Windows Management Instrumentation (WMI) is rooted in Configuration Manager and the product has been using WMI since its early days when Configuration Manager was previously known as System Management Server (SMS). WMI was introduced in SMS 2.0 and has been used in the product for client and server functions in every version since. For this very reason, it is highly likely that we will need to take a look at WMI at some point on our troubleshooting journey. So with this in mind, it's important that we learn to use one of the various tools available to us. A simple example of WMI usage in Configuration Manager would be collection membership query rules that are made from WMI Query Language (WQL), which is a similar syntax to SQL. Effectively, what we are doing in these commands is querying a WMI database in much the same way as we might with a SQL database. For example, if we need to check a specific value in a client inventory, then we can do this with WMI. Another useful example is when working with configuration baselines as we can check specific values ad hoc and predict or confirm expected compliance or non-compliance. We shall mention just a few tools but this really is a personal preference, what it is used for and how you like to work.
Firstly, the Windows Management Instrumentation Command Line (WMIC) is a command line utility that can be run from a Command Prompt or PowerShell console that allows us to view and manipulate WMI from a command line, which means we can use it in scripts and automation products, and perform easy remote commands. It is a popular option with many as it offers additional scripting functionality which makes it particularly helpful outside of troubleshooting too. A basic example of the syntax used with WMIC would be the following query that will return the Manufacturer, Model, and Name of a machine from WMI:
Wmic computersystem get manufacturer,model,name
This would return something like the following when ran against, for example, a Microsoft Surface Pro:
Manufacturer Model Name Microsoft Corporation Surface with Windows 8 Pro Surface-Pro
This is a very basic common usage example of WMIC when trying to obtain the model number of a machine and is commonly used for a task sequence step condition to apply model specific drivers. We will reference WMIC later in this book and show where else this tool can be useful.
WBEMTest is another WMI tool but this time with a graphical user interface that again—like WMIC—allows us to dig deep into WMI and look at the classes, instances, and namespaces, as well as perform amendments. It can be started from the Run dialog or from a Command Prompt by simply typing:
Wbemtest
We are then presented with the Windows Management Instrumentation Tester window, as shown in the following screenshot, and we can make a connection into our preferred namespace:
From here we can perform several tasks such as opening, enumerating, creating, and deleting classes and instances or performing queries. If we are performing ad hoc checks or simply prefer a point and click experience, then this could be the tool to use. However, along with the other WMI tools, we should know what we are looking for before getting too click happy, otherwise there is the potential to cause more damage than harm and give us more troubleshooting than we started with.
Finally, a brief introduction to the Microsoft mini-suite of WMI tools called WMI Administrative Tools: this is freely available in the download center and includes WMI CIM Studio, WMI Object Browser, WMI Event Registration Tool, and WMI Event Viewer. These tools mostly give away their function and, with the exception of the event viewer, offer us a browser-based view of WMI. These can be a good alternative to WMIC and WBEMTest as they can offer a wider view of WMI, which is often particularly useful for someone not overly familiar with the finer details of WMI.