Exploring WMI in Windows
Windows installs WMI during the installation of the OS. The installation process puts most of the WMI components, including the repository, tools, and the providers, into a folder, C:\Windows\System32\WBEM
.
Inside a running Windows host, WMI runs as a service, the winmgmt
service (winmgmt.exe
). Windows runs this service inside a shared service process (svchost.exe
). In the early versions of WMI in Windows, WMI loaded all the WMI providers into the winmgmt
service. The failure of a single provider could cause the entire WMI service to fail. Later, with Windows XP and beyond, Microsoft improved WMI to load providers in a separate process, WmiPrvSE.exe
.
In this recipe, you examine the contents of the WBEM folder, the WMI service, and runtime components of WMI.
Getting ready
This recipe uses SRV1
, a domain-joined host. You have installed PowerShell 7 and VS Code on this host.
How to do it...
- Viewing the WBEM folder...