Friday, June 12, 2009

WMI calls from Linux to a Windows XP computer

Hi all,

I wrote a few tools in VBScript to get the event logs for a Windows machine, then sort them and get a count for them. From this I would see the repeat log entries that I wouldn't give a damn about, allowing me to filter them out. This process is called artificial ignorance, where you sort out your logs to get rid of entries you know for a fact aren't interesting. When you remove things you know aren't interesting, what remains must therefore be interesting. The process allows you to see the important messages that would otherwise get lost in the noise.

My plan was to port this to shell scripts in Linux. Simple enough, if it weren't for the fact that, unless you log into a domain, WMI refuses to let anyone connect unless you use the Guest account. "Access Denied" is all the action you'll get. To turn this on, you must turn off Simple File Sharing. You can access this in the Folder Options applet, under the "View" tab. It'll be at the bottom of the list.

Once you do that, all you have to do (assuming the IP address is is:

# wmic -U MACHINE/AdminUser%pass // "Select * From Win32_ComputerSystem"

Or, in Windows:

C:\> wmic /node: /user:MACHINE/AdminUser /password:pass os list

And that's all there is to it.

No comments:

Post a Comment