PowerShell for Windows Admins

Dec 13 2009   4:58AM GMT

System Discovery Part 1

Richard Siddaway Richard Siddaway Profile: Richard Siddaway


WMI can supply a huge amount of information about our systems. The problem is more one of discovering what is available rather than getting the data back.

We can start by looking at the WMI classes available in the default Namespace (root\cimv2)

Get-WmiObject -Namespace ‘root\cimv2’ -List | Format-Wide -Property Name -Column 3

Format-Wide is not a cmdlet you will see in many scripts but it is very useful when you only want to display a single property. We can control the number of columns that are displayed to limit the amount of scrolling up and down.

If you run this command you will see a lot of WMI classes!  A quick glance shows us that many of them start with Win32_ and have what appears to be interesting suffixes.  Let’s limit our search to the Win32_ classes

Get-WmiObject -Namespace ‘root\cimv2’ -List Win32_* | Format-Wide -Property Name -Column 3

One that pops out of the list is Win32_OperatingSystem

PS> Get-WmiObject -Class Win32_OperatingSystem

SystemDirectory : C:\Windows\system32

Organization    :

BuildNumber     : 7600

RegisteredUser  : Richard

SerialNumber    : 00426-065-1155216-86852

Version         : 6.1.7600

That seems like a lot of effort for little return. Let’s dig a bit deeper.

Get-WmiObject -Class Win32_OperatingSystem | Format-List *

Will show us a lot more information – but it isn’t necessarily in the order we require or use easily. We can quite easily select the fields we want to use

PS> Get-WmiObject -Class Win32_OperatingSystem | Format-List CSName, Caption, ServicePackMajorVersion, ServicePackMinorVersion, BuildNumber, Version, OSArchitecture, SystemDevice, SystemDrive, WindowsDirectory, SystemDirectory, OSLanguage, OSProductSuite, OSType, CodeSet, CountryCode, EncryptionLevel, ForegroundApplicationBoost,  DataExecutionPrevention_32BitApplications, DataExecutionPrevention_Available, DataExecutionPrevention_Drivers, DataExecutionPrevention_SupportPolicy, InstallDate, LastBootUpTime, LocalDateTime, Locale, FreePhysicalMemory, SizeStoredInPagingFiles, FreeSpaceInPagingFiles, TotalVisibleMemorySize, TotalVirtualMemorySize, FreeVirtualMemory

Which gives us a nicely formatted and organised look at our machine. Get-WmiObject has a -computername parameter which means we can access this information for remote machines. Now we can start to see how our machines are configured.

If you run this you will see that a number of the fields return numbers – we will look at unravelling those codes next. The other issue we have is the way dates are returned again that is a task for next time.

 Comment on this Post

There was an error processing your information. Please try again later.
Thanks. We'll let you know when a new response is added.
Send me notifications when other members comment.

Forgot Password

No problem! Submit your e-mail address below. We'll send you an e-mail containing your password.

Your password has been sent to:

Share this item with your network: