Tip: Windows internals using wmi

Discussion in 'Python' started by Colin Brown, Oct 3, 2003.

  1. Colin Brown

    Colin Brown Guest

    Recently I was looking for remote management tools and came across
    "Windows Management Instrumentation". There is a python interface
    available:

    http://tgolden.sc.sabren.com/python/wmi.html

    I was amazed how easy it became to access just about anything under
    the hood (later versions of NT, 2000, XP) using a couple of lines of code!
    If you have privileged access to remote computers you can interrogate
    them as well. My attempts to modify things were less successful :-(

    Colin Brown
    PyNZ

    With python, win32all and wmi installed, try these code snippets
    to get some idea of what is available:

    -------------------------------
    import wmi
    w = wmi.WMI()
    for process in w.Win32_Process():
    if process == 'python':
    print process
    -------------------------------
    import wmi
    c = wmi.WMI()
    list = c.classes
    out = []
    for item in list:
    if item[:1] <> '_':
    out.append(item)

    open('classes.txt','w').write('\r\n'.join(out))
    print 'View classes.txt in a browser'
    ---------------------------
    import wmi
    c = wmi.WMI()
    for x in c.Win32_NetworkAdapter():
    print x
    --------------------------
    Colin Brown, Oct 3, 2003
    #1
    1. Advertising

  2. Colin Brown

    Tim Golden Guest

    "Colin Brown" <> wrote in message news:<3f7ccaee$>...
    > Recently I was looking for remote management tools and came across
    > "Windows Management Instrumentation". There is a python interface
    > available:
    >
    > http://tgolden.sc.sabren.com/python/wmi.html
    >
    > I was amazed how easy it became to access just about anything under
    > the hood (later versions of NT, 2000, XP) using a couple of lines of code!


    Well it's always nice to know one's code is being
    used - thank you for the free advertising! Just in
    case it wasn't well-known, you can get WMI patches
    for Win9x and NT4 (not 3.51, I think) which is
    essential for those of us still running quite a number
    of older machines.

    I suspect you've already seen it, but the cookbook page
    (http://tgolden.sc.sabren.com/python/wmi_cookbook.html)
    is always happy to receive new examples of things you've
    found useful. Just email me with your examples.

    The business of remote administration can be quite
    a pain. You need to go through the levels of WMI,
    DCOM, NT/2K(3) and possibly AD security to get the
    access you want. I'm trying to put together a useful
    hints page - any experience you have (good or bad)
    will be gratefully received.

    TJG
    Tim Golden, Oct 3, 2003
    #2
    1. Advertising

  3. Colin Brown

    Hamster Guest

    Re: Windows internals using wmi

    Hi

    This run OK on my Windows-XP, but no-run on Windows-2000 :


    def wprocess(lstSuppr=[]):
    import win32com,win32com.client
    WMIService
    =win32com.client.GetObject(r'winmgmts:{impersonationLevel=impersonate}!//.\r
    oot\cimv2')
    listProcess = WMIService.ExecQuery('Select * from Win32_Process')
    for item in listProcess:
    print ''
    print 'Nom :',item.Name
    print 'Ligne de commande :',item.CommandLine
    print 'Descriptif :',item.Description
    print 'Path d\'exécution :',item.ExecutablePath
    print 'Statut :',item.Status
    print 'Pririté :',item.Priority
    print 'Caption :',item.Caption
    print 'IdProcess :',item.ProcessId
    print 'IdProcess Parent :',item.ParentProcessId
    if item.name in lstSuppr:
    try:
    item.Terminate()
    except:
    pass


    #wprocess()
    wprocess(['notepad.exe','WINWORD.EXE']) # supprime certains process





    @-salutations
    --
    michel Claveau
    Hamster, Oct 4, 2003
    #3
  4. Colin Brown

    MetalOne Guest

    Can WMI be used to change environment variables such as PATH.
    The Environment Variables Dialog in Windows is complete crap.
    I might like to write a new environment variable editor in Python.
    MetalOne, Oct 4, 2003
    #4
  5. Colin Brown

    Colin Brown Guest

    "MetalOne" <> wrote in message
    news:...
    > Can WMI be used to change environment variables such as PATH.
    > The Environment Variables Dialog in Windows is complete crap.
    > I might like to write a new environment variable editor in Python.


    ----------------------------------------------------------------------------
    ---------------------------
    Hi MetalOne

    I am not an expert on wmi having only just chanced upon it myself. However
    some quick browsing gives:

    The documentation for Win32_Environment (Google Win32_Environment) says that
    wmi returns registry
    information but does not provide methods for changing them.

    From: http://support.microsoft.com/default.aspx?scid=kb;en-us;Q322756#3f
    Use Windows Management Instrumentation
    Windows Management Instrumentation (WMI) is a component of the Microsoft
    Windows operating system and is the Microsoft implementation of Web-Based
    Enterprise Management (WBEM). WBEM is an industry initiative to develop a
    standard technology for accessing management information in an enterprise
    environment. You can use WMI to automate administrative tasks (such as
    editing the registry) in an enterprise environment. You can use WMI in
    scripting languages that have an engine on Windows and handle Microsoft
    ActiveX objects. You can also use the WMI Command-Line utility (Wmic.exe) to
    modify the Windows registry.

    For additional information about WMI, visit the following Microsoft Web
    site:
    http://msdn.microsoft.com/library/en-us/wmisdk/wmi/wmi_start_page.asp

    For additional information about the Wmic.exe, click the following article
    number to view the article in the Microsoft Knowledge Base:
    290216 A Description of the Windows Management Instrumentation Command-Line
    Utility

    Following down these links gets to:

    http://msdn.microsoft.com/library/default.asp?url=/library/en-us/dnclinic/ht
    ml/scripting06112002.asp

    http://msdn.microsoft.com/library/default.asp?url=/library/en-us/dnclinic/ht
    ml/scripting08132002.asp

    These are well worth a look if you want to know what wmi is all about. Table
    1 indicates that you use the "Registry provider" wmi interface for
    modifying registry settings. I do not know if the python wmi interface
    supports this.

    There is a utility for testing wmi: run wbemtest


    Colin Brown
    PyNZ
    Colin Brown, Oct 5, 2003
    #5
  6. Colin Brown

    John J. Lee Guest

    "Colin Brown" <> writes:

    > "MetalOne" <> wrote in message
    > news:...

    [...]
    > The documentation for Win32_Environment (Google Win32_Environment) says that
    > wmi returns registry information but does not provide methods for changing them.

    [...skip to a quote from MS docs...]
    > environment. You can use WMI to automate administrative tasks (such as
    > editing the registry) in an enterprise environment. You can use WMI in

    [...back to MetalOne...]
    > These are well worth a look if you want to know what wmi is all about. Table
    > 1 indicates that you use the "Registry provider" wmi interface for
    > modifying registry settings. I do not know if the python wmi interface

    [...]

    So it *does* allow hanging registry information? You seem to be
    contradicting your own introduction.


    John
    John J. Lee, Oct 6, 2003
    #6
  7. Colin Brown

    Tim Golden Guest

    "Colin Brown" <> wrote in message news:<3f808185$>...
    > Following down these links gets to:
    >
    > http://msdn.microsoft.com/library/default.asp?url=/library/en-us/dnclinic/ht
    > ml/scripting06112002.asp
    >
    > http://msdn.microsoft.com/library/default.asp?url=/library/en-us/dnclinic/ht
    > ml/scripting08132002.asp
    >
    > These are well worth a look if you want to know what wmi is all about. Table
    > 1 indicates that you use the "Registry provider" wmi interface for
    > modifying registry settings. I do not know if the python wmi interface
    > supports this.


    May I also recommend:

    http://www.microsoft.com/technet/tr...echnet/scriptcenter/scrguide/sas_reg_fzit.asp

    which gives something of a worked example.

    As to whether the Python wmi interface will handle
    this, it depends... The wmi module is a fairly
    lightweight wrapper around Mark Hammond's win32com
    module, proxying a few GetObject and attribute calls,
    so following the example above, this should be possible:

    import wmi
    c = wmi.WMI (moniker="winmgmts://localhost/root/default")
    for i in c.StdRegProv ():
    reg = i

    reg.EnumValues etc. etc.

    However... when I try this on my Win2k machine
    I run into two problems:

    1) The root\default namespace (which the registry
    provider uses) does not have the SubclassesOf method
    which the module uses to determine available classes
    and give you the easy attribute access.

    2) Even when you use the wmi object's instances
    method to query for the StdRegProv directly, it
    doesn't complain (as it does if, for example,
    you ask it for foobar) but it doesn't return
    any instances either.

    [NB For the purposes of this example
    I've patched the WMI __init__ method
    to ignore SubclassesOf]

    >>> c = wmi.WMI (moniker="winmgmts://localhost/root/default")
    >>> print c.instances ("StdRegProv")

    []
    >>> print c.instances ("foobar")

    Traceback (most recent call last):
    File "<stdin>", line 1, in ?
    File "o:\python-site-packages\wmi.py", line 466, in instances
    handle_com_error (error_info)
    File "o:\python-site-packages\wmi.py", line 111, in handle_com_error
    raise x_wmi, "\n".join (exception_string)
    wmi.x_wmi: 0x80041010 - OLE error 0x80041010
    >>>


    Just for the moment this has me flummoxed.
    I suspect there's some extra bit of compiling
    or setting up that has to be done at the WMI end,
    but at present I don't have the time (or the
    need for myself) to look. If anyone has any luck,
    please let me know and if needs be I'll patch the
    module to cope.

    Once the wmi object wraps the StdRegProv, everything
    else should fall out nicely (but see my earlier
    remarks concerning remote security).

    TJG
    Tim Golden, Oct 7, 2003
    #7
  8. Colin Brown

    Colin Brown Guest

    Thanks for your comments Tim. Sadly I find myself in the same position
    as yourself with regard to need and time to investigate this further.

    I note that there is a third article in WMI Scripting Primer's:

    http://msdn.microsoft.com/library/default.asp?url=/library/en-us/dnclinic/ht
    ml/scripting06112002.asp

    which states:
    "Modifying the Properties of a Managed Resource
    In Windows 2000, WMI is primarily a read-only technology. Of the 4,395
    properties defined in the Windows 2000 root\cimv2 namespace, only 39
    properties are writeable. Those numbers improve in Microsoft® Windows® XP,
    where 145 of approximately 6560 properties are writeable. And the numbers
    get even better in Windows Server 2003."

    It appears to be evolving technology, currently targetted more at inspection
    than management!

    Colin Brown
    PyNZ
    Colin Brown, Oct 7, 2003
    #8
  9. Colin Brown

    Tim Golden Guest

    "Colin Brown" <> wrote in message news:<>...
    > Thanks for your comments Tim. Sadly I find myself in the same position
    > as yourself with regard to need and time to investigate this further.
    >
    > I note that there is a third article in WMI Scripting Primer's:
    >
    > http://msdn.microsoft.com/library/default.asp?url=/library/en-us/dnclinic/ht
    > ml/scripting06112002.asp
    >
    > which states:
    > "Modifying the Properties of a Managed Resource
    > In Windows 2000, WMI is primarily a read-only technology. Of the 4,395
    > properties defined in the Windows 2000 root\cimv2 namespace, only 39
    > properties are writeable. Those numbers improve in Microsoft® Windows® XP,
    > where 145 of approximately 6560 properties are writeable. And the numbers
    > get even better in Windows Server 2003."
    >
    > It appears to be evolving technology, currently targetted more at inspection
    > than management!
    >
    > Colin Brown
    > PyNZ


    Interesting indeed. Further investigation
    (which I *really* didn't have the time to do!)
    threw up several articles by Microsoft which
    talked about having to compile / set something
    up / register COM services / other arcane stuff
    in order to use the Registry provider.

    I can't lay my hands on the URL (and it would
    have changed by the time you read this) but it
    put me off somewhat -- also, I can't understand
    why they didn't just build it in from the start:
    it's not as though the Registry is some little-used
    backwater of the Operating System!

    If you come across anything useful, or find the
    energy to get something working with this, let me
    know.

    Thanks. TJG
    Tim Golden, Oct 8, 2003
    #9
    1. Advertising

Want to reply to this thread or ask your own question?

It takes just 2 minutes to sign up (and it's free!). Just click the sign up button to choose a username and then you can ask your own questions on the forum.
Similar Threads
  1. Jobs Gooogle
    Replies:
    2
    Views:
    472
    Patricia Shanahan
    May 11, 2007
  2. Jobs Gooogle
    Replies:
    1
    Views:
    312
    Victor Bazarov
    May 10, 2007
  3. Jobs Gooogle

    .Net VC++ Java C++ Windows Internals Unix Internals

    Jobs Gooogle, May 10, 2007, in forum: C Programming
    Replies:
    0
    Views:
    351
    Jobs Gooogle
    May 10, 2007
  4. Jobs Gooogle
    Replies:
    0
    Views:
    122
    Jobs Gooogle
    May 10, 2007
  5. David Mark
    Replies:
    16
    Views:
    909
    Scott Sauyet
    Nov 11, 2011
Loading...

Share This Page