Detailed explanation of Windows WMIC command usage
First executionWMICWhen commanded,WindowsFirst installWMIC, then displaysWMICcommand line prompt. existWMICOn the command line prompt, the command is executed interactively.
implement"wmic"Command StartWMICCommand line environment. This command can beXPor.NET ServerStandard command line interpreter ()、TelnetExecutes in the session or Run dialog box. These startup methods can be used locally or through.NET ServerTerminal service session usage.
wimicThere are two ways to run:
1. EnterwimicAfter entering the command to run, typewimicAppears laterwmic:root\cli>You can enter commands, such asprocessShow all processes. If you don't know what commands you can enter/?to show help.exitIt is to exit interactive mode. The specific help usage is as follows:
Command line help
Order example illustrate
/? or -? Syntax for displaying all global switches and alias
/ /? /user /? Display information about the specified global switch
/? class /? Display information about a command
/? memcache /? Display information for an alias
/? temperature get /? Show information about aliases and verb combinations
/?:Full irq get /?:Full Show verb help information
For example: I want to checkprocessCommand Help, type:process/?The following is displayed:
wmic:root\cli>process /?
PROCESS - Process management.
hint: BNF alias usage of .
(<alias> [WMIObject] | <alias> [<path where>] | [<alias>] <path where>) [<verb clause>].
usage:
PROCESS ASSOC [<format specifier>]
PROCESS CALL <method name> [<actual param list>]
PROCESS CREATE <assign list>
PROCESS DELETE
PROCESS GET [<property list>] [<get switches>]
PROCESS LIST [<list format>] [<list switches>]
2. usewimic Run it directly with the command, such aswmic process It shows all processes. These two ways of running are:Interactive mode(Interactive mode)andNon-interactive mode(Non-Interactive mode)。
Here are some examples to illustrate the usage:
Show process details
enter process where name="" list full
Will displayAll the information of the process is as follows:
CommandLine="D:\mytools\Maxthon2\"
CSName=CHINA-46B1E8590
Description=
ExecutablePath=D:\mytools\Maxthon2\
ExecutionState=
Handle=684
HandleCount=2296
InstallDate=
KernelModeTime=3495000000
MaximumWorkingSetSize=1413120
MinimumWorkingSetSize=204800
Name=
OSName=Microsoft Windows XP Professional|C:\WINDOWS|
OtherOperationCount=307814
OtherTransferCount=60877207
PageFaults=1367971
PageFileUsage=89849856
ParentProcessId=1924
PeakPageFileUsage=90091520
PeakVirtualSize=385802240
PeakWorkingSetSize=94031872
Priority=8
PrivatePageCount=89849856
ProcessId=684
QuotaNonPagedPoolUsage=43496
QuotaPagedPoolUsage=257628
QuotaPeakNonPagedPoolUsage=72836
QuotaPeakPagedPoolUsage=271372
ReadOperationCount=85656
ReadTransferCount=121015982
SessionId=0
Status=
TerminationDate=
ThreadCount=57
UserModeTime=1778750000
VirtualSize=353206272
WindowsVersion=5.1.2600
WorkingSetSize=93716480
WriteOperationCount=30940
WriteTransferCount=24169673
Stop, pause and run service functions
- Start the servicestartservice,
- Stop servicestopservice,
- Service Unavailablepauseservice
- Service where caption="windows time" call stopservice ------Stop service
- Service where caption="windows time" call startservice ------Start the service
- Service where name="w32time" call stopservice ------Stop service, be carefulnameandcaptionThe difference.
caption Show service namenameService name, such as: telnetThe display name of the service istelnet The service name istlntsvr,besidesWindows TimeThe name of the service isw32time The display name is"Windows Time"To enclose it in quotes, it mainly has a space.
Take a look at it specifically: InputService where caption="windows time" call startserviceThere is a confirmation input afterwardyThat's fine, go backReturnValue = 0;Indicates success
wmic:root\cli>Service where caption="windows time" call startservice
implement (\\CHINA-46B1E8590\ROOT\CIMV2:Win32_Service.Name="W32Time")->startservice()
The method was executed successfully.
Output parameters:
instance of __PARAMETERS
{
ReturnValue = 0;
};
wmic:root\cli>
ShowBIOSinformation wmic bios list full
You may have noticed that there are two parameters in the above command linelistandfull。listDetermine the format and range of information displayed, it hasBrief、Full、Instance、 Status、System、Writeableetc.,fullIt's just a parameter, it's alsolistThe default parameter of , indicates that all information is displayed. Several other parameters, as the name suggests,BriefIt means that only summary information is displayed.InstanceIndicates that only object instances are displayed.StatusIndicates the display object status,WriteableIndicates that only the writable attribute information of the object is displayed, etc.
Stop the process operation
For example, executing the following command will close the running:
example1. wmic process where name='' call terminate
After the command is run,WMICThe command line prompts the following results:
C:\>wmic process where name='' call terminate
implement (\\CHINA-46B1E8590\ROOT\CIMV2:Win32_Process.Handle="728")->terminate()
The method was executed successfully.
Output parameters:
instance of __PARAMETERS
{
ReturnValue = 0;
};
example2. wmic process where name="" delete
After the command is run,WMICThe command line prompts the following results:
C:\>wmic process where name="" delete
Delete Example \\CHINA-46B1E8590\ROOT\CIMV2:Win32_Process.Handle="2820"
The example was deleted successfully.
List all processes wmic process
Connect to a remote computer
★★Connect to a remote computer, but it seems that you need to open some corresponding services.
wmic /node:"192.168.203.131" /password:"" /user:"administrator"
BIOS - Basic input/Output service (BIOS) manage
★★CheckbiosVersion model
wmic bios get Manufacturer,Name
WMICset upIPaddress
★★Configure or updateIPaddress:
wmic nicconfig where index=0 call enablestatic("192.168.1.5"), ("255.255.255.0") ;index=0Description: Configure the network interface1。
Configure the gateway (default routing):
wmic nicconfig where index=0 call setgateways("192.168.1.1"),(1)
COMPUTERSYSTEM - Computer system management
★★View system startup options,bootContents
wmic COMPUTERSYSTEM get SystemStartupOptions
★★View Working Group/domain
wmic computersystem get domain
★★Change the computer nameabcfor123
wmic computersystem where "name='abc'" call rename 123
★★Change the WorkgroupgoogleforMyGroup
wmic computersystem where "name='google'" call joindomainorworkgroup "","","MyGroup",1
CPU - CPU manage
★★Checkcpumodel
wmic cpu get name
DATAFILE - DataFile manage
★★FindeDown the platetestTable of contents(Not including subdirectories)Nextdocument
wmic datafile where "drive='e:' and path='\\test\\' and FileName='cc' and Extension='cmd'" list
★★FindeAll directories and subdirectories under diskdocument,And the file size is greater than1K
wmic datafile where "drive='e:' and FileName='cc' and Extension='cmd' and FileSize>'1000'" list
★★deleteeThe file size under disk is greater than10Mof.cmddocument
wmic datafile where "drive='e:' and Extension='cmd' and FileSize>'10000000'" call delete
★★deleteeDown the platetestTable of contents(Not including subdirectories)The following non.cmddocument
wmic datafile where "drive='e:' and Extension<>'cmd' and path='test'" call delete
★★copyeDown the platetestTable of contents(Not including subdirectories)NextFile toe:\,And renamed
wmic datafile where "drive='e:' and path='\\test\\' and FileName='cc' and Extension='cmd'" call copy "e:\"
★★Change namec:\forc:\
wmic datafile "c:\\" call rename c:\
★★FindhThe directory under the disk containstest,File name containsperl,The suffix istxtFiles
wmic datafile where "drive='h:' and extension='txt' and path like '%\\test\\%' and filename like '%perl%'" get name
DESKTOPMONITOR - Monitor Management
★★Get screen resolution
wmic DESKTOPMONITOR where Status='ok' get ScreenHeight,ScreenWidth
DISKDRIVE - Physical disk drive management
★★Get physical disk model size, etc.
wmic DISKDRIVE get Caption,size,InterfaceType
ENVIRONMENT - System environment settings management
★★GettempEnvironment variables
wmic ENVIRONMENT where "name='temp'" get UserName,VariableValue
★★ChangepathEnvironment variable value,Newe:\tools
wmic ENVIRONMENT where "name='path' and username='<system>'" set VariableValue="%path%;e:\tools"
★★Added system environment variableshome,The value is%HOMEDRIVE%%HOMEPATH%
wmic ENVIRONMENT create name="home",username="<system>",VariableValue="%HOMEDRIVE%%HOMEPATH%"
★★deletehomeEnvironment variables
wmic ENVIRONMENT where "name='home'" delete
FSDIR - File directory system project management
★★FindeThe name under the disk istestTable of Contents
wmic FSDIR where "drive='e:' and filename='test'" list
★★deletee:\testExclude the directory under the directoryabcAll directories
wmic FSDIR where "drive='e:' and path='\\test\\' and filename<>'abc'" call delete
★★deletec:\goodFolders
wmic fsdir "c:\\good" call delete
★★Renamec:\goodThe folder isabb
wmic fsdir "c:\\good" rename "c:\abb"
LOGICALDISK - Local storage device management
★★Get hard disk system format, total size, available space, etc.
wmic LOGICALDISK get name,Description,filesystem,size,freespace
NIC - Network interface controller (NIC) manage
OS - Installed operating system management
★★Set system time
wmic os where(primary=1) call setdatetime 20070731144642.555555+480
PAGEFILESET - Page file settings management
★★Change the initial size and maximum value of the current page file
wmic PAGEFILESET set InitialSize="512",MaximumSize="512"
★★Page file settings tod:\Down,Execute the following two commands
wmic pagefileset create name='d:\',initialsize=512,maximumsize=1024
wmic pagefileset where"name='c:\\'" delete
PROCESS - Process Management
★★List the core information of the process,Similar to Task Manager
wmic process list brief
★★Finishprocess,The path is nonC:\WINDOWS\system32\of
wmic process where "name='' and ExecutablePath<>'C:\\WINDOWS\\system32\\'" call Terminate
★★Newnotepadprocess
wmic process call create notepad
PRODUCT - Installation package task management
★★Installation package inC:\WINDOWS\InstallerIn the directory
★★uninstall.msiInstallation package
wmic PRODUCT where "name='Microsoft .NET Framework 1.1' and Version='1.1.4322'" call Uninstall
★★repair.msiInstallation package
wmic PRODUCT where "name='Microsoft .NET Framework 1.1' and Version='1.1.4322'" call Reinstall
SERVICE - Service program management
★★runspoolerServe
wmic SERVICE where name="Spooler" call startservice
★★stopspoolerServe
wmic SERVICE where name="Spooler" call stopservice
★★pausespoolerServe
wmic SERVICE where name="Spooler" call PauseService
★★ChangespoolerService startup type[auto|Disabled|Manual] release[automatic|Disabled|Manual]
wmic SERVICE where name="Spooler" set StartMode="auto"
★★Delete the service
wmic SERVICE where name="test123" call delete
SHARE - Shared resource management
★★Delete share
wmic SHARE where name="e$" call delete
★★Add Share
WMIC SHARE CALL Create "","test","3","TestShareName","","c:\test",0
SOUNDDEV - Sound equipment management
wmic SOUNDDEV list
STARTUP - Management of automatically running commands when a user logs into the computer system
★★CheckmsconfigStartup options in
wmic STARTUP list
SYSDRIVER - System driver management for basic services
wmic SYSDRIVER list
USERACCOUNT - User Account Management
★★Change useradministratorFull name isadmin
wmic USERACCOUNT where name="Administrator" set FullName="admin"
★★Change usernameadminforadmin00
wmic useraccount where "name='admin" call Rename admin00
Get patch information
★★Check which patches are currently in use
/node:legacyhost qfe get hotfixid
CheckCPUCurrent speed
★★cpuCurrent speed
wmic cpu get CurrentClockSpeed
Remote desktop connection to remote computers
★★WMICCommand to enable remote desktop connection to remote computer
implementwmic /node:192.168.1.2 /USER:administrator
PATH win32_terminalservicesetting WHERE (__Class!="") CALL SetAllowTSConnections 1
Specific format:
wmic /node:"[full machine name]" /USER:"[domain]\[username]"
PATH win32_terminalservicesetting WHERE (__Class!="") CALL SetAllowTSConnections 1
wmic Get the process name and executable path:
wmic process get name,executablepath
wmic Delete the specified process(By process name):
wmic process where name="" call terminate
Or use
wmic process where name="" delete
wmic Delete the specified process(According to the processPID):
wmic process where p delete
wmic Create a new process
wmic process call create "C:\Program Files\Tencent\QQ\"
Create a new process on a remote machine:
wmic /node:192.168.201.131 /user:administrator /password:123456 process call create
Turn off the local computer
wmic process call create
Restart the remote computer
wmic /node:192.168.1.10/user:administrator /password:123456 process call create " -r -f -m"
Change the computer name
wmic computersystem where "caption='%ComputerName%'" call rename newcomputername
Change account name
wmic USERACCOUNT where "name='%UserName%'" call rename newUserName
wmic End suspicious process (based on the process's startup path)
wmic process where "name='' and executablepath<>'%SystemDrive%\\windows\\'" delete
wmic Get physical memory
wmic memlogical get TotalPhysicalMemory|find /i /v "t"
wmic Get the time to create, access and modify files
@echo off
for /f "skip=1 tokens=1,3,5 delims=. " %%a in ('wmic datafile where name^="c:\\windows\\system32\\" get CreationDate^,LastAccessed^,LastModified') do (
set a=%%a
set b=%%b
set c=%%c
echo document: c:\windows\system32\
echo.
echo Creation time: %a:~0,4% Year %a:~4,2% moon %a:~6,2% day %a:~8,2% hour %a:~10,2% point %a:~12,2% Second
echo Last visit: %b:~0,4% Year %b:~4,2% moon %b:~6,2% day %b:~8,2% hour %b:~10,2% point %b:~12,2% Second
echo Last modified: %c:~0,4% Year %c:~4,2% moon %c:~6,2% day %c:~8,2% hour %c:~10,2% point %c:~12,2% Second
)
echo.
pause
wmic Search for a file in full and obtain the directory where the file is located
for /f "skip=1 tokens=1*" %i in ('wmic datafile where "FileName='qq' and extension='exe'" get drive^,path') do (set "qPath=%i%j"&@echo %qPath:~0,-3%)
Get screen resolution wmic DESKTOPMONITOR where Status='ok' get ScreenHeight,ScreenWidth
wmic PageFileSet set InitialSize="512",MaximumSize="512"
Set virtual memory toEdisk and deleteCPage file under disk,Take effect after restarting the computer
wmic PageFileSet create name="E:\\",InitialSize="1024",MaximumSize="1024"
wmic PageFileSet where "name='C:\\'" delete
Get the current memory occupied by the process and the maximum memory occupied:
wmic process where caption='' get WorkingSetSize,PeakWorkingSetSize
byKBDisplay in units
@echo off
for /f "skip=1 tokens=1-2 delims= " %%a in ('wmic process where caption^="" get WorkingSetSize^,PeakWorkingSetSize') do (
set /a m=%%a/1024
set /a mm=%%b/1024
echo processNow take up memory:%m%K;Maximum memory usage:%mm%K
)
pause
Remotely open the computer remote desktop
wmic /node:%pcname% /USER:%pcaccount% PATH win32_terminalservicesetting WHERE (__Class!="") CALL SetAllowTSConnections 1
Batch Processing API--WMIC Learning Experience
existWINDOWS\HelpCurrently,This is how the document explainswmiof:Windows Management Instrumentation (WMI) It is "based on Web Business Management Initiative (WBEM)"(This is an industrial initiative that aims to build standards for accessing and sharing management information on enterprise networks) Microsoft Implementation of . related WBEM For more information, please visit WBEM。
XOXWMI For public information model (CIM)(This data model describes objects that exist in the management environment) provides complete support.WMIIncluding object repository and CIM Object Manager, where the object repository is a database containing object definitions. The object manager is responsible for handling the collection and operation of objects in the repository and from WMI Provider (WMI provider) Collect information.WMI Provider (WMI provider) exist WMI It acts as an intermediary between operating systems, applications, and other components of the system. For example, the registry provider provides information from the registry, and SNMP Provider from SNMP Data and events are provided in the device. The provider provides information about its components, and may also provide methods that can operate settable components, properties, or operations that may warn you about events that may change in the component.Windows Management Instrumentation Command line (WMIC) Provides you with simple Windows Management Instrumentation (WMI) Command line interface, so that it can be used WMI To manage operations Windows computer.WMIC Interoperate with existing command-line programs and utility commands and are easily extended through scripts or other management-oriented applications WMIC。
The above statements are too professional, and in simple terms,It is a command line program, which can be used to directly manage computer software and hardware operations on the command line, which is equivalent to batch processing.apiNow.
Brief analysis of the basic command format of wmic
If you often read relevant information on the Internet, readers may be aware of itwmicI have a basic understanding, but the more I read, the more confused I will be. In fact, to summarize, the command format is“wmic+Global switch+Alias+wqlStatement+verb+Adverb (or verb parameters)+Verb switch”That's it. This command format can be written in full or partial format as needed.
wmicthat is,lie inwindowsAt the bottom of the directory is a command line program.WMICCan be performed in two modes: interactive mode(Interactive mode)and non-interactive modes(Non-Interactive mode), frequently usedNetshCommand line readers should be very familiar with these two modes.
Interactive mode. If you are at the command prompt or through"run"Menu only enterWMIC, will enterWMICThe interactive mode of the system will return toWMICAt the prompt,"Root\cli", interactive modes usually require multipleWMICUsed when commands. The interactive mode sometimes also requires confirmation of some sensitive operation, such as deletion operations, to maximize the prevention of user operation errors.
Non-interactive mode. Non-interactive mode meansWMICDirect command asWMICThe parameters ofWMICLater, when the command is executed, return to the normal command prompt instead of enteringWMICin context.WMICThe non-interactive mode is mainly used in batch processing or some other script files. I use it in this article●Non-interactive mode●Example.
The switch has the following global switches, and the switch is turned on /?You can see (we will not discuss the specific meaning of each switch here, see the example of the specific usage):
/NAMESPACE The namespace path used by the alias.
/ROLE Contains the role path defined by this alias.
/NODE The server used by the alias.
/IMPLEVEL Customer simulation level.
/AUTHLEVEL Customer authentication level.
/LOCALE Language identifier for customer application.
/PRIVILEGES Enable or disable all privileges.
/TRACE Output debug information to stderr。
/RECORD Writes all input commands and output to the log.
/INTERACTIVE Set or reset interactive mode.
/FAILFAST Set or reset FailFast model.
/USER User used during the session.
/PASSWORD Password used for session login.
/OUTPUT Specify the mode for the output redirection.
/APPEND Specify the mode for the output redirection.
/AGGREGATE Set or reset collection mode.
/AUTHORITY Specifies the <authority type> for the connection.
/?[:<BRIEF|FULL>] Usage information.
As for the alias, it gives the motherboard, service, system, process and other computer-related things. /?You can also see it on the command line.
wqlStatements and the injection we usually usesqlThe syntax of a statement is almost exactly the same, even simpler. Generallywhere name="xxx" and Something like that, but sometimesname=“xxx"This format is changed to"name='xxx'"Orwhere(name='xxx')In this way, if it doesn't work under normal circumstances, change the writing method.
What about verbs, just a few simple onesassoc、call、CREATE、DELETE、GET、LIST、SET, from the English name, you should be able to see what they are used for. But to be honest,assocI really haven't used it yet.
As for the adverb (parameters of verbs), it is to get the verbs+Its parameters get the properties of the object. Like belongs tolistThe adverb of a verb is to display something, such as displaying a detailed state or a brief state.
A verb switch is like displaying a horizontal table format, displaying a vertical table format, or outputting a file of what format, or displaying information repeatedly for a few seconds, etc. Some verbs do not have switches.
Complete the wmic command line step by step
wmicThere is an alias in itlogicaldisk, is to manage disks. Let's write it in the simplest format first.cmdEnter on the command line●wmic logicaldisk list●(+Alias+listverb), wait for a while, all kinds of data on the local hard drive will appear on the screen, which looks messy. This is too inconvenient to read, let's rewrite it and change it to●wmic logicaldisk list brief●,existlistAdd a verb afterbriefParameters, that isbriefAdverbs will be displayed neatly, with the following effects:
DeviceID brief FreeSpace ProviderName Size VolumeName
A: 2
C: 3 2925694976 6805409792 WINXP
D: 3 1117487104 1759936512 WORK
E: 5
You may have noticed that there are verbs in the above command linelistand adverbbrief。listThe verb determines the format and range of information displayed, and it hasBrief、Full、Instance、 Status、System、WriteableMultiple parameters(adverb),fullIt's just a parameter, it's alsolistThe default parameter of , indicates that all information is displayed. Several other parameters, as the name suggests,BriefIt means that only summary information is displayed.InstanceIndicates that only object instances are displayed.StatusIndicates the display object status,WriteableIndicates that only the writable attribute information of the object is displayed, etc.
Let's add something to the statement and return it to the above disk.DeviceIDThe value of3It means it is the partition of the local hard disk, if it is5is the light area,2It's the disk that's moving. Let's change the statement and add itwqlStatement, displays only the local disk. Change the statement to●wmic logicaldisk where "DriveType=3" list brief●Or●wmic logicaldisk where(DriveType=3) list brief●,The display effect looks like below:
DeviceID DriveType FreeSpace ProviderName Size VolumeName
C: 3 2925686784 6805409792 WINXP
D: 3 1117487104 1759936512 WORK
But we are still not satisfied with the format shown above.ProviderNameI don't know what it is to show it, we only want what we want, like a roll mark VolumeNameWe don't want it, change the statement and change it.getverb, command changed to●wmic logicaldisk where "DriveType=3" get DeviceID,Size,FreeSpace,Description,FileSystem●, the return information is as follows:
DeviceID,Size,FreeSpace,Description,FileSystem
Description DeviceID FileSystem FreeSpace Size
Local fixed disk C: FAT32 2925686784 6805409792
Local fixed disk D: FAT 1117487104 1759936512
As forgetYou can use the parameters followed by the verb firstlistCome and check it out and you will understand. OK, this time we can get the results we want. However, we have not used the switches in the command yet, add a few global switches. Let's add one first/OUTPUTLet it output the display information to a file, the command is as follows:●wmic /output: logicaldisk where "DriveType=3" get DeviceID,Size,FreeSpace,Description,FileSystem●, so that the information returned on the screen just now reaches the current directory It's inside. butAfter opening it, it is like a notepad, without any style and does not look beautiful. We specify a style for it and we need to use it.formatThis verb has been switched, and the command is changed to●wmic /output: logicaldisk where "DriveType=3" get DeviceID,Size,FreeSpace,Description,FileSystem /format:htable●, soThe information on our local disk is displayed in colorful forms. Maybe you want to ask,htableWhat is it? Actually, this is a file, you want the one aboveWhat format can beC:\WINDOWS\system32\wbemHere is a file name in the format you want, including the following files:
CSV
HFORM
HMOF
HTABLE
HXML
LIST
TABLE
VALUE
htable-sortby
texttablewsys
wmiclimofformat
wmiclitableformat
wmiclitableformatnosys
wmiclivalueformat
Someone may ask, I just want to show itc:Can you do it if you don’t have other disks? Of course, this needs to be usedwqlStatementnameThis variable is now. You can use it first●wmic logicaldisk list Instance●Seenameand change the specific name of the abovewqlStatement. OK, let's change it to●wmic /output: logicaldisk where "name='c:'" get DeviceID,Size,FreeSpace,Description,FileSystem /format:htableorwmic /output: logicaldisk where(name='c:') get DeviceID,Size,FreeSpace,Description,FileSystem /format:htable●That's it. It is worth noting that we areDriveType=3The single quotes are not used because3It's digital, andc:It is character type, so use single or double quotes. But it should be noted that ifwqlUsed in the statementand, please use()or""Cause the statement.
In this way, our last sentence basically matches what I said at the beginning of the articlewmicThe command format is“wmic+switch+Alias+wqlWord name+verb+Adverb (or verb parameters)+Verb switch”. butwmicBut we can not only operate the local machine, but also operate the remote machine. Let’s add three global switches to let our command operate the remote format. The command is:
●WMIC /node:"192.168.8.100" /user:"administrator" /password:"lcx" /output: logicaldisk where "name='c:'" get DeviceID,Size,FreeSpace,Description,FileSystem /format:htable●
innodeThe switch indicates which machine to access,userandpasswordOf course, it is the username and password of the remote machine. With the above explanation of this command, everyone should understand it at a glance. So far, our verbs have only been usedgetandlist, let's add another onesetCome to changec:The label of the disk. The command is as follows:●WMIC logicaldisk where "name='c:'" set VolumeName ="lcx"●, so that everyone can further understand the usage of this format. After writing so many words, maybe you want to ask mewmicWhat is the most useful switch, of course"?"If that command doesn't work, you can use itwmic /? 、WMIC logicaldisk /?、WMIC logicaldisk list /?、WMIC logicaldisk set /?This way, check the usage.
Summarize
wmicIt's very powerful, like2003of3389It can be done in one sentence:
●wmic RDTOGGLE WHERE ServerName='%COMPUTERNAME%' call SetAllowTSConnections 1●。
However, this article will probably make the audience feel deceived.wmicThe disk command has been written for such a long time, but I think you can study it with the basis of this article.wmicOther alias like processes, services,bios, motherboards, there will be an entry point, and specific good techniques are like3389It will depend on everyone to study and discover.
Windows WMICDetailed explanation of the command
rem Checkcpu
wmic cpu list brief
rem View physical memory
wmic memphysical list brief
rem View logical memory
wmic memlogical list brief
rem View cache memory
wmic memcache list brief
rem View virtual memory
wmic pagefile list brief
rem View network card
wmic nic list brief
rem View network protocol
wmic netprotocal list brief
[Example] Convert the current systemBIOS,CPU, motherboard and other information are output to oneHTMLThe web page file, the command is as follows:
::Get system information.bat,runbatJust file
::System information output toHTMLdocument,View Help: wmic /?
::wmic [System parameter name] list [brief|full] /format:hform >|>> [file name]
wmic bios list brief /format:hform >
wmic baseboard list brief /format:hform >>
wmic cpu list full /format:hform >>
wmic os list full /format:hform >>
wmic computersystem list brief /format:hform >>
wmic diskdrive list full /format:hform >>
wmic memlogical list full /format:hform >>
WMIC command parameter help reference
ALIAS - Access the alias on the local machine
BASEBOARD - Substrate (Also called motherboard or system board) manage.
BIOS - Basic input/Output service (BIOS) manage.
BOOTCONFIG - Start configuration management.
CDROM - CD-ROM manage.
COMPUTERSYSTEM - Computer system management.
CPU - CPU manage.
CSPRODUCT - SMBIOS computer system product information.
DATAFILE - DataFile manage.
DCOMAPP - DCOM Program management.
DESKTOP - User desktop management.
DESKTOPMONITOR - Monitor management.
DEVICEMEMORYADDRESS - Device memory address management.
DISKDRIVE - Physical disk drive management.
DISKQUOTA - NTFS Volume disk space usage.
DMACHANNEL - Direct memory access(DMA)Channel management.
ENVIRONMENT - System environment settings management.
FSDIR - File directory system project management.
GROUP - Group Account Management.
IDECONTROLLER - IDE Controller management.
IRQ - Interval request line (IRQ) manage.
JOB - Provides access to work scheduled using the scheduled services.
LOADORDER - Defines the execution of dependent system service management.
LOGICALDISK - Local storage device management.
LOGON - Log in to the session.
MEMCACHE - Cache memory management.
MEMLOGICAL - System memory management (Configure layout and memory availability)。
MEMPHYSICAL - Physical memory management of computer systems.
NETCLIENT - Network client management.
NETLOGIN - (A user's)Network login information management.
NETPROTOCOL - protocol (and its network features) manage.
NETUSE - Active network connection management.
NIC - Network interface controller (NIC) manage.
NICCONFIG - Network adapter management.
NTDOMAIN - NT Domain management.
NTEVENT - NT Event log items
NTEVENTLOG - NT Time log file management.
ONBOARDDEVICE - motherboard(System Board)Built-in management of ordinary adapter equipment.
OS - Installed operating system management.
PAGEFILE - Virtual memory file reconciliation management.
PAGEFILESET - Page file settings management.
PARTITION - Management of physical disk partition areas.
PORT - I/O Port management.
PORTCONNECTOR - Physical connection port management.
PRINTER - Printer device management.
PRINTERCONFIG - Printer equipment configuration management.
PRINTJOB - Printing work management.
PROCESS - Process management.
PRODUCT - Installation package task management.
QFE - Quick troubleshooting.
QUOTASETTING - Sets the disk quota information for the volume.
RECOVEROS - When the operating system fails, the information collected from memory.
REGISTRY - Computer system registry management.
SCSICONTROLLER - SCSI Controller management.
SERVER - Server information management.
SERVICE - Service program management.
SHARE - Shared resource management.
SOFTWAREELEMENT - Management of software product elements installed on the system.
SOFTWAREFEATURE - SoftwareElement management of software product components.
SOUNDDEV - Sound equipment management.
STARTUP - Automatically run command management when a user logs into the computer system.
SYSACCOUNT - System account management.
SYSDRIVER - System driver management for basic services.
SYSTEMENCLOSURE - Closed management of physical systems.
SYSTEMSLOT - Physical connection point management including ports, sockets, accessories and main connection points.
TAPEDRIVE - Tape drive management.
TEMPERATURE - Data management of temperature sensors (Electronic temperature meter)。
TIMEZONE - Time area data management.
UPS - Uninterruptible power supply (UPS) manage.
USERACCOUNT - User Account Management.
VOLTAGE - Voltage sensor (Electronic power meter) Data management.
VOLUMEQUOTASETTING - Associate a disk volume with a disk quota setting.
WMISET - WMI Service operation parameter management.