Presentation is loading. Please wait.

Presentation is loading. Please wait.

Windows Operating System Internals - by David A. Solomon and Mark E. Russinovich with Andreas Polze Unit OS12: Scripting 12.1. Windows Management Instrumentation.

Published byAugustine Lamb Modified over 8 years ago

Similar presentations

Presentation on theme: "Windows Operating System Internals - by David A. Solomon and Mark E. Russinovich with Andreas Polze Unit OS12: Scripting 12.1. Windows Management Instrumentation."— Presentation transcript:

1 Windows Operating System Internals - by David A. Solomon and Mark E. Russinovich with Andreas Polze Unit OS12: Scripting 12.1. Windows Management Instrumentation

2 2 Copyright Notice © 2000-2005 David A. Solomon and Mark Russinovich These materials are part of the Windows Operating System Internals Curriculum Development Kit, developed by David A. Solomon and Mark E. Russinovich with Andreas Polze Microsoft has licensed these materials from David Solomon Expert Seminars, Inc. for distribution to academic organizations solely for use in academic environments (and not for commercial use)

3 3 Roadmap for Section 12.1. Scripting Introduction Windows Management Instrumentation (WMI) Historical View on Windows Management WMI Architecture WMI Scripting Examples WMI-based Tools UNIX Scripting Support for Windows

4 4 Scripting Introduction A script is a sequence of instructions Like a program, but its not compiled Instructions are dynamically interpreted by a scripting engine Because scripts are plain-text source and not compiled, they are easy to change and to share

5 5 Scripting Support Scripting support requires An engine that reads the scripting language and interprets it Integration via the scripting engine to interactive functionality Windows includes an extensible scripting engine: Natively supports VB (Visual Basic) and J (Java) script Provides rich interaction with operating system environment via Windows Management Instrumentation

6 6 Microsoft Windows Management Instrumentation (WMI) WMI is the core management-enabling technology for Windows Built into Windows 2000, Windows XP, and Windows Server 2003 Originally released in 1998 as an add-on with Windows NT 4.0 Service Pack 4 Based on industry standards Overseen by the Distributed Management Task Force (DMTF) Universal Almost all Windows resources can be accessed, configured, managed, and monitored via WMI

7 7 WMI Background WMI is an implementation of Web-Based Enterprise Management (WBEM), which is a standard that the Distributed Management Task Force (DMTF) defines WMI was added to address two short-comings in previous versions of NT: Remote monitoring & management Scripting WMI is in Windows 2000 and later Addon for NT 4 Limited version available Win9x/ME

8 8 Applicability of WMI WMI-based scripts using COM automation Windows Script Host / VBScript / ActivePerl Built-in WMI tool with XP (except Home Edition) and Server 2003: WMI Console (WMIC) System management WMI helps to retrieve performance data, manage event logs, file systems, printers, processes, registry settings, scheduler, security, services, shares, and numerous other operating system components and configuration settings Network management WMI-based scripts can manage network services such as DNS, DHCP, and SNMP-enabled devices

9 9 Applicability of WMI (contd.) Real-time health monitoring WMI event subscriptions can monitor and respond to event log entries as they occur, file system and registry modifications, and other real-time operating system changes WMI event subscriptions and notifications are to WMI what SNMP traps are in the SNMP world Windows Server management WMI scripts can manage Microsoft Application Center, Operations Manager, Systems Management Server, Internet Information Server, Exchange Server, and SQL Server

10 10 NT Monitoring Infrastructure: a historical view - before WMI There are two native system monitoring mechanisms that have been in NT since its inception: Event viewer Performance Monitor Both can work remotely, but suffer several drawbacks with respect to general system management: Separate groups of APIs Unidirectional Limited to only performance data and event log

11 11 NT Management Infrastructure (a historical view - before WMI) The NT management mechanisms: Service Control Manager Registry Can change configuration, but no notifications/events NET API For managing computer membership in domains Querying computer OS version Configuring user and group accounts Limitations of these: Non-general: limited management Can’t manage all aspects of a computer’s system configuration, software, or hardware devices, for example Not natively scriptable, Non-extensible

12 12 WMI’s Features Works locally and remotely Fine-grainedBidirectional: A WMI “provider” can export functional interface and event notification services Extensible Developers can write their own providers Driver writers can leverage WMI-provider framework, called the WDM provider, to management-enable their hardware Natively scriptable Also natively.NET programmable when.NET Framework is present

13 13 WMI Architecture - a closer look Database application Web browser C/C++ application ODBC (deprecated) WINRM ActiveX controls Windows Management API CIM Object Manager (CIMOM)CIM repository SNMP providerWin32 provider Registry provider SNMP objectsWin32 objects Registry objects COM/DCOM Management applications WMI infrastructure Providers Managed objects

14 14 WMI Architecture Management applications: Windows applications that access and display or process the data that they obtain about managed objects Ex. Perfmon or event viewer replacement WMI Infrastructure Implemented as a Windows Service: Winmgmt.exe Its heart is the CIM Object Manager (CIMOM) Glue that binds management applications to providers Also serves as object-class store, and as storage for persistent object properties Infrastructure APIs Primary API is COM Others layer on top of COM: ODBC adapter WMI ActiveX control Scripting API

15 15 WMI Managed Resources Logical or physical component, which is exposed and manageable by using WMI disks, peripheral devices, event logs, files, folders, file systems, networking components, OS subsystems, performance counters, printers, processes, registry, security, services, shares, SAM users and groups, Active Directory, Windows Installer, Windows Driver Model (WDM) device drivers, SNMP Management Information Base (MIB) A WMI managed resource communicates with WMI through a provider

16 16 WMI Infrastructure The middle layer is the WMI infrastructure Allows for definition of and accessed to configuration and management data WMI consists of three primary components: the CIM Object Manager (CIMOM), the Common Information Model (CIM) repository, WMI providers WMI scripting library is a fourth, small component

17 17 WMI Providers Intermediary between WMI and a managed resource request information from, and send instructions to WMI managed resources on behalf of consumer applications and scripts Hide the implementation details unique to a managed resource Managed resource is exposed based on WMI's uniform access model WMI providers use managed resources’ native APIs, and communicate with the CIMOM using WMI APIs

18 18 WMI Providers (contd.) Extensible architecture Add-on providers can expose management functions unique to a product Application Center, Operations Manager, Systems Management Server, Internet Information Server, and SQL Server, Exchange Server, Microsoft Office, and many 3rd- party applications include WMI providers Providers are implemented as DLLs or stand-alone executables Residing in %SystemRoot%\system32\wbem WMI includes many built-in providers for Windows: Performance API, Registry, Event Manager, Active Directory, SNMP, WDM, more WMI SDK lets third-parties develop provider

19 19 WMI Providers (contd.) WMI providers are COM or DCOM servers Export objects that have properties and methods Define classes that are stored in CIMOM repository WMI executes in-process providers (as opposed to those in dedicated application processes) in a separate process Prevents corruption of the RPC service The process is placed in a Job to limit resource consumption

20 20 List of Standard WMI Providers ProviderDLLNamespaceDescription Active Directory provider dsprov.dllroot\directory\ldap Maps Active Directory objects to WMI. Event Log provider ntevt.dllroot\cimv2 Manage Windows event logs, for example, read, backup, clear, copy, delete, monitor, rename, compress, uncompress, and change event log settings. Performance Counter provider wbemperf.dllroot\cimv2 Provides access to raw performance data. Registry provider stdprov.dllroot\default Read, write, enumerate, monitor, create, and delete registry keys and values. SNMP provider snmpincl.dllroot\snmp Provides access to SNMP MIB data and traps from SNMP-managed devices. WDM provider wmiprov.dllroot\wmi Provides access to information on WDM device drivers. Win32 provider cimwin32.dllroot\cimv2 Provides information about the computer, disks, peripheral devices, files, folders, file systems, networking components, printers, processes, security, services, shares, etc. Windows Installer provider msiprov.dllroot\cimv2 Provides access to information about installed software.

21 21 CIMOM WMI information broker All WMI requests and data flow through the CIMOM Implemented inside Windows Management Instrumentation service, winmgmt.exe CIMOM provides core services: Provider registration Request routing Remote access Security Query processing - WMI Query Language (WQL) Event processing

22 22 CIM Repository Configuration and management information from different sources can be uniformly represented with a schema The CIM is the schema, also called the object repository or class store that models the managed environment and defines every piece of data exposed by WMI CIM classes generally represent dynamic resources Instances of resources can be stored in the CIM, but are generally dynamically retrieved by a provider based on a consumer request

23 23 CIM Classes CIM classes consist of properties and methods. Properties describe the configuration and state of a WMI managed resource Methods are executable functions that perform actions on the WMI managed resource On Windows XP CIM consists of the following files in %SystemRoot%\system32\wbem\Repository\FS\ index.btr - Binary-tree (btree) index file index.map - Transaction control file objects.data - CIM repository where managed resource definitions are stored objects.map - Transaction control file

24 24 WMI Scripting Library Set of automation objects Scripting languages, such as VBScript, Jscript, and ActiveState's ActivePerl access the WMI infrastructure via these objects Provides a consistent and uniform scripting model for the WMI infrastructure WMI scripting library is implemented in a single DLL named wbemdisp.dll, Resides in %SystemRoot%\system32\wbem directory Includes a type library named wbemdisp.tlb. WMI scripting type library can be used to reference WMI constants from XML-based Windows Script Files, WSH scripts with a.wsf extension

25 25 WMI Consumers Consumers are the top layer A consumer is a script, enterprise management application, Web-based application, or other administrative tool, that accesses and controls management information available through the WMI infrastructure. Many management applications serve dual roles as both WMI consumer and WMI provider Application Center, Operations Manager, and Systems Management Server are examples

26 26 Exploring the CIM WMI Control WMI Control (wmimgmt.msc) is a Microsoft Management Console (MMC) snap-in that allows you to configure WMI settings on a local or remote computer WMI Tester WMI Tester (wbemtest.exe) is a general-purpose, graphical tool for interacting with the WMI infrastructure Built into Windows You can use WMI Tester to browse the CIM schema and examine managed resource class definitions WMI Tester can also be used to perform the same actions your WMI-based scripts perform, such as retrieving instances of managed resources and running queries

27 27 Exploring the CIM (contd.) WMI Command-line Released as part of Windows XP Professional and Server 2003, the WMI Command-line tool (wmic.exe) provides a command line interface to the WMI infrastructure You can use wmic.exe to perform common WMI tasks from the command line, including browsing the CIM and examining CIM class definitions CIM Studio CIM Studio, part of the WMI SDK, provides a Web-based interface to interact with the WMI infrastructure TechNet Scripts EnumClasses.vbs, EnumInstances.vbs, and EnumNamespaces.vbs TechNet Script Center - http://www.microsoft.com/technet/community/scriptcenter/default.mspx

28 28 WMI Scripts The most popular interface is the scripting interface No need for third-party tools Look like stand-alone utilities, but easily modifiable Cscript.exe is the command-line interface to Windows Script Host (WSH) Cscript scriptname.extension [options..] For help, type Cscript /? TechNet Scripting Center has more than hundred Visual Basic scripts that use WMI www.microsoft.com/technet/community/scriptcenter/default.mspx Example: start a process on a remote system Cscript exec.vbs /s servername /e notepad

29 29 WMI Scripts - Remote Process Execution Excerpt from exec.vbs: If blnConnect("root\cimv2", _ strUserName, _ strUserName, _ strPassword, _ strPassword, _ strServer, _ strServer, _ objService ) Then objService ) Then Call Wscript.Echo("") Call Wscript.Echo("") Call Wscript.Echo("Please check the server name, " _ Call Wscript.Echo("Please check the server name, " _ & "credentials and WBEM Core.") & "credentials and WBEM Core.") Exit Sub Exit Sub End If End If strMessage = "" strMessage = "" intProcessId = 0Set objInstance = objService.Get("Win32_Process") intProcessId = 0Set objInstance = objService.Get("Win32_Process") If blnErrorOccurred(" occurred getting a " & _ If blnErrorOccurred(" occurred getting a " & _ " Win32_Process class object.") Then Exit Sub " Win32_Process class object.") Then Exit Sub If objInstance is nothing Then Exit Sub If objInstance is nothing Then Exit Sub intStatus = objInstance.Create(strCommand, null, null, intProcessId) intStatus = objInstance.Create(strCommand, null, null, intProcessId)

30 30 WMI Scripts - Obtain physical memory size strComputer = ”fin” # target computer’s name Set wbemServices = GetObject("winmgmts:\\" & strComputer) Set wbemObjectSet = wbemServices.InstancesOf("Win32_LogicalMemoryConfiguration") For Each wbemObject In wbemObjectSet WScript.Echo "Total Physical Memory (kb): " & wbemObject.TotalPhysicalMemory WScript.Echo "Total Physical Memory (kb): " & wbemObject.TotalPhysicalMemoryNext

31 31 WMI Scripts - Retrieve services information strComputer = ”fin” # target computer’s name Set wbemServices = GetObject("winmgmts:\\" & strComputer) Set wbemObjectSet = wbemServices.InstancesOf("Win32_Service") For Each wbemObject In wbemObjectSet WScript.Echo "Display Name: " & wbemObject.DisplayName & _ vbCrLf & _ WScript.Echo "Display Name: " & wbemObject.DisplayName & _ vbCrLf & _ " State: " & wbemObject.State & _ vbCrLf & _ " State: " & wbemObject.State & _ vbCrLf & _ " Start Mode: " & wbemObject.StartMode " Start Mode: " & wbemObject.StartModeNext

32 32 Wbemtest Utility

33 33 Services for UNIX - Interix Subsystem for Windows Interix - a full POSIX subsystem for Windows Interix replaces the original POSIX subsystem on Windows Full network support Interoperability between POSIX and Windows subsystems (CreateProcess()) Services for UNIX (SFU 3.5) Bundled with many essential UNIX tools (X11R5 clients) Interix allows to run UNIX applications and scripts on Windows (after re-compilation)

34 34 Services for Unix + Interix Features A complete environment to run UNIX applications and scripts on Windows Fully integrated with Windows Fully integrated with Windows Over 300 utilities and tools A complete software development kit Support for more than 1900 UNIX APIs SFU is freely downloadable from www.microsoft.com/windowsserversystem/sfu/downloads/

35 35 SFU 3.5 Features Shells: KornShell and C Shell Scripting languages: awk, perl, sed, and Tcl/Tk Admin tools: rsh, rlogin, telnet and xterm Batch tools: At, cron and batch

36 36 SFU 3.5 SDK Support for 1900+ interfaces ANSI C, POSIX.1 and POSIX.2 interfaces Development tools: make, RCS, lex, yacc, cc, c89, nm, ar, strip Compilers: gcc, g++, g77 Color curses library BSD-style sockets library support X11R5 libraries and header files MS Visual C/C++ support

37 37 Further Reading Alain Lissoir, Understand Windows Management Instrumentation (WMI) Scripting, Digital Press, 2003 Alain Lissior, Leveraging Windows Management Instrumentation (WMI) Scripting, Digital Press, 2003 Greg Stemp, Dean Tsaltas, and Bob Wells (Microsoft Corporation) Ethan Wilansky (Network Design Group); WMI Scripting clinic: http://msdn.microsoft.com/library/default.asp?url=/library/en- us/dnclinic/html/scripting06112002.asp Mark E. Russinovich and David A. Solomon, Microsoft Windows Internals, 4th Edition, Microsoft Press, 2004. Windows Management Instrumentation (from pp. 237) WMI Software Developers Kit (SDK) Documentation More details about UNIX scripting on Windows in Unit OS-C

Download ppt "Windows Operating System Internals - by David A. Solomon and Mark E. Russinovich with Andreas Polze Unit OS12: Scripting 12.1. Windows Management Instrumentation."

Similar presentations

This course is designed for system managers/administrators to better understand the SAAZ Desktop and Server Management components Students will learn.

This course is designed for system managers/administrators to better understand the SAAZ Desktop and Server Management components Students will learn.
Migrating UNIX Applications to Windows 2000 Stephen R. Walli INTERIX Product Unit Manager Microsoft Corporation 7-322.

Migrating UNIX Applications to Windows 2000 Stephen R. Walli INTERIX Product Unit Manager Microsoft Corporation
Chapter 20 Oracle Secure Backup.

Chapter 20 Oracle Secure Backup.
Windows Operating System Internals - by David A. Solomon and Mark E. Russinovich with Andreas Polze Unit OS1: Overview of Operating Systems 1.1. Windows.

Windows Operating System Internals - by David A. Solomon and Mark E. Russinovich with Andreas Polze Unit OS1: Overview of Operating Systems 1.1. Windows.
MCTS Guide to Microsoft Windows Server 2008 Network Infrastructure Configuration Chapter 4 Installing and Configuring the Dynamic Host Configuration Protocol.

MCTS Guide to Microsoft Windows Server 2008 Network Infrastructure Configuration Chapter 4 Installing and Configuring the Dynamic Host Configuration Protocol.
Chapter 14 Web-Based Management 14-1 Chapter 14

Chapter 14 Web-Based Management 14-1 Chapter 14
More Control and Flexibility Vitalis Konopelec Technology Solution Professional Microsoft Slovakia s.r.o.

More Control and Flexibility Vitalis Konopelec Technology Solution Professional Microsoft Slovakia s.r.o.
1 Secure Information Sharing Manager (SIS-M) Thesis 2007 Stephen D. Wise

1 Secure Information Sharing Manager (SIS-M) Thesis 2007 Stephen D. Wise
1.1 Installing Windows Server 2008 Windows Server 2008 Editions Windows Server 2008 Installation Requirements X64 Installation Considerations Preparing.

1.1 Installing Windows Server 2008 Windows Server 2008 Editions Windows Server 2008 Installation Requirements X64 Installation Considerations Preparing.
Report Distribution Report Distribution in PeopleTools 8.4 Doug Ostler & Eric Knapp 7264.

Report Distribution Report Distribution in PeopleTools 8.4 Doug Ostler & Eric Knapp 7264.
70-290: MCSE Guide to Managing a Microsoft Windows Server 2003 Environment Chapter 8: Implementing and Managing Printers.

70-290: MCSE Guide to Managing a Microsoft Windows Server 2003 Environment Chapter 8: Implementing and Managing Printers.
Hands-On Microsoft Windows Server 2003 Networking Chapter 1 Windows Server 2003 Networking Overview.

Hands-On Microsoft Windows Server 2003 Networking Chapter 1 Windows Server 2003 Networking Overview.
Systems Architecture, Fourth Edition1 Internet and Distributed Application Services Chapter 13.

Systems Architecture, Fourth Edition1 Internet and Distributed Application Services Chapter 13.
70-290: MCSE Guide to Managing a Microsoft Windows Server 2003 Environment, Enhanced Chapter 8: Implementing and Managing Printers.

70-290: MCSE Guide to Managing a Microsoft Windows Server 2003 Environment, Enhanced Chapter 8: Implementing and Managing Printers.
MCTS Guide to Microsoft Windows Server 2008 Network Infrastructure Configuration Chapter 8 Introduction to Printers in a Windows Server 2008 Network.

MCTS Guide to Microsoft Windows Server 2008 Network Infrastructure Configuration Chapter 8 Introduction to Printers in a Windows Server 2008 Network.
70-290: MCSE Guide to Managing a Microsoft Windows Server 2003 Environment Chapter 8: Implementing and Managing Printers.

70-290: MCSE Guide to Managing a Microsoft Windows Server 2003 Environment Chapter 8: Implementing and Managing Printers.
MCTS Guide to Microsoft Windows Server 2008 Network Infrastructure Configuration Chapter 11 Managing and Monitoring a Windows Server 2008 Network.

MCTS Guide to Microsoft Windows Server 2008 Network Infrastructure Configuration Chapter 11 Managing and Monitoring a Windows Server 2008 Network.
Server Roles and Features.NET Framework 3.51.NET Framework 4.5 IIS Web Server IIS Default Document IIS Directory Browsing IIS HTTP Errors.

Server Roles and Features.NET Framework 3.51.NET Framework 4.5 IIS Web Server IIS Default Document IIS Directory Browsing IIS HTTP Errors.
MCTS Guide to Microsoft Windows Server 2008 Network Infrastructure Configuration Chapter 2 Installing Windows Server 2008.

MCTS Guide to Microsoft Windows Server 2008 Network Infrastructure Configuration Chapter 2 Installing Windows Server 2008.
The Pros and Cons of Collecting Performance Data using Agentless Technology Dima Seliverstov John Tavares Tianxiang Zhang BMC Software, Inc.

The Pros and Cons of Collecting Performance Data using Agentless Technology Dima Seliverstov John Tavares Tianxiang Zhang BMC Software, Inc.

Similar presentations

Ads by Google