Windows Remote Management and WMI

Windows Remote Management can be used to retrieve data exposed by Windows Management Instrumentation (WMI and MI). You can obtain WMI data with scripts or applications that use the WinRM Scripting API or through the Winrm command-line tool.

WinRM supports most of the familiar WMI classes and operations, including embedded objects. WinRM can leverage WMI to collect data about resources or to manage resources on a Windows-based operating system. That means that you can obtain data about objects such as disks, network adapters, services, or processes in your enterprise through the existing set of WMI classes. You can also access the hardware data that is available from the standard WMI IPMI provider.

Identifying a WMI Resource

You can reference a WMI class as a resource in WinRM and in the WS-Management protocol: a type of managed entity, like a service or a disk.

A WMI class or method is identified by a URI, just as any other resource is when using the WS-Management protocol. The URI can specify a WMI resource (class), a WMI action (method), or identify a specific instance of a class in messages sent over a network. For more information, see Resource URIs.

Constructing the URI Prefix for WMI Classes

The URI prefix contains a fixed part and the WMI namespace. For example, the URI prefix in Windows Server that contains the fixed part of the prefix is: http://schemas.microsoft.com/wbem/wsman/1/wmi/ . This allows the URI prefix to be generated for any WMI namespace. For example, to access the root\default WMI namespace, use the following URI prefix: http://schemas.microsoft.com/wbem/wsman/1/wmi/root/default/ .

The majority of the WMI classes for management are in the root\cimv2 namespace. To access classes and instances in root\cimv2 namespace, use the URI prefix: http://schemas.microsoft.com/wbem/wsman/1/wmi/root/cimv2/ . For more information, see Resource URIs.

Generating a Complete URI for WMI Classes

The URI that you supply, either to the Winrm command-line tool or to a script, consists of the prefix plus the resource specification.

The following procedure describes how to generate a resource URI either to get a WMI class or to use in an enumerate operation.

To generate a resource URI for a WMI class

Start with the prefix that indicates the WS-Management protocol schema should be used.

The resource URI prefix for WMI classes is always the same. For more information, see URI Prefixes.

Add the WMI namespace to the prefix.

Add the class name.

To set the value of a property, or to invoke a specific method, add the required key value or values for the class.

If you leave the key value blank, you will not alter the original property value.

Leaving the key value blank sets the property value to NULL.

Locating a WMI Resource with WinRM

You can obtain WMI data either through the command-line tool, Winrm, or through a Visual Basic script that uses the WinRM Scripting API. You do not use a WMI path to locate a resource. Instead, you convert the WMI namespace and hierarchy to a URI.

The WinRM URI for a WMI class contains two parts: the URI prefix and the class that you want to access.

For example, the following URI can be supplied to the Session.Enumerate method to list all the services on a computer. The URI prefix is http://schemas.microsoft.com/wbem/wsman/1/wmi/root/cimv2/ , and the class is Win32_Service.

In WMI, list the data for all of the instances of a resource or class in several ways:

A query for all the instances of that resource.

Set colServices = objWMIService.ExecQuery(«Select * from Win32_Service»)

Set colServices = InstancesOf(«Win32_Service»)

In WinRM, there is one way to list all of the instances of a resource: Session.Enumerate.

Locating a Specific Instance of a WMI Resource

In WMI, you can designate a particular instance of a class either by specifying values for the key properties or by querying for an instance that matches a list of property values. Key properties have the WMI Key qualifier.

You can obtain a specific instance of a class in several ways:

A call to Session.Enumerate with the filter and dialect parameters to create a query.

A call to SWbemServices.Get. For Session.Get, you must supply one or more specific key values, preceded by a question mark (?).

The format of the URI for a specific instance is http://schemas.microsoft.com/wbem/wsman/1/wmi/root/cimv2/WMI\_Class?Key1=Value .

A WMI class may have more than one key. Key name-value pairs are separated by a «+» sign. In that case, the format is: http://schemas.microsoft.com/wbem/wsman/1/wmi/root/cimv2/Win32\_Service?Key1=Value1+Key2=Value2 .

The WinRM syntax to obtain a singleton WMI object is different from WMI. A singleton is a WMI class defined so that only one instance is allowed. Win32_CurrentTime or Win32_WMISetting are examples of a WMI singleton class.

The WMI syntax for singletons is shown in the following VBScript code example.

The following example shows the WinRM singleton syntax which does not use «@».

The following VBScript code example shows how to use a selector to get a specific instance of Win32_Processor.

Как активировать Windows Remote Management с помощью групповой политики

В этой статье, я попытаюсь рассказать, каким образом можно централизованно активировать и настроить службу Windows Remote Management (WinRM) на всех целевых компьютерах с помощью групповой политики. Напомню, что Windows Remote Management – это специальный сервис, позволяющий администраторам получить возможность удаленного доступа и управления клиентскими и серверными ОС Windows (и, думаю, если вы ранее пользовались набором утилит Microsoft Sysinternals PSTools, то WRM должен вам понравиться).
Возьмем обычный ПК с Windows 7, который включен в домен, и на котором не активирована функция Windows Remote Management. В командной строке введем следующую команду:

, должно появиться следующее сообщение об ошибке, свидетельствующее о том, что WRM не установлен:
WSMan Fault. The client cannot connect to the destination specified in the request. Error number: — 2144108526 0x80338012

Если нужно настроить WinRM вручную на отдельной системе, достаточно набрать команду:

В том случае, если нужно настроить WinRM на группе компьютеров, то можно воспользоваться специальными параметрами групповой политики. Интересующая нас политика находится в разделе: Computer Configuration -> Policies -> Windows Components -> Windows Remote Management (WinRM) -> WinRM Service. Нужно активировать следующие параметры:
• Allow automatic configuration of listeners
• Allow Basic Authentication

В разделе IPv4 filter укажем *, что означает, что компьютер может принимать подключения (а значит и управляющие команды) откуда угодно, это значит что листенеры на компьютере будет принимать запросы на всех IP интерфейсах.

Затем в разделе Computer Configuration -> Policies -> Windows Components -> Windows Remote Shell активируем пункт:
• Allow Remote Shell Access

И, наконец, нужно задать тип запуска у службы Windows Remote Service в «Автоматический» (Automatically). Напомню, что управлять способом запуска служб можно из следующего раздела групповых политик: Computer Configuration -> Windows Settings -> Security Settings ->System Services.

После активации WinRM с помощью групповой политики, на клиентской системе проверим статус службы с помощью знакомой команды:

Удостоверимся, что тип запуска службы WinRM задан в автоматический . Хотя по факту тип запуска «автоматический с задержкой», т.к. по умолчанию для службы WinRM задана задержка запуска (параметр DelayedAutoStart=1 в ветке HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\WinRM ).

Теперь, после активации WinRM с помощью групповой политики, данной системой можно управлять удаленно с помощью команд WinRS. Следующая команда откроет командную строку, запущенную на удаленной системе:

После появления окна командной строки вы можете выполнять и видеть результат выполнения любых команд на удаленном компьютере, как будто бы вы работаете за ним локально. Отметим, что на вашем управляющем компьютере WinRM также должна быть активирована.

Windows Remote Management

Purpose

Windows Remote Management (WinRM) is the Microsoft implementation of WS-Management Protocol, a standard Simple Object Access Protocol (SOAP)-based, firewall-friendly protocol that allows hardware and operating systems, from different vendors, to interoperate.

The WS-Management protocol specification provides a common way for systems to access and exchange management information across an IT infrastructure. WinRM and Intelligent Platform Management Interface (IPMI), along with the Event Collector are components of the Windows Hardware Management features.

Where applicable

You can use WinRM scripting objects, the WinRM command-line tool, or the Windows Remote Shell command line tool WinRS to obtain management data from local and remote computers that may have baseboard management controllers (BMCs). If the computer runs a Windows-based operating system version that includes WinRM, the management data is supplied by Windows Management Instrumentation (WMI).

You can also obtain hardware and system data from WS-Management protocol implementations running on operating systems other than Windows in your enterprise. WinRM establishes a session with a remote computer through the SOAP-based WS-Management protocol rather than a connection through DCOM, as WMI does. Data returned to WS-Management protocol are formatted in XML rather than in objects.

The Intelligent Platform Management Interface (IPMI) WMI provider is a standard WMI provider with classes that obtain BMC sensor data from computers with appropriate hardware. IPMI data can be accessed using the WinRM scripting API, the WMI Scripting, or COM APIs.

Developer audience

The developer audience is the IT Pro who writes scripts to automate the management of servers or the ISV developer obtaining data for management applications.

Run-time requirements

WinRM is part of the operating system. However, to obtain data from remote computers, you must configure a WinRM listener. For more information, see Installation and Configuration for Windows Remote Management. If a BMC is detected at system startup, then the IPMI provider loads; otherwise, the WinRM scripting objects and the WinRM command-line tool are still available.

In this section

Link to public WS-Management protocol specification, WinRM architecture, relationship to WMI, hardware management with the IPMI provider, configuration and installation.

Getting started using the WinRM scripting API and hardware management.

List of scripting interfaces defined by Microsoft Web Services for Management (WS-Management) Automation and class definitions of the WMI classes created by the IPMI provider and classes that communicate with the IPMI driver to obtain baseboard management controller (BMC) data.

About Windows Remote Management

Windows Remote Management is one component of the Windows Hardware Management features that manage server hardware locally and remotely. These features include a service that implements the WS-Management protocol, hardware diagnosis and control through baseboard management controllers (BMCs), and a COM API and scripting objects that allow you to write applications that communicate remotely through the WS-Management protocol. For more information about the public specification for WS-Management protocol, see Web Services for Management (WS–Management).

Components of WinRM and Hardware Management

The following is a list of components and features that are supplied by WinRM and hardware monitoring:

This scripting API enables you to obtain data from remote computers using scripts that perform WS-Management protocol operations.

Winrm.cmd

This command–line tool for system management is implemented in a Visual Basic Scripting Edition file (Winrm.vbs) written using the WinRM scripting API. This tool enables an administrator to configure WinRM and to get data or manage resources. For more information, see the online help provided by the command line Winrm /?.

Winrs.exe

This command line tool enables administrators to remotely execute most Cmd.exe commands using the WS-Management protocol. For more information, see the online help provided by the command line Winrs /?.

Intelligent Platform Management Interface (IPMI) driver and WMI provider

Hardware management through the Intelligent Platform Management Interface (IPMI) provider and driver enables you to control and diagnose remote server hardware through BMCs when the operating system is not running or deployed.

For more information, see the IPMI Provider.

The WMI service continues to run side-by-side with WinRM and provides requested data or control through the WMI plug-in. You can continue to obtain data from standard WMI classes, such as Win32_Process, as well as IPMI-supplied data. For more information about configuration and installation required for WinRM, see Hardware Management Introduction.

WS-Management protocol, a SOAP-based, firewall-friendly protocol, was designed for systems to locate and exchange management information. The intent of the WS-Management protocol specification is to provide interoperability and consistency for enterprise systems that have computers running on a variety of operating systems from different vendors.

WS-Management protocol is based on the following standard web service specifications: HTTPS, SOAP over HTTP (WS-I profile), SOAP 1.2, WS-Addressing, WS-Transfer, WS-Enumeration, and WS-Eventing. For more information about the current draft of the specification, see the Management Specifications Index Page.

Working with WinRM

For more information about writing WinRM scripts, see Using Windows Remote Management.

The following table lists topics that provide information about the WS-Management protocol, WinRM and WMI, how to specify management resources such as disk drives or processes.