Database Search

match allmatch any Look in all areasLook in current areas Check all datesPrevious dayPrevious 3 daysPrevious weekPrevious fortnightPrevious monthPrevious 2 monthsPrevious 3 monthsPrevious half-yearPrevious year

TechHome

	User Sample Code
	WMI_Scripter

• !Microsofts WMI Object Browser!
• !WMI Reference!
• !WMI Security!
• Add Key Qualifier
• Backup Event Log
• Best Way to Read Event Log via WMI
• Check if WMI is Installed
• Clear Event Log via WMI
• Close All but One Instance
• Detect If monitor is in Standby Mode
• Detect Resume From Standby
• Detect Standby or Hibernation Event
• Detecting Local Network Connectivity and Speed
• Determine Laptop or Destop System Enclosure
• Determine Machine Type
• Determining If a Machine is a Domain Controller
• Directory Watcher
• Display Refresh Rate
• Error 1261 on ConnectServer line
• Extract SN from Bios using WMI
• fileSizeEX returns 0 for the Pagefile.sys file
• Get Asset Tag From Dell Computers
• Get Daylight Savings Time
• Get Default Printer
• Get ipv6 IP Address via Host Name
• Get Owner of a Process
• Get Physical Memory
• Get Process List via WMI
• Get Remote Logged in User
• Get Specific Events
• Get Status of Network Adapter
• Get Win32_DiskDrive Data with DeviceID
• Install MSI apps
• Is Computer WMI Enabled UDF
• Last Reboot Time
• List Active Network Adapters
• List All Monitors
• List Available Screen Resolutions
• List Installed Modems
• List Namespaces
• List Processes on a Remote Computer
• List Scheduled Tasks
• Manufacturer Model and Serial from WMI
• Modify DNS Entries
• Monitor Events
• Obtain the Name of the Domain to which the Computer Belongs
• PCMCIA Card Detection
• Physical Memory Inspection
• Ping Status
• Remote Number of Drives
• Remote Process UDFs
• Run an Application on a Remote Computer
• Search Eventlog Example
• Set Adapter Speed Duplex
• SetDNSSuffixSearchOrder MisMatched Type Error
• System Restore Point
• Total CPU Usage
• Using WMI List Applications
• Win32_EncryptableVolume
• Win32_SerialPort Information via WMI
• Windows NT Schedule Service - AT
• WMI - Processor Info
• WMI and Arrays
• WMI and Get IPAddress Property
• WMI and Remote Interactive Desktop Scripts
• WMI and WinPE
• WMI causing LLSMGR to start
• WMI ExecQuery
• WMI Get Fan Speed
• WMI Get MAC Address and NIC info
• WMI hangs
• WMI ObjectOpen Problem on Windows 95
• WMI Query Paths Need Double Backslashes
• WMI Related Resources
• WMI Scriptomatic
• wntGetCon using WMI
• WQL LIKE Operator

Can't find the information you are looking for here? Then leave a message over on our WinBatch Tech Support Forum.

WMI and Remote Interactive Desktop Scripts

---

Question:

I was looking through the WMI scripts and was wondering if there was a way to have WMI create a process on a remote machine, that interacted with the desktop of said remote machine.

It seems that you can have processes started, but not have them appear to the user, as in query a bunch of info and create a log of some sort.

What i am trying to accomplish is sending key strokes to a series of windows, to restart reports that should be running in those windows, kinda like running "top" in telnet, on said remote machine. Am I on a fishing trip here? can this be done, either through WMI or AT command, or something else?

Answer:

The problem has to do with the security on the windowstation & desktop objects that are associated with the interactive system console. Service processes running under the Local System account can have access to the desktop, but other processes don't for security reasons. However, a sufficiently privileged process that already has access to windowstation & desktop can alter the permissions to allow that access. This happens in the wntRunAsUser() function when you use it to impersonate another user. If this step was not performed, your script would lose access to the desktop once it began impersonating another user.

In a nutshell, with some careful planning and use of the proper privileges you might be able to write a script that WMI can launch on a remote system, and then that script might be able to alter the proper permissions in order to permit child processes that it creates to access the desktop. There's a lot of IF's in there. I wouldn't bet the farm on being able to do it, though, as attempting to do that is basically attempting to circumvent security features that are built into the Windows NT platform, and which exist for a good reason. Allowing processes running under other user's credentials to interact with the desktop can result in a loss of privacy & security w/respect to the data & programs being run by the user on the interactive console.

On trick involves using WMIs Win32_ScheduledJob to launch the processes locally on the remote machine. To do this we connect to the WMI service on the remote machine and then use the GET method to connect to the Win32_ScheduledJob class.

compiledscript = 'c:\temp\interactiveWB.exe'
UTC_Time =  '********104500.000000-420'  ; Run at 10:45 AM
interactive = @True
servername = 'server01'

; Copy the script to the remote computer
FileCopy( compiledscript, '\\' : server : '\C$\script\*.*', @True )

; Schedule job to run on the remote computer using the interactive flag.
objWMIService = ObjectGet( 'winmgmts:\\' : server : '\root\cimv2' )
objJob = objWMIService.Get( 'Win32_SceduledJob' )

ret = objJob.Create( compiledscript, UTC_Time, @False, 2, , interactive, '' ) 

objJob = 0
objWMIService = 0

Because your compiled script is started locally on the remote machine, that means it will run in a visibile window and be totally interactive. Any dialogs displayed ny the script will be accessible to the end user.

---

Article ID:   W16757

File Created: 2012:11:14:10:50:08

Last Updated: 2012:11:14:10:50:08