Command Line WMI: Basic Syntax and Querying

Posted on April 12, 2012 by Jeff Hicks in Windows Server with 0 Comments

If you are an IT Pro responsible for managing desktops and/or servers in a Windows environment, then you have to know how to take advantage of Windows Management Instrumentation, or WMI — Microsoft’s implementation of an industry standard for providing management information to all of the software and hardware elements that make up a modern Windows-based computer.

This is a three-part series on Windows Management Instrumentation. Today we’ll look at basic syntax and querying for the local computer, discovering ways to gather WMI information using the command line tool WMIC. In part two, we’ll learn how to query remote machines and work with WMIC right from the command line. And finally, in part three we’ll take a closer look at some advanced ways of formatting data.

I’ll cover the nuts and bolts in a future article, but for now think of WMI as a database that you can query. The “tables” are WMI classes that describe things like the BIOS, operating system, logical disk, or product. Many management software packages query WMI for their information and you can do the same thing. I’m going to show you how and you don’t have to do a single bit of scripting or even use a single PowerShell command.

Windows XP shipped with a command line utility called WMIC. This tool offered command line access to WMI locally and remotely. Here’s a little tidbit: the man behind WMIC was Jeffrey Snover, who went on to bring us PowerShell. After using WMIC a bit you can see the beginnings of PowerShell. Even though I think using PowerShell is more efficient, I realize many people are still thinking about moving to it. WMIC is easy to use and should come already installed.

Sponsored

WMIC can be used interactively or with a command expression, much the same way you might use NETSH. I’ll start an interactive WMIC session on my Windows 7 desktop.

To discover how to use it, ask for help:

Or you can use this to get very detailed help.

Don’t panic with what you see. The basic syntax is pretty easy. What you really want to pay attention to are the aliases. These aliases are supposedly friendlier versions of the actual WMI classes. You don’t have to somehow learn or discover the Win32_OperatingSystem class. Instead, you can use the OS alias.

I’m not showing the result because frankly it doesn’t format very well and is hard to read. That’s ok. Again, let’s ask for help.

I see something that looks more promising, but I’m not sure how to use it. Again, I’ll ask for help. Are you picking up on a theme?

If you run this command, you’ll see there are a few property packages. Let’s look at one.

Still not pretty. I’ll save you the time of having to go back through the help.

Once you discover the property names you can use the Get command.

In fact, here’s a technique you should be able to use with any alias to list all of an alias’ properties.

Some WMI classes will return multiple results for each instance of a matching object, such as logical disks.

Usually you want to limit your query. In this scenario, let’s only get fixed drives like C:\. In fact, I’ll combine a few commands into one, using a WHERE query to find all logical disks that have a drive type property of 3.

Sponsored

The output is always sorted alphabetically by property name. One thing to be careful of is that when using a query with a string comparison, you need to put in quotes.

You can use single or double quotes; it doesn’t matter. You can even construct complex queries.

This is a list of all services that are configured to auto start but are not running. How useful would that be! When you are finished using WMIC, simply type Quit or Exit.

Conclusion

Next time I’ll show you how to query remote machines and work with WMIC right from the command line.

Sponsored