Performing Management tasks using Cimcmdlets - Processes

WMI provides a standardized system management infrastructure that can be leveraged by a number of different clients. WMI providers and the classes exposed by the providers help in various management tasks.

Our MSDN documentation lists a bunch of management scenarios and the corresponding Visual Basic samples, but it is much easier for an IT administrator to perform the same operations using PowerShell.

Customers have been requesting samples that will help them perform management tasks using PowerShell – therefore, in this series of blog posts we will be covering the PowerShell implementation of scenarios that are listed at the following MSDN page: https://msdn.microsoft.com/en-us/library/aa394585(v=vs.85).aspx

In this post we will be going over the scenarios specific to "Process Management" listed at : https://msdn.microsoft.com/en-us/library/aa394599(v=vs.85).aspx

 

Here are the corresponding PowerShell snippets:

1. Run an application in a hidden window:

PS:> $processStartupClass = Get-CimClass -ClassName Win32_ProcessStartup -Namespace root/cimv2

$processStartupInfo = New-CimInstance -cimclass $processStartupClass -Property @{ShowWindow =0} –Local 

PS:> $processClass = Get-CimClass -ClassName Win32_Process -Namespace root/cimv2

PS:> Invoke-CimMethod -CimClass $processClass -MethodName Create -Arguments @{commandline="notepad.exe"; ProcessStartupInformation = [CimInstance]$processStartupInfo}

 

2. Determine which scripts are running on the local computer:

 

PS:> $query = "SELECT * FROM Win32_Process WHERE Name = 'cscript.exe' OR Name = 'wscript.exe'"

PS:> $insts = Get-CimInstance -Query $query -Namespace root/cimv2

PS:> $insts | Select Name, commandline

 

 

3. Find out the account name under which a process is running:

PS:> $query = "Select * from Win32_Process"

PS:> $insts = Get-CimInstance -Query $query -Namespace root/cimv2

PS:> # OR

PS:> $insts = Get-CimInstance –ClassName Win32_Process –Namespace root/cimv2

PS:> $insts | %{

                         Write-host $_.CimInstanceProperties["Name"]

                          $owner = Invoke-CimMethod -InputObject $_ -MethodName GetOwner

                          $owner | Select Domain, User, PSComputerName

                       }

 

4. Change the priority of a running process:

PS:> $query = "Select * from Win32_Process Where Name = 'Notepad.exe'"

PS:> $insts = Get-CimInstance -Query $query -Namespace root/cimv2

PS:> $aboveNormal = 32768

PS:> $insts | %{

    Invoke-CimMethod -InputObject $_ -MethodName SetPriority -Arguments @{Priority = [Uint32]$aboveNormal}

 

5. Terminate a process using a script:

PS:> $query = "Select * from Win32_Process Where Name = 'Notepad.exe'"

PS:> Invoke-CimMethod -Query $query -MethodName Terminate

 

6. Determine how much processor time and memory each process is using:

$query = "Select * from win32_process"

$procs = Get-CimInstance -Query $query

# OR

$procs = Get-CimInstance –ClassName Win32_Process –Namespace root/cimv2

 

foreach($proc in $procs)

{

    $result = New-Object PSObject -Property @{

                                processorTime = ($proc.KernalModeTime + $proc.UserModeTime) / 10000000

                                Name = $proc.Name

                                ProcessID = $proc.ProcessId

                                WorkingSetSize = $proc.WorkingSetSize

                                PageFileUsage = $proc.PageFileUsage

                                PageFaults = $proc.PageFaults

                            }

                                                              

$result | Format-Table -Property @("Name", "ProcessID", "WorkingSetSize", "PageFileUsage", "PageFaults", "ProcessorTime")

}

 

 

7. Determine what applications are running on a remote computer:

$cimSession = New-CimSession remoteMachine –Credential $psCreds

$query = "Select * from Win32_Process"

$procs = Get-CimInstance -Query $query -CimSession $cimSession

# OR

$procs = Get-CimInstance –ClassName Win32_Process –Namespace root/cimv2

$procs | Format-Table –Property @(“Name", “ProcessID", “ThreadCount", “PageFileUsage", “PageFaults", “WorkingSetSize")

 

As mentioned above, this blog series will cover various management scenarios. The next post will be about Computer Hardware Management scenarios listed at: https://msdn.microsoft.com/en-us/library/aa394587(v=vs.85).aspx

 

Thanks

Vaibhav Chugh [MSFT]

Standards Based Management