Windows Management Framework, which includes Windows PowerShell 2.0, WinRM 2.0, and BITS 4.0, was officially released to the world this morning. By providing a consistent management interface across the various flavors of Windows, we are making our platform that much more attractive to deploy. IT Professionals can now easily manage their Windows XP, Windows Server 2003, Windows Vista, Windows Server 2008, Windows 7, and Windows Server 2008 R2 machines through PowerShell remoting – that’s a huge win!
A big, hearty thanks to everyone who made this release possible.
Tell your friends!
Nathan Burkhart
Program Manager | WS-Management
1. Extend the Provider Unload time
__win32provider Instance:
UnloadTime = <CIM_Datetime for interval http://msdn.microsoft.com/en-us/library/aa387237(VS.85).aspx>
For example:
instance of __Win32Provider
{
CLSID = "{41ED66D6-53DC-4475-9765-B69FBC84CD28}";
HostingModel = "NetworkServiceHOST";
Name = "InterOpProv";
UnloadedTimeout = “00000001000000.000000:000”;
};
ð Making provider loaded inside an individual wmiprvse.exe, and marked the unload interval to 1 day.
It happens that some CIM models need to link various entities together. The recommended approach for doing this is to use Associations and References. By default WMI is capable to handle associations based on the relations defined in the CIM schema. However, this mechanism involves an enumeration of both ends represented by the associations. Once completed, WMI core makes the required filtering to provide the expected results to the WMI client. Obviously, although this default mechanism works for all instance providers, it is not optimal for situations where complex relationships or large amount of information is involved. In such a case, it is recommended to implement the query capabilities in the providers to ensure the best performance. Indeed, who knows better than the provider developer or designer to query the manageable entity to retrieve the relevant information?
Some implementations make use of embedded objects to link manageable entities together. Those embedded objects are constructed from an existing WMI class (or the properties that return them are using a CIM class type). Although technically feasible, the implementation of embedded objects has some payloads and side effects.
· When a WMI client requests a collection of properties that are actually populated by one or several embedded objects, the CIM schema definition sent over the wire to the WMI client is also encapsulated in every WMI object. In case of an array of embedded objects, this will create an inevitable overhead of information on the network.
· Next, if the WMI client enumerates all instances, where these instances expose properties containing embedded objects, each embedded object needs to be resolved to populate the properties before the actual requested instance is returned to the WMI client. This may create a serious overhead for the performance. Of course, everything depends on the number of instances are returned, the number of embedded objects contained in the properties of the instances.
· Because objects are embedded in properties, there is no way for WMI to query them. However, using association instead gives the ability to WMI clients to query about the relationships that are in place.
Despite a possible implementation of embedded objects and due to the various side effects of such a model, it highly is recommended to consider the use of Association.
Kapil Mathur [MSFT]
The aim of the series is to cover a WMI Provider writing question per post. If you have a question, you'd like the WMI team to answer, do leave a comment.
Now, for the answer -
If the WMI client requests to enumerate all instances of a class supported by such a provider, a return code WBEM_NOT_CAPABLE will be returned.
If the WMI client performs a query on a class supported by that provider and if that provider doesn’t have the query capability, then the query will fail because WMI uses the enumeration technique with post-filtering to provide the query results. However, if the query capability is supported by the provider, then the query will succeed because WMI will pass that query to the provider and the provider will handle it accordingly.
Kapil Mathur [MSFT]
The aim of the series is to cover a WMI Provider writing question per post. If you have a question, you'd like the WMI team to answer, do leave a comment.
Now, for the answer -
Let's take the Win32_Product class supported by the MSI provider as it is today. This class returns a complete list of installed MSI applications. When a WMI client requests all Win32_Product instances with WQL queries such as:
- Select * From Win32_Product
Or
- Select * From Win32_Product Where Vendor="Microsoft"
the corresponding WMI provider gets loaded and WMI callbacks the provider at the level of:
- its query interfaces if the provider claims that it supports WQL queries in its registration data. In this case, up to the provider to handle the query and the filtering based on the WHERE statement specified (if any).
Or
- its Enum interfaces to get the collection of all instances if the provider claims that it doesn't support WQL queries in its registration data. In this case, based on the WHERE statement filtering (if any), WMI makes a post filtering on the collection returned by the WMI provider to ensure that the data returned by WMI is matching the WMI client query.
So, in conclusion:
- If the provider supports WQL queries, the provider itself handles queries and does the filtering on Vendor="Microsoft" as used in the query example.
- If the provider doesn't support WQL queries, WMI core will make a post filtering on the collection returned by the provider based on the Vendor="Microsoft" as used in the query example.
Of course, it is important to note that depending on the nature and complexity of the object model, returning a collection to WMI core is not always the best way to proceed. There are situations where a filtering handled by WMI core will not be efficient enough (e.g. when the collection is extremely large). In such a case, it is recommended that the WMI provider supports queries in order to perform the filtering in the provider code. This makes sense as the provider it is the only software component having a perfect understanding of the manageable entity model it surfaces.
Kapil Mathur [MSFT]
MSFT_Providers is a troubleshooting class which contains configuration information for providers. This class can be pretty handy while troubleshooting provider issues.
For eg. Suppose you want to know which wmiprvse process is your provider loaded in, you could use HostProcessIdentifier property –
select HostProcessIdentifier from Msft_Providers where provider="ProviderName"
or, you could use load and unload methods of this class to force a provider to load/unload while trying to reproduce a scenario.
More information at MSDN.
Kapil Mathur [MSFT]
Here’s an issue that some of our WMI enthusiasts have been seeing in the field. When remotely querying the Win32_Product class to determine what software is installed on a Windows XP or Windows Server 2003 system, a “Generic Failure” (0x80041001) error is returned. If the same query is run locally on the target system, it works just fine. So what gives?
I’m glad you asked. When querying the Win32_Product class, the WMI provider DLL for Windows Installer (MSIPROV.DLL) is loaded into a WMI Provider Host process (WMIPRVSE.EXE) and this provider enumerates the software installed on the system. When the provider detects that a “Per-User” install has occurred, it checks the current user’s profile as well. This is easy when you run the query locally, because your profile registry hive is already loaded into memory. Running this query remotely is a different story.
The “Generic Failure” problem occurs during a remote query because the profile for the user running the query cannot be successfully parsed on the remote system. Some installation packages default to Per-User, and some don’t ask. If your user account was logged in during one of these installs, then you try to run the remote query for Win32_Product, you will likely receive the “Generic Failure” error. This is more common in some environments than others, especially when the person that manages the workstations is the same person that deployed them or built the workstation “image,” since their profile would be more likely to contain “Per-User” installation entries.
What does this mean?
Basically, if any user account performs a “Per-User” installation, then that user will not be able to successfully perform a WMI query the Win32_Product class remotely from a different system. However, there is an exception to this. If the user that is running the remote WMI query is actually logged on to the remote system, then their profile will already be actively loaded and can be parsed without running into the failure.
The Workaround:
The workaround to this problem for Windows XP and Windows Server 2003 systems is to run the query as a user account that has never installed software on the workstations. For instance, create a user account specifically used for software inventory or other management activities, then use that account to perform the queries. NEVER use that account to install software on the systems being monitored.
What about Operating Systems released after Windows XP and Server 2003?
Windows Vista, Windows Server 2008, Windows 7, and Windows Server 2008 R2 do NOT display this same behavior. For these operating systems, rather than returning the “Generic Failure” message if a user is not logged on to the remote system, instead, only “Per-Machine” installation information would be returned. If the user IS logged on to the remote system, then the combination of “Per-User” and “Per-Machine” installation information is returned.
Additional information to be aware of:
Windows Server 2003 doesn’t have the Win32_Product Class by default
The Win32_Product class must be added to Windows Server 2003. If you receive the following error when running a WMI query for the Win32_Product class on Windows Server 2003
then chances are you need to add the class by doing the following:
1. Open “Add or Remove Programs”
2. Click “Add/Remove Windows Components”
3. Select Management and Monitoring Tools
4. Click Details.
5. Add a check to the box for “WMI Windows Installer Provider”
6. Click OK
7. Click Next
When the Windows Component Wizard finishes, you should now be able to access the Win32_Product class on Windows Server 2003.
What if I installed Windows Installer 4.5 and now I can’t use the Win32_Product class at all?
Then you probably need the following hotfix to get the Win32_Product class working again:
KB 972189: Error message when you query the "Win32_Product" class after you install applications by using Microsoft Windows Installer (MSI) 4.5 together with the "Per-User" option in Windows Server 2003 and in Windows XP: "0x80041001 - Generic failure"
Well folks, that’s all for now.
-Steve Paruszkiewicz [MSFT]
Additional Resources:
· MSDN: Win32_Product Class
· MSDN: MSI - ALLUSERS Property
Following on the heels of the public release of the Microsoft Windows Management Framework RC for Windows Vista and Windows Server 2008 last month, we are pleased to announce the public availability of WinRM 2.0 and Windows PowerShell 2.0 on Windows XP and Windows Server 2003!
https://connect.microsoft.com/windowsmanagement/Downloads
Congratulations to the team are again in order for all of the hard work required to reach this point, and to our partners for helping us to validate the components and for their willingness to bet on us.
Enjoy!
Nathan Burkhart
Program Manager | WS-Management
After WMF (Windows
Management Framework ), i.e., the combined download package of Powershell,
WsMan and BITS, for Vista and Windows Server 2008 was released to the Web on
Aug. 13th, we can feel the high
expectation for the final WMF releases from our customers. We would like you
know your feedbacks are also crucial to help us achieve high product quality.
Therefore, the message of this blog entry is simple: help us help you! If you
have any feedback specific to the WMF Release Candidate, put your comments here.
Thanks!
Xin Li
Windows PowerShell Team
BITS Compact Server is a simple and secure HTTP / HTTPS server. BITS Compact Server exposes COM API for configuration. It can also be configured through a WMI provider.
Features:
1. HTTP / HTTPS file server, for ad-hoc file hosting. It is not intended to be an internet facing server.
2. Independent of IIS.
3. Supports SSL, Authentication (NTLM, Negotiate and client certificates) and Authorization (SDDL strings).
4. COM API for programmatic access.
5. WMI provider for configuring BITS Compact Server and managing BITS jobs remotely.
6. WMI Powershell cmdlets can be used for scripting.
Typically, BITS Compact Server would be used in deployment scenario which involves distribution of files to multiple machines. The lifetime of the hosted files would be short enough, so that setting up an IIS for hosting them is not required. The anticipated usage is the maximum of 25 URLGroups, each URLGroup supporting 3 simultaneous downloads. Hence, it is not intended to act as an internet facing server.
Installing BITS Compact Server
BITS Compact Server ships as an Optional Component in Windows Server 2008 R2. It can be installed via Server Manager or ocsetup.
a. Using Server Manager UI:
i. Open server manager.
ii. Add Feature.
iii. Select “Compact Server” under Background Intelligent Transfer Service (BITS)
iv. Follow the on screen installation steps.
b. Using Server Manager Powershell cmdlets
i. Import-Module ServerManager
ii. Add-WindowsFeature BITS-Compact-Server
c. Using ocsetup:
i. From an elevated command prompt, ocsetup LightweightServer
NOTE: The package name is case-sensitive.
BITS Compact Server basics
BITS Compact server is a simple and secure HTTP / HTTPS server. BITS Compact Server exposes COM API for configuration. It can also be configured through a WMI provider.
MSDN: http://msdn.microsoft.com/en-us/library/dd904465(VS.85).aspx
HTTP or HTTPS URLs are created, which point to specified files on the machine. A URL can be constructed as follows:
For example, consider the following URL:
http://localhost:8080/Sample/File.txt
The URL consists of 5 parts:
a. “http” – the protocol which is used. Can be http or https
b. “localhost” – refer http://msdn.microsoft.com/en-us/library/aa364698(VS.85).aspx.
c. “8080” – port on which the file will be accessible.
d. “Sample” – URL prefix.
e. “File.txt” – URL suffix.
“http://localhost:8080/Sample” – is referred to as the URLGroup.
BITS Compact server does not support multiple levels of URL prefixes; hence http://localhost:8080/Sample/Sample2/File.txt will not be a valid URLGroup or URL.
A single URLGroup can have multiple URLs associated with it.
For example:
The URLs “http://localhost:8080/Sample/File1.txt” and “http://localhost:8080/Sample/File2.txt” belong to the same URLGroup “http://localhost:8080/Sample/”
URLs in the same URLGroup share settings like, SSL certificates, Authentication, Connection and Bandwidth Limits etc.
BITS Compact Server and WMI
BITS Compact Server exposes configuration through WMI for remote management. The WMI provider resides in “root\Microsoft\BITS” namespace.
The WMI classes that are exposed are:
a. BITSCompactServerURLGroup – used for creating and managing URLGroups and URLs on BITS Compact Server. http://msdn.microsoft.com/en-us/library/dd904504(VS.85).aspx
b. BITSClientJob – BITS client side provider used for managing BITS jobs. http://msdn.microsoft.com/en-us/library/dd904502(VS.85).aspx
c. BITSClientFile – embedded object for getting information about file that is being transferred using the BITS client provider. http://msdn.microsoft.com/en-us/library/dd904501(VS.85).aspx
HelloWorld script
Host a file on BITS Compact Server and download it using WMI Powershell cmdlets
## Get BITS Compact Server WMI Class
$bcs = [wmiclass] "root\Microsoft\bits:Bitscompactserverurlgroup"
## Create URLGroup
$null = $bcs.CreateUrlGroup("http://+:80/Demo/")
## Get created URLGroups object
$urlgroup = Get-WmiObject -Namespace "root\Microsoft\bits" -Class "Bitscompactserverurlgroup" -Filter "urlgroup='http://+:80/Demo/'"
## Host a file. The file has to be present and accessible"
$null = $urlgroup.CreateUrl("100mb.zip","C:\100mb.zip","")
## Get BITS client WMI Class
$bits = [wmiclass] "root\microsoft\bits:bitsclientjob"
## Create BITS Job to download hosted file
$jobInfo = $bits.CreateJob("BlogDownload","http://localhost:80/Demo/100mb.zip","c:\100mb_downloaded.zip")
## Get created BITS job's object
$bitsJob = Get-WmiObject -Namespace "root\microsoft\bits" -Class "bitsclientjob" -Filter ("jobId='" + $jobInfo.JobId + "'")
## Poll for status
while ($bitsJob.State -ne 6)
{
[UInt64] $progress = $bitsJob.BytesTransferred / $bitsJob.BytesTotal * 100
Write-Progress -Activity "Downloading..." -status "$progress% Complete" -percentComplete $progress
## Check for errors in transfer
if(($bitsJob.State -eq 4) -or ($bitsJob.State -eq 5))
{
Write-Host "Download ERROR: " $bitsJob.GetError(1033).ErrorDescription -ForegroundColor Red -BackgroundColor Black
exit
}
Sleep 3
## Refresh state
$bitsJob.Get()
}
Write-Host "Downloaded Completed" -ForegroundColor Yellow
## Complete the BITS job to commit file to disk
$null = $bitsJob.setJobState(1)
NOTE:
§ Firewall ports are not opened when a URL Group is created for a particular port. http://technet.microsoft.com/en-us/library/cc772353(WS.10).aspx
§ Access to WMI provider needs administrative privileges.
The Microsoft Windows Management Framework RC release for Windows Vista and Windows Server 2008 includes the following components:
WinRM 2.0
Windows Remote Management (WinRM) is the Microsoft implementation of WS-Management Protocol, a standard Simple Object Access Protocol (SOAP)–based, firewall-friendly protocol that allows hardware and operating systems from different vendors to interoperate.
The WS-Management protocol specification provides a common way for systems to access and exchange management information across an IT infrastructure.
Windows PowerShell 2.0
Windows PowerShell is a command-line shell and scripting language that is designed for system administration and automation. Built on the .NET Framework, Windows PowerShell enables IT professionals and developers to control and automate the administration of Windows and applications.
BITS 4.0
Background Intelligent Transfer Service (BITS) is a service that transfers files between a client and a server. BITS provides a simple way to reliably and politely transfer files over HTTP or HTTPS. File downloads and file uploads are supported. Unlike other protocols that transfer files in the foreground, BITS transfers files in the background by default. Background transfers use only idle network bandwidth in an effort to preserve the user’s interactive experience with other network applications, such as Internet Explorer. Foregound (or normal) transfers are also supported.
BITS 4.0 interoperates with BranchCache to provide P2P based file transfer.
Requirements
Microsoft Windows Management Framework is designed for systems that need to use the new Windows Management features on downlevel platforms. The following system requirements and hardware requirements are necessary to install this release.
One of the following operating systems must be installed on the computer:
- Windows Vista SP1, Windows Vista SP2, Windows Server 2008
Download Link
https://connect.microsoft.com/windowsmanagement/Downloads
Check out the related MSDN link - http://msdn.microsoft.com/en-us/library/ee309369(VS.85).aspx
Robert Rodriguez-Lawson [MSFT]
New Security Feature in Windows 7
The following table lists the new Windows Management Instrumentation (WMI) security feature that is available in Windows 7.
| Feature |
Description |
|
Controlling provider security |
Changes to enhance the security of the WMI shared provider host process (wmiprvse.exe). These changes introduce three new group policies and two running modes for the WMI shared host, which are called secure and compatible modes. For more information, see Registry Keys for Controlling Provider Security. |
Other New or Updated Features in Windows 7
The following table lists new WMI features that are available in Windows 7.
| Feature |
Description |
|
CIM schema compatibility |
Starting in Windows 7, WMI is compatible with the Common Information Model (CIM) Schema version 2.17.1. For more information, see CIM Schema Compatibility. |
|
Cross-namespace association traversal |
WMI implemented a standard mechanism for discovering profiles by using the CIM schema. For more information, see Cross Namespace Association Traversal. |
|
Association providers |
Information about writing and registering an association provider. Association providers are used to expose standard profiles, like a power profile. For more information, see Writing an Association Provider for Interop. |
|
Optional feature status |
WMI implemented the Win32_OptionalFeature class. This class queries and returns the status of the optional features that are present on a computer. For example queries using Windows PowerShell, see Querying the Status of Optional Features. |
|
Changing the default behavior for the AutoRestore repository feature |
WMI has a new registry key to enable or disable the AutoRestore repository feature. For more information, see Registry Key for Repository Configuration. |
|
New Windows PowerShell command classes |
Windows PowerShell cmdlets enable users to complete the end-to-end tasks necessary to manage local and remote computers. For more information, see Managed Reference for WMI PowerShell Command Classes. |
|
New mechanism to connect to remote computers |
Windows PowerShell provides a simple mechanism to connect to WMI on a remote computer. For more information, see Connecting to WMI on a Remote Computer by using PowerShell. |
|
Changes to the software licensing classes |
The software licensing classes have new methods and properties to provide more software licensing data. In addition, the SoftwareLicensingTokenActivationLicense class was added. |
|
New power metering and budgeting classes |
Power metering and budgeting classes are the primary interface for the query of Power Meter Interface (PMI) information from underlying power meters on the system. |
|
New power policy classes |
Power policy classes enable the remote management of all power policy infrastructures. |
|
Changes to the Win32_ServerFeature class |
The ID property of the Win32_ServerFeature was updated. |
List of new stuff in BITS for Windows 7
- Peer caching now uses Windows BranchCache. This new peer caching model replaces the model used for BITS version 3.0. For more information, see Peer Caching.
- Added a more flexible resource access model that allows applications to associate a pair of security tokens to a BITS transfer job. For more information, see Helper tokens for BITS transfer jobs.
- Added the BITS Compact Server, which is a stand-alone HTTP/HTTPS file server that provides the ability to transfer a limited number of large files asynchronously between computers.
- Added more granular bandwidth throttling. For more information, see Group Policies.
You can visit http://msdn.microsoft.com/en-us/library/aa363167(VS.85).aspx for more.
Kapil Mathur [MSFT]
