information of all current processes, such as process name, process ID, and priority, etc. In my previous article "Write a Script to Kill Mike's Song", this command can be used to replace that list.vbs script.

Complex Management Tasks

WMIC is also very excellent in completing complex management tasks. Let's first look at an example of querying event logs and generating a result file:

WMIC /node:"dc2" /user:"mytest" NTEVENTswheres"eventtype<3 and eventtype>0 AND logfile='Application'" GET Logfile, SourceName, Eventtype, Message, TimeGenerated /FORMAT:htable:"sortby=EventType">c:\Application.htm

This long command means querying application log information from the computer DC2. The event type is an event less than 3 and greater than 0, which are usually warning and error events. Since it is a remote computer, the "/node" and "/user" switches are used in the command. The output result is saved in web page format, saved in the "c:\Application.htm" file, and sorted by event type. When you use the above command, because the "/user" switch is used, the system will first prompt you to enter the password matching this user, as shown in Figure 3, and the query result is shown in Figure 4.

Similarly, you can also use WMIC to restart multiple managed servers or workstations at the same time. The command is as follows:

WMIC /NODE:@"c:\MyServerList.txt" OSswheres(Primary="TRUE") CALL Win32ShutDown 6

WMIC will first obtain the server name list from "c:\MyServerList.txt", and these server names are separated by commas in the file, such as "dc1,dc2". It should be noted that when using the server list file after the /node switch, you must add the "@" guide character in front of the file name. The execution result of this command is shown in Figure 5. During the restart process, WMIC will return detailed execution results.

WMIC can also obtain data from Active Directory. The following is an example of obtaining user information from Active Directory. The obtained user information includes display name, UPN name, name, creation time, etc. The returned result is shown in Figure 6:

WMIC/NAMESPACE:\root\directory\ldap PATH ds_user GET ds_displayname, ds_userprincipalname, ds_cn, ds_name, ds_whencreated /VALUE

Summary

WMIC is the most powerful command-line tool based on the Windows platform that I have seen, but it is also the most complex tool. Especially when completing complex management tasks, you need to be very familiar with the properties and methods of the Win32 classes of WMI to be able to handle it with ease. Therefore, it is recommended to learn WMI first and be familiar with various properties and methods of its Win32 classes before hoping to be proficient in using WMIC. There are several good WMI books in China now, and you can also query information in this regard on Microsoft's MSDN website (MSDN.microsoft.com).

With the addition of WMIC, command lines can say loudly: "Although I am ugly, I am powerful"

WMIC: A Brand-New Super Command-Line Management Tool

While the graphical interface of Microsoft Windows Server provides convenience for network management, it has been criticized by Windows administrators for consuming excessive resources and operating slowly. To provide an alternative to the graphical management interface, Microsoft has introduced the brand-new command-line management tool WMIC, which combines the power of WMI with the simplicity of the command line. It is claimed that the command line of Windows Server 2003 with WMIC can perform almost all management tasks.

Microsoft, which started with DOS, finally dominated the world with the graphical interface. The traditional graphical interface of Microsoft Windows Server, while making system management simple and easy, has excessive resource consumption and slow operation speed, which not only makes many IT Pro-level system administrators complain but also makes it difficult for many system administrators switching from Unix and NetWare to adapt in a short time. Although Microsoft has developed WMI (Windows Management Instrumentation) and provided a large number of WMI-based scripts in Support Tools and Resource Kits for administrators to use for server management from the command line, complex script programming also deters many administrators because not every administrator is a script programming expert. From another perspective, the graphical interface is like a black box, depriving many administrators of the opportunity and fun to tailor management tasks, and they can only follow more and more wizards step by step, constantly clicking "Next".

In view of the above reasons, Microsoft integrated the power of WMI with the simplicity of the command line in Windows Server 2003 and launched the brand-new command-line management tool WMIC, whose full English name is Windows Management Instrumentation Command-line. And it is claimed that by using WMIC and other existing command-line tools, administrators can almost complete all management tasks without relying too much on those graphical interfaces.

This article will give a simple introduction to WMIC. Since Windows Server 2003 was not officially released when the author was writing, all technologies are based on Windows Server 2003 RC2 (Build 3718), and there may be changes after the final version is officially released.

Background: WMI, WBEM, and CIM

We have mentioned WMI many times in previous articles and have had specific applications, such as "Using VS.NET to Implement WMI Calls" (January 2003 issue), "Limiting Multi-Point Logins of Domain Users" and "Write a Script to Kill Mike's Song" (February 2003 issue), etc. Here, it will not be explained in detail but only briefly introduced.

WMI is a specific implementation of Microsoft based on the concept and standard of Web-based Enterprise Management (WBEM) and provides complete support for CIM (Common Information Model). WMI consists of an object repository (Object Repository) that complies with CIM standards and a CIM object manager (WMI Object Manager). The object repository is a database for object definitions, and the object manager is responsible for processing the collection and operation of objects in the repository and collecting information from WMI providers (WMI Provider). The WMI provider acts as an intermediary between WMI and operating system components, applications, and other systems, and the two exchange information through the WMI provider. The main function of the WMI provider is to provide relevant information of the lower-layer objects for WMI and allow WMI to manage the lower-layer objects through it. For example, the registry provider provides information from the registry, and the SNMP provider provides data and events from SNMP devices, etc.

WMI is used by many computer management tools, such as Microsoft Systems Management Server, Microsoft Health Monitor, and Microsoft Operations Manager, etc.

Overview of WMIC

WMIC is a newly appeared command-line management tool in Windows Server 2003. With WMIC, you can not only manage the local computer but also manage all remote computers in the same Windows domain (with necessary permissions), and the managed remote computers do not need to install WMIC in advance, only need to support WMI.

WMIC has an engine that can analyze, interpret, and execute aliases (Alias) received from the command line. It is an executable file named WMIC.exe, which is usually located in the "c:\windows\system32\wbem" folder and runs on the computer where the user is currently logged in. Any extended performance of the WMIC command line is defined or registered through the alias file. Alias is also called a friendly name (Friendly Names) and is defined in the MOF (Management Object Format) format. After receiving the input command, the WMIC engine first analyzes it. If the command is an alias, WMIC will call the definition of the alias from the current operation namespace (such as root\cli), apply the current environment settings (such as the target namespace), and correspond the alias command with its original command, and then execute it.

Specifically, you can use WMIC to achieve the following management tasks:

1. Local computer management

2. Remote single computer management

3. Remote multiple computer management

4. Computer management using remote sessions (such as Telnet)

5. Automatic management using management scripts

Only members of the local administrator group can start WMIC. Since WMIC is essentially a client of WMI, the security of WMIC is limited by the security of WMI. When WMIC is used in a remote session, such as Telnet, terminal services, etc., by default, it uses the security context of the user who initiated this session. Before using WMIC to manage a remote computer, WMIC will ping the remote computer to determine its status.

When using the WMIC command line, you can always use "/?" to get help information of the current command context.

Execution Modes

WMIC can be executed in two modes: interactive mode (Interactive mode) and non-interactive mode (Non-Interactive mode). Administrators who often use the Netsh command line should be very familiar with these two modes.

Interactive mode. If you only enter "WMIC" at the command prompt or through the "Run" menu, you will enter the interactive mode of WMIC. Whenever a command is executed, the system will return to the WMIC prompt, such as "Root\cli". Interactive mode is usually used when multiple WMIC instructions need to be executed. When you need to first execute the "CONTEXT" command to view environment variables and then use the "OS" command to view current operating system messages, you can use interactive mode, as shown in Figure 1. Interactive mode sometimes also requires confirmation for some sensitive operations, such as deletion operations, to prevent administrators from making mistakes to the greatest extent.

Non-interactive mode. Non-interactive mode means directly putting the WMIC instruction as a parameter of WMIC after WMIC. After the instruction is executed, it returns to the ordinary command prompt instead of entering the WMIC context environment. The non-interactive mode of WMIC is mainly used in batch processing or other script files. For example, the above "OS" command can be executed in non-interactive mode in the following way:

wmic os /?

Managing the System with WMIC

WMIC contains many switches, commands, and built-in aliases. The detailed contents are shown in Tables 1, 2, and 3. Let's experience the powerful functions of WMIC through specific examples.

Simple Management Tasks

With WMIC, some simple management tasks can be completed, such as viewing hardware and operating system information. If WMIC is not used, querying hardware such as BIOS, CPU, operating system, etc., is usually to program using the API interface provided by the system or write a short script program, which is a relatively troublesome thing. For example, Table 4 is a traditional VBScript script for querying BIOS information. If WMIC is used, the situation is completely different, and only a simple command can be used to get it done:

wmic bios list full

The result is shown in Figure 2.

You may have noticed that there are also two parameters list and full in the above command line. list determines the information format and range to be displayed. It has multiple parameters such as Brief, Full, Instance, Status, System, Writeable, etc. full is just one of its parameters and is also the default parameter of list, which means displaying all information. The other parameters are as the name implies. For example, Brief means displaying only summary information, Instance means displaying only object instances, Status means displaying object status, Writeable means displaying only the writable attribute information of the object, etc.

In the management process, especially when performing remote system management, administrators mostly like to list the process list to understand the programs running in the current system. The following command can achieve this purpose:

wmic process list brief

It will display some summary information of all current processes, such as process name, process ID, and priority, etc. In my previous article "Write a Script to Kill Mike's Song", this command can be used to replace that list.vbs script.

Complex Management Tasks

WMIC is also very excellent in completing complex management tasks. Let's first look at an example of querying event logs and generating a result file:

WMIC /node:"dc2" /user:"mytest" NTEVENTswheres"eventtype<3 and eventtype>0 AND logfile='Application'" GET Logfile, SourceName, Eventtype, Message, TimeGenerated /FORMAT:htable:"sortby=EventType">c:\Application.htm

This long command means querying application log information from the computer DC2. The event type is an event less than 3 and greater than 0, which are usually warning and error events. Since it is a remote computer, the "/node" and "/user" switches are used in the command. The output result is saved in web page format, saved in the "c:\Application.htm" file, and sorted by event type. When you use the above command, because the "/user" switch is used, the system will first prompt you to enter the password matching this user, as shown in Figure 3, and the query result is shown in Figure 4.

Similarly, you can also use WMIC to restart multiple managed servers or workstations at the same time. The command is as follows:

WMIC /NODE:@"c:\MyServerList.txt" OSswheres(Primary="TRUE") CALL Win32ShutDown 6

WMIC will first obtain the server name list from "c:\MyServerList.txt", and these server names are separated by commas in the file, such as "dc1,dc2". It should be noted that when using the server list file after the /node switch, you must add the "@" guide character in front of the file name. The execution result of this command is shown in Figure 5. During the restart process, WMIC will return detailed execution results.

WMIC can also obtain data from Active Directory. The following is an example of obtaining user information from Active Directory. The obtained user information includes display name, UPN name, name, creation time, etc. The returned result is shown in Figure 6:

WMIC/NAMESPACE:\root\directory\ldap PATH ds_user GET ds_displayname, ds_userprincipalname, ds_cn, ds_name, ds_whencreated /VALUE

Summary

WMIC is the most powerful command-line tool based on the Windows platform that I have seen, but it is also the most complex tool. Especially when completing complex management tasks, you need to be very familiar with the properties and methods of the Win32 classes of WMI to be able to handle it with ease. Therefore, it is recommended to learn WMI first and be familiar with various properties and methods of its Win32 classes before hoping to be proficient in using WMIC. There are several good WMI books in China now, and you can also query information in this regard on Microsoft's MSDN website (MSDN.microsoft.com).

With the addition of WMIC, command lines can say loudly: "Although I am ugly, I am powerful"

WMIC: Comprehensive Management of Windows from the Command Line
Since Windows 2000, WMI (Windows Management Instrumentation) has been an important part of Windows system management. WMIC is the abbreviation of Windows Management Instrumentation Command-line. Before the appearance of WMIC, it was not an easy thing to access the WMI database or WMI namespace from the command line. Now, WMIC expands system management to the command line by using the powerful functions of WMI.
　　1. What is WMIC?
　　WMIC expands WMI and provides support for performing system management from the command line interface and batch command scripts. Before the appearance of WMIC, if you wanted to manage the WMI system, you had to use some special WMI applications, such as SMS, or use the WMI script programming API, or use tools like CIM Studio. If you are not familiar with programming languages like C++ or script languages like VBScript, or do not master the basic knowledge of the WMI namespace, it is very difficult to manage the system with WMI. WMIC changes this situation and provides a powerful and friendly command-line interface for the WMI namespace.
　　WMIC is much simpler and more intuitive than WMI, mainly because of the use of aliases (Alias). The alias mechanism obtains some simple commands entered by the user on the command line and operates the WMI namespace in a predefined way. For example, a complex WMI Query Language (WQL) command is constructed according to a simple WMIC alias Get command. In this sense, the alias is an intermediate layer that simplifies the operation between the user and the namespace. For example, if you execute the following simple WMIC command on the WMIC command line, you can obtain the basic information of the user account:
useraccount list brief
　　In the above command, the Useraccount alias executes a WQL query of the Win32_Useraccount class and displays the information extracted from this class in text form. In addition, WMIC also displays the properties of the Win32_Useraccount class in text form. In addition to text form output, WMIC can also return command execution results in other forms, such as XML, HTML, or CSV (comma-separated text file).
WMIC saves aliases in the form of instances of classes in the WMI mode. The default alias class - MSFT_CliAlias, and other classes that support WMIC are saved in the default namespace of the mode, or the root\cli role. The role can simply be regarded as another WMI namespace specially used to support WMIC. The default role root\cli is connected to the root\cimv2 namespace and operates the classes within root\cimv2. Although CIM Studio is generally not needed when using WMIC, CIM Studio can be used to conveniently view the root\cli namespace. For example, Figure 1 shows the root\cli node and some properties of the MSFT_CliAlias class.


Figure 1
　　You can add new aliases to the root\cli namespace and other namespaces, and you can also directly access the WMI namespace using the Class and Path commands. The Class and Path commands will be described in detail later in this article.
　　2. Running WMIC
　　Execute the "wmic" command to start the WMIC command line environment. This command can be executed in the standard command line interpreter (cmd.exe) of XP or.NET Server, Telnet session, or "Run" dialog box. These startup methods can be used locally or through the.NET Server terminal services session.
　　When executing the WMIC command for the first time, Windows will first install WMIC and then display the command line prompt of WMIC. On the WMIC command line prompt, commands are executed interactively. For example, executing the following command will close the running Outlook:
process where name='outlook.exe' call terminate
　　After the command is run, the WMIC command line prompt reappears, as shown in Figure 2. Each command must be entered in one line without inserting line breaks.


Figure 2
WMIC can also run in non-interactive mode. Non-interactive mode is very useful if you want to perform a single-step task or run a series of WMIC commands in a batch command. To use non-interactive mode, just start WMIC on the same command line and enter the command to be executed. For example, execute cmd.exe to open a command line window, and then execute the following command to output the printer list connected to MACHINE1:
wmic /node:MACHINE1 printer list status
　　In this example, the first operation is to start WMIC, then establish a remote connection to MACHINE1 according to the /node parameter, and finally execute a WMIC command to display the printer status information. After the command is run, it returns to the Windows command line prompt state.
　　A machine with WMIC installed can connect to any machine with WMI installed, and the connected machine does not need to install WMIC. For example, starting WMIC from a machine running Win XP Pro can connect and manage all machines running XP, Win2K, Windows NT 4.0, Windows Me, and Windows 9x.
　　3. Composition of the WMIC Command Line
　　WMIC provides a large number of global switches, aliases, verbs, commands, and rich command line help to enhance the user interface. Global switches are configuration options applicable to the entire WMIC session. For example, the /trace:on switch enables the error tracking mechanism. If this switch is on, WMIC returns the error information of each command. The /note switch can be used to access remote machines, the /interactive:on switch requires WMIC to prompt for confirmation before performing deletion operations. Other global switches also include /role, /user, /implevel, and /namespace.
　　As mentioned earlier, the alias is an intermediate layer that simplifies the syntax between the user and the WMI namespace. When you specify an alias, the verb (Verb) indicates the action to be executed. For example, List and Call in the previous example are examples of two verbs. Table 1 describes other WMIC verbs and gives examples for each verb.
Table 1: WMIC Verbs
Verb Example Description
Assoc group where name= 'administrators' assoc Displays all associations between the Administrators group and the system, including members of the Administrators group, etc. For another example, os assoc displays information about the operating system and installed patches.
Create environment create name="progloc", username="work01\User1",variablevalue= "%programfiles%\prog01" Creates a variable named Progloc, sets its value to a subfolder of the Program Files folder, and adds this variable to the User1 account of the Work01 workgroup computer.
Delete environment where(name= "progloc") delete Deletes the Progloc environment variable. When testing WMIC commands, to prevent accidental deletion, you can use the /interactive:on global switch, and confirmation will be required before deletion.
Get partition get bootpartition, description, deviceid, bootable Returns information such as whether the partition is bootable, description information, and device ID attributes.
Set path WIN32_USERACCOUNT where(name="user01") set disabled="true" Disables the User01 user account on the member server or workstation.
　　The command is used to control access to WMIC and the WMI namespace. Note the last example in Table 1. This example uses the Path and Win32_USERACCOUNT classes instead of the Useraccount alias. The Path is a command to directly access the instance in the WMI namespace without accessing through the alias. The Path command is especially useful if there is no ready-made alias available for the system management task to be executed. Although you can expand WMIC with new aliases and roles, if you are familiar with the WMI namespace, using the Path command is also convenient
In addition to the Path command, WMIC also supports the Class, Context, Quit, and Exit commands. The Class command is used to directly access the classes in the WMI mode or create instances of existing classes. The difference between the Class command and the Path command is that the Path command acts on instances and their properties (for example, extracting management information), while the Class command acts on the definition of the class. For example, if you want to extract all properties of the WIN32_SOFTWAREELEMENT class, you can execute the following command:

class WIN32_SOFTWAREELEMENT get

　　The output of this command is in HTML format. We will later understand how to use the /output global switch to redirect the output to an HTML file that can be opened by a browser. The Class command plus the Assoc verb can display the namespace path of the class and other classes associated with this class. The Class command can be used to delete classes and create instances of classes, but cannot create classes.
　　The Context command displays the current settings of the global switch. The Quit and Exit commands are used to exit the WMIC command prompt environment and return to the previous Shell environment (for example, Telnet environment or XP command line prompt environment).
　　Command line help is an effective way to be familiar with WMIC. Table 2 is a common command for finding information under the WMIC prompt:
Table 2: Command Line Help
Command Example Description
/? or -? 　 Displays the syntax of all global switches and aliases
/ /? /user /? Displays information about the specified global switch
/? class /? Displays information about a certain command
/? memcache /? Displays information about a certain alias
/? temperature get /? Displays information about the combination of alias and verb
/?:Full irq get /?:Full Displays help information about the verb
4. Practical Applications
　　We have understood the basic knowledge of the WMIC command line environment above. Let's see how to run WMIC with batch commands and redirect the output result to the console or HTML, XML files. The advantage of running WMIC from a batch command file is that there is no need to repeatedly enter a series of complex commands. For example, the following is the content of a batch command file, which is used to display the CPU information of the two machines MACHINE1 and MACHINE2, and the output result is displayed on the console. The /format switch is a verb-oriented switch, not a global switch, and it is only used for the Get and List verbs.
wmic /node:MACHINE1, MACHINE4 cpu get name, caption, maxclockspeed, systemname /format:textvaluelist.xsl
　　WMIC batch commands can use variables. That is to say, for the above batch command, the name of the server can not only be directly specified but also can be specified in the form of %1, %2. The following is an example. Put the following code into a batch command file, and then add one or two machine names when executing the batch command file; in addition, you can also create an independent text file and put the list of machine names in the text file. The list can be in CSV format or in the format separated by line breaks. If an independent text file is used to provide the machine names, you only need to add the text file name prefixed with the @ symbol after the /node global switch. The @ symbol tells the /node switch that the parameter behind is a file name instead of a machine name.
@echo offif "%1"=="" goto msgif "%2"=="" goto singlewmic /node:%1, %2 cpu get name, caption, maxclockspeed, systemname /format:textvaluelist.xslgoto end:singlewmic /node:%1 cpu get name, caption, maxclockspeed, systemname /format:textvaluelist.xslgoto end:msgecho 必须指定至少一台计算机的名字。:end
As mentioned earlier, the output result of the WMIC command can not only be sent to the console but also to XML or HTML, MOF (Managed Object Format) format files. On a computer with WMI installed, MOF is the original form for saving classes and class instances in the WMI database. The following example shows how to output the query result of the MACHINE4 processor information to an HTML file. The /output global switch requires WMIC to send the output to file1.htm, and the /format switch requires WMIC to convert the original XML output into HTML format. The XSL style file used for conversion can be a custom one or any XSL file in the \%systemroot%\system32\wbem folder of any machine with WMIC installed. For example, using the csv.xsl style file can convert the output result into CSV format, and using the htable.xsl style can construct a table containing the result data. Figure 3 is the file1.htm file opened in the browser.
　　
wmic /node:MACHINE4 /output:e:\file1.htm cpu get description, maxclockspeed, extclock, manufacturer, revision /format:hform.xsl


Figure 3
　　It has been mentioned earlier that the default output of the Class command plus the Get verb is in HTML format. Therefore, if you want to save the output result of such a command to an HTML file, you only need to specify the /output switch without adding the /format switch. The /record and /append global switches can also intercept information from the WMIC command line. Please use the command line help function of WMIC to understand more information about these switches.
　　If you want to output in XML format, use the /translate switch and the Basicxml keyword to convert the greater-than symbol ">" and less-than symbol "<" into meaningful characters in XML. The following is an example of outputting XML. The output XML data can be imported into a database or other systems that can understand XML tags. The output of the following code includes the WMIC command, command line request parameters, target node, global switch, and command execution result.
wmic cpu get maxclockspeed /translate:basicxml /format:rawxml.xsl
　　In conclusion, WMIC is an important improvement in the command line management function in XP and.NET Server, and it provides robust support for accessing and managing the WMI namespace from the command line. Although it takes some time to master and be familiar with the WMIC command line environment, once you are familiar with it, a brand-new realm of system management will unfold in front of you

WMIC: Comprehensive Management of Windows from the Command Line (2)

WMIC can also run in non-interactive mode. Non-interactive mode is very useful if you want to perform a single-step task or run a series of WMIC commands in a batch command. To use non-interactive mode, just start WMIC on the same command line and enter the command to be executed. For example, execute cmd.exe to open a command line window, and then execute the following command to output the printer list connected to MACHINE1:

wmic /node:MACHINE1 printer list status

　　In this example, the first operation is to start WMIC, then establish a remote connection to MACHINE1 according to the /node parameter, and finally execute a WMIC command to display the printer status information. After the command is run, it returns to the Windows command line prompt state.
　　A machine with WMIC installed can connect to any machine with WMI installed, and the connected machine does not need to install WMIC. For example, starting WMIC from a machine running Win XP Pro can connect and manage all machines running XP, Win2K, Windows NT 4.0, Windows Me, and Windows 9x.
　　3. Composition of the WMIC Command Line
　　WMIC provides a large number of global switches, aliases, verbs, commands, and rich command line help to enhance the user interface. Global switches are configuration options applicable to the entire WMIC session. For example, the /trace:on switch enables the error tracking mechanism. If this switch is on, WMIC returns the error information of each command. The /note switch can be used to access remote machines, the /interactive:on switch requires WMIC to prompt for confirmation before performing deletion operations. Other global switches also include /role, /user, /implevel, and /namespace.
　　As mentioned earlier, the alias is an intermediate layer that simplifies the syntax between the user and the WMI namespace. When you specify an alias, the verb (Verb) indicates the action to be executed. For example, List and Call in the previous example are examples of two verbs. Table 1 describes other WMIC verbs and gives examples for each verb.

Table 1: WMIC Verbs
Verb Example Description
Assoc group where name= 'administrators' assoc Displays all associations between the Administrators group and the system, including members of the Administrators group, etc. For another example, os assoc displays information about the operating system and installed patches.
Create environment create name="progloc", username="work01\User1",variablevalue= "%programfiles%\prog01" Creates a variable named Progloc, sets its value to a subfolder of the Program Files folder, and adds this variable to the User1 account of the Work01 workgroup computer.
Delete environment where(name= "progloc") delete Deletes the Progloc environment variable. When testing WMIC commands, to prevent accidental deletion, you can use the /interactive:on global switch, and confirmation will be required before deletion.
Get partition get bootpartition, description, deviceid, bootable Returns information such as whether the partition is bootable, description information, and device ID attributes.
Set path WIN32_USERACCOUNT where(name="user01") set disabled="true" Disables the User01 user account on the member server or workstation.

　　The command is used to control access to WMIC and the WMI namespace. Note the last example in Table 1. This example uses the Path and Win32_USERACCOUNT classes instead of the Useraccount alias. The Path is a command to directly access the instance in the WMI namespace without accessing through the alias. The Path command is especially useful if there is no ready-made alias available for the system management task to be executed. Although you can expand WMIC with new aliases and roles, if you are familiar with the WMI namespace, using the Path command is also convenient
In addition to the Path command, WMIC also supports the Class, Context, Quit, and Exit commands. The Class command is used to directly access the classes in the WMI mode or create instances of existing classes. The difference between the Class command and the Path command is that the Path command acts on instances and their properties (for example, extracting management information), while the Class command acts on the definition of the class. For example, if you want to extract all properties of the WIN32_SOFTWAREELEMENT class, you can execute the following command:

class WIN32_SOFTWAREELEMENT get

　　The output of this command is in HTML format. We will later understand how to use the /output global switch to redirect the output to an HTML file that can be opened by a browser. The Class command plus the Assoc verb can display the namespace path of the class and other classes associated with this class. The Class command can be used to delete classes and create instances of classes, but cannot create classes.
　　The Context command displays the current settings of the global switch. The Quit and Exit commands are used to exit the WMIC command prompt environment and return to the previous Shell environment (for example, Telnet environment or XP command line prompt environment).
　　Command line help is an effective way to be familiar with WMIC. Table 2 is a common command for finding information under the WMIC prompt:

Table 2: Command Line Help
Command Example Description
/? or -? 　 Displays the syntax of all global switches and aliases
/ /? /user /? Displays information about the specified global switch
/? class /? Displays information about a certain command
/? memcache /? Displays information about a certain alias
/? temperature get /? Displays information about the combination of alias and verb
/?:Full irq get /?:Full Displays help information about the verb

4. Practical Applications
　　We have understood the basic knowledge of the WMIC command line environment above. Let's see how to run WMIC with batch commands and redirect the output result to the console or HTML, XML files. The advantage of running WMIC from a batch command file is that there is no need to repeatedly enter a series of complex commands. For example, the following is the content of a batch command file, which is used to display the CPU information of the two machines MACHINE1 and MACHINE2, and the output result is displayed on the console. The /format switch is a verb-oriented switch, not a global switch, and it is only used for the Get and List verbs.

wmic /node:MACHINE1, MACHINE4 cpu get name, caption, maxclockspeed, systemname /format:textvaluelist.xsl

　　WMIC batch commands can use variables. That is to say, for the above batch command, the name of the server can not only be directly specified but also can be specified in the form of %1, %2. The following is an example. Put the following code into a batch command file, and then add one or two machine names when executing the batch command file; in addition, you can also create an independent text file and put the list of machine names in the text file. The list can be in CSV format or in the format separated by line breaks. If an independent text file is used to provide the machine names, you only need to add the text file name prefixed with the @ symbol after the /node global switch. The @ symbol tells the /node switch that the parameter behind is a file name instead of a machine name.
@echo offif "%1"=="" goto msgif "%2"=="" goto singlewmic /node:%1, %2 cpu get name, caption, maxclockspeed, systemname /format:textvaluelist.xslgoto end:singlewmic /node:%1 cpu get name, caption, maxclockspeed, systemname /format:textvaluelist.xslgoto end:msgecho 必须指定至少一台计算机的名字。:end
As mentioned earlier, the output result of the WMIC command can not only be sent to the console but also to XML or HTML, MOF (Managed Object Format) format files. On a computer with WMI installed, MOF is the original form for saving classes and class instances in the WMI database. The following example shows how to output the query result of the MACHINE4 processor information to an HTML file. The /output global switch requires WMIC to send the output to file1.htm, and the /format switch requires WMIC to convert the original XML output into HTML format. The XSL style file used for conversion can be a custom one or any XSL file in the \%systemroot%\system32\wbem folder of any machine with WMIC installed. For example, using the csv.xsl style file can convert the output result into CSV format, and using the htable.xsl style can construct a table containing the result data. Figure 3 is the file1.htm file opened in the browser.
wmic /node:MACHINE4 /output:e:\file1.htm cpu get description, maxclockspeed, extclock, manufacturer, revision /format:hform.xsl


　　It has been mentioned earlier that the default output of the Class command plus the Get verb is in HTML format. Therefore, if you want to save the output result of such a command to an HTML file, you only need to specify the /output switch without adding the /format switch. The /record and /append global switches can also intercept information from the WMIC command line. Please use the command line help function of WMIC to understand more information about these switches.
　　If you want to output in XML format, use the /translate switch and the Basicxml keyword to convert the greater-than symbol ">" and less-than symbol "<" into meaningful characters in XML. The following is an example of outputting XML. The output XML data can be imported into a database or other systems that can understand XML tags. The output of the following code includes the WMIC command, command line request parameters, target node, global switch, and command execution result.

wmic cpu get maxclockspeed /translate:basicxml /format:rawxml.xsl

　　In conclusion, WMIC is an important improvement in the command line management function in XP and.NET Server, and it provides robust support for accessing and managing the WMI namespace from the command line. Although it takes some time to master and be familiar with the WMIC command line environment, once you are familiar with it, a brand-new realm of system management will unfold in front of you

Can't forgive, must post a thread

Hehe, currently looking at these things

Although I said I won't post anymore, I still need to reply

The absence of bagpipe from posting is a great loss to the forum.

"A thousand-mile horse is common, but a伯乐is not common~"

Why didn't you post anymore?
Don't come to this forum anymore?
5555

This wmic.exe is not easy to master.

It's too difficult. It makes me confused. Why is it said to be the last time?

There are too many parameters!

Hard to remember!

Sweat!!!

wmci is too complicated and not easy to master. I found a method to query the path where the process is located using wmic on this site, which is very useful.

A very good tool, but unfortunately I don't know how to use it, but I want to learn!

Is the "WMIC Comprehensive Management of Windows from the Command Line (2)" at the bottom of lz mistaken? It repeats with the above one.

Long time no see. Excuse me, sir, is there a program for WMIC under WIN2000SP4?