WMI provides a standardized system management infrastructure that can be leveraged by a number of different clients. WMI providers and the classes exposed by the providers help in various management tasks.
Our MSDN documentation lists a bunch of management scenarios and the corresponding Visual Basic samples, but it is much easier for an IT administrator to perform the same operations using PowerShell.
Customers have been requesting samples that will help them perform management tasks using PowerShell – therefore, in this series of blog posts we will be covering the PowerShell implementation of scenarios that are listed at the following MSDN page: http://msdn.microsoft.com/en-us/library/aa394585(v=vs.85).aspx
In this post we will be going over the scenarios specific to "Process Management" listed at : http://msdn.microsoft.com/en-us/library/aa394599(v=vs.85).aspx
Here are the corresponding PowerShell snippets:
1. Run an application in a hidden window:
PS:> $processStartupClass = Get-CimClass -ClassName Win32_ProcessStartup -Namespace root/cimv2 $processStartupInfo = New-CimInstance -cimclass $processStartupClass -Property @{ShowWindow =0} –Local PS:> $processClass = Get-CimClass -ClassName Win32_Process -Namespace root/cimv2 PS:> Invoke-CimMethod -CimClass $processClass -MethodName Create -Arguments @{commandline="notepad.exe"; ProcessStartupInformation = [CimInstance]$processStartupInfo} |
2. Determine which scripts are running on the local computer:
PS:> $query = "SELECT * FROM Win32_Process WHERE Name = 'cscript.exe' OR Name = 'wscript.exe'" PS:> $insts = Get-CimInstance -Query $query -Namespace root/cimv2 PS:> $insts | Format-Table –Property @(“Name”, “commandline”)
|
3. Find out the account name under which a process is running:
PS:> $query = "Select * from Win32_Process" PS:> $insts = Get-CimInstance -Query $query -Namespace root/cimv2 PS:> # OR PS:> $insts = Get-CimInstance –ClassName Win32_Process –Namespace root/cimv2 PS:> $insts | %{ Write-host $_.CimInstanceProperties["Name"] $owner = Invoke-CimMethod -InputObject $_ -MethodName GetOwner $owner | Format-Table –Property @(“Domain”, “User”, “PSComputerName”) } |
4. Change the priority of a running process:
PS:> $query = "Select * from Win32_Process Where Name = 'Notepad.exe'" PS:> $insts = Get-CimInstance -Query $query -Namespace root/cimv2 PS:> $aboveNormal = 32768 PS:> $insts | %{ Invoke-CimMethod -InputObject $_ -MethodName SetPriority -Arguments @{Priority = [Uint32]$aboveNormal} } |
5. Terminate a process using a script:
PS:> $query = "Select * from Win32_Process Where Name = 'Notepad.exe'" PS:> Invoke-CimMethod -Query $query -MethodName Terminate |
6. Determine how much processor time and memory each process is using:
$query = "Select * from win32_process" $procs = Get-CimInstance -Query $query # OR $procs = Get-CimInstance –ClassName Win32_Process –Namespace root/cimv2
foreach($proc in $procs) { $result = New-Object PSObject -Property @{ processorTime = ($proc.KernalModeTime + $proc.UserModeTime) / 10000000 Name = $proc.Name ProcessID = $proc.ProcessId WorkingSetSize = $proc.WorkingSetSize PageFileUsage = $proc.PageFileUsage PageFaults = $proc.PageFaults }
$result | Format-Table -Property @("Name", "ProcessID", "WorkingSetSize", "PageFileUsage", "PageFaults", "ProcessorTime") }
|
7. Determine what applications are running on a remote computer:
$cimSession = New-CimSession remoteMachine –Credential $psCreds $query = "Select * from Win32_Process" $procs = Get-CimInstance -Query $query -CimSession $cimSession # OR $procs = Get-CimInstance –ClassName Win32_Process –Namespace root/cimv2 $procs | Format-Table –Property @(“Name", “ProcessID", “ThreadCount", “PageFileUsage", “PageFaults", “WorkingSetSize") |
As mentioned above, this blog series will cover various management scenarios. The next post will be about Computer Hardware Management scenarios listed at: http://msdn.microsoft.com/en-us/library/aa394587(v=vs.85).aspx
Thanks
Vaibhav Chugh [MSFT]
Standards Based Management