Server Fault Stack Exchange
Server Fault Stack Exchange

Questions tagged [wmi]

Windows Management Instrumentation

Windows Management Instrumentation (WMI) is the infrastructure for management data and operations on Windows-based operating systems. You can write WMI scripts or applications to automate administrative tasks on remote computers but WMI also supplies management data to other parts of the operating system and products, for example System Center Operations Manager, formerly Microsoft Operations Manager (MOM), or Windows Remote Management (WinRM).

396 questions
3
votes
1 answer

Which ports does WMI Service in Active Directory use exactly?

I read in the technet, that the WMI Services uses random ports over 1024 because of RPC.. Now is the question does it use 1025-5000 because of the microsoft port reservation or could it use more than the 5000 port? I am firewall admin and want to…
Fake4d
  • 603
  • 7
  • 10
  • 16
3
votes
2 answers

WMI Filter in GPO by UserName/UseGroup

We have a need to lock certain users down to a very restrictive desktop on our terminal servers as well as only serve them a single application which will auto launch. I have a GPO setup for each need but cannot figure out how to only apply these…
RPGonzo
  • 65
  • 1
  • 2
  • 5
3
votes
2 answers

Run command remotely on Windows computer

I have a Windows Server 2008 instance on Amazon EC2 (Amazon's cloud compute platform, which provides VMs in the cloud). It has an external IP, and I have an admin account on the box. I would like to 'bootstrap' this instance remotely i.e. I want to…
Bilal Aslam
  • 131
  • 3
2
votes
0 answers

How to prevent the installation of third-party AVs for a domain using GPOs?

Our organization uses a particular AV that we manage, but we currently have no way to enforce users not to install any other AVs, which has started to become an issue. I know windows can typically detect what AV software it has installed through WMI…
SDV
  • 21
  • 1
2
votes
1 answer

Determine Users Accessing a Shared Folder Using PowerShell

I need to determine the users/sessions accessing a shared folder on a Windows XP (SP2) machine using a PowerShell script (v 1.0). This is the information displayed using Computer Management | System Tools | Shared Folders | Sessions. Can anyone give…
Tangiest
  • 240
  • 3
  • 10
2
votes
1 answer

WMI Filter to detect Windows 10 Creators Update or higher

I have a group policy that needs to apply to Windows 10 Creators / version 1703 / Build 15063 and higher, (Specifically Cross Domain Drive mappings) Until Fall Creators came out, detecting specifically for creators update worked with this…
Dave
  • 427
  • 2
  • 8
  • 16
2
votes
0 answers

New-NlbCluster Access denied

This is a question and answer at the same time that I want to share to the community because google search "New-NlbCluster : Access denied" did not bring any results. Problem: Starting from 15 Apr 2017, the powershell commandlet New-NlbCluster…
Jari Kulmala
  • 31
  • 2
2
votes
1 answer

Win32_LogonSessions returns older sessions

I'm trying to identify logged sessions using a WMI query using PowerShell with: $logon_sess = @(gwmi win32_logonsession -ComputerName $computername) But I see that this command is also reporting older sessions, are these still active? How can I…
Uh Trog
  • 103
  • 3
  • 10
2
votes
2 answers

Blank iSCSI targets but targets still active

I have a Windows server 2012 R2 core server running Hyper-v with iSCSI attachments. Many months ago I configured the iSCSI connections and everything was working fine. I recently went to add an additional connection however when i opened the iSCSI…
Dave
  • 161
  • 3
  • 13
2
votes
2 answers

Powershell find orphaned processes

I am looking for a way to find processes that do not have a parent process running (orphaned processes). Im attempting to do this using win32_process. I have the query that returns the attributes needed, its the comparison im struggling with: gwmi…
user367081
  • 21
  • 1
  • 2
2
votes
0 answers

Why can't I remote manage a domain-joined Windows 10 computer?

I have a Active Directory domain of old Windows 7 computers and introduced a new Windows 10 computer. However, when I right-click the Win10 computer in AD Users & Computers, and select Manage, I receive this error: Computer (name of computer)…
J Woltman
  • 21
  • 1
  • 2
2
votes
1 answer

Get-WmiObject Win32_PerfFormattedData_Tcpip_NetworkInterface results in 'Invalid Class' error

On of my Nagios plugins to monitor the network load gives me problems on one Windows 2008 R2 server (out of 600). You can download the plugin here: https://github.com/willemdh/check_ms_win_network_load The problem happens while trying Get-WmiObject…
willemdh
  • 245
  • 4
  • 14
2
votes
0 answers

WMI Query - First and Fourth IP octet

Is anyone aware of any WMI queries that could be used within group policy which only lists all IP address, which end in .200 and I have multiple sites, multiple networks, I only need to list the devices that end with .200 and start with 192. for…
AlexD
  • 21
  • 2
2
votes
2 answers

Which permissions/rights does a user need to run "Get-WmiObject win32_service" on a remote machine?

I am in almost the same situation as the person who asked this question (link). The only difference is that I'm not writing a monitoring service but trying to get a WMI-based monitoring service to work. However after reading the linked question (and…
P. Albrecht
  • 33
  • 1
  • 6
2
votes
1 answer

Using WMI to query Windows Event Collector logs

Using WMI to query the eventlog is quite simple, using Win32_NTLogEvent, for example: Get-WmiObject -query "SELECT *FROM Win32_NTLogEvent WHERE (logfile='Application' and SourceName='Something') However, if i want to query a log that contains…
randoms
  • 161
  • 6
1 2 3
26 27