Octopuss Posted August 30, 2011 Author Share Posted August 30, 2011 still the same Link to comment Share on other sites More sharing options...
bphlpt Posted August 30, 2011 Share Posted August 30, 2011 @jaclaz, Since I'm following along, I tried some of these commands as well just trying to learn new things. I'm just running a home machine Win7 x86 Ultimate, if it matters.Anyway, I got similar results to TheWalrus for the "second" command you suggested, and for your latest suggestion I got Invalid XSL format <or> file name.What should we be getting?Cheers and Regards Link to comment Share on other sites More sharing options...
jaclaz Posted August 30, 2011 Share Posted August 30, 2011 The /format: switch changes the format of the output.Examples:http://waynes-world-it.blogspot.com/2008/07/wmic-custom-alias-and-format.htmlIt seems like something has changed in Windows 7, but cannt say what, if either syntax dod not worlk for you. As an example what I get on my machine with:wmic path Win32_networkadapterconfiguration where "IPENABLED=TRUE" get Caption,SettingIDis:C:\test>wmic path Win32_networkadapterconfiguration where "IPENABLED=TRUE" getCaption,SettingIDCaption SettingID[00000008] Atheros L1 Gigabit Ethernet 10/100/1000Base-T Controller {4E1252DC-1884-4B8E-BFF4-B016E790CCF4}and with:wmic path Win32_networkadapterconfiguration where "IPENABLED=TRUE" get Caption,SettingID /format:csvI get:C:\test>wmic path Win32_networkadapterconfiguration where "IPENABLED=TRUE" getCaption,SettingID /format:csvNode,Caption,SettingIDCINQUE,[00000008] Atheros L1 Gigabit Ethernet 10/100/1000Base-T Controller,{4E1252DC-1884-4B8E-BFF4-B016E790CCF4}(i.e. an easy parsable CSV)What do you get if you issue:http://isc.sans.edu/diary.html?storyid=1229wmic process list /format /?You should get a number of "keywords".jaclaz Link to comment Share on other sites More sharing options...
iamtheky Posted August 30, 2011 Share Posted August 30, 2011 (edited) I would still go simple using the Find command to filter as needed, the IPenabled=true whittles it down greatly as well. but using the miniports as examplewmic nic get name | find /i "miniport"wmic nic get name | find /i "miniport" | find /i "WAN"wmic nic get name | find /i "miniport" | find /i "WAN" | find /i "L2TP"but in your case i think it might be easier to work with what is not included, thus post #5 or a more generic:wmic nic where netconnectionID="Local Area Connection" get name | find /V "VPN"Setting this return, and using it in reg query however.... I'm rooting for that next, I need to learn. Edited August 30, 2011 by iamtheky Link to comment Share on other sites More sharing options...
bphlpt Posted August 30, 2011 Share Posted August 30, 2011 What do you get if you issue:wmic process list /format /?You should get a number of "keywords".I do.Keyword/XSL filename to process XML results.USAGE:/FORMAT:<format specifier>NOTE: <formatspecifier> : ((<transformname>|<transformname> : <paramstring>)[,<formatspecifier>]).where <paramstring>(<parametername>=<value>)[:<paramstring>]).NOTE: <transformname> is a <key word> or an <xsl file name>.Keywords:CSVHFORMHTABLELISTMOFRAWXMLTABLEVALUEXMLhtable-sortbyhtable-sortby.xsltexttablewsystexttablewsys.xslwmiclimofformatwmiclimofformat.xslwmiclitableformatwmiclitableformat.xslwmiclitableformatnosyswmiclitableformatnosys.xslwmiclivalueformatwmiclivalueformat.xslCheers and Regards Link to comment Share on other sites More sharing options...
jaclaz Posted August 30, 2011 Share Posted August 30, 2011 (edited) I do.Then there is no reason why it shouldn't work.Each and every keyword:CSVHFORMHTABLELISTMOFRAWXMLTABLEVALUEXMLcorresponds to an available "format", i.e. a valid parameter of the /format:<keyword>.Can you try with some other of the keywords?Example of my output with RAWXML:C:\test>wmic path Win32_networkadapterconfiguration where "IPENABLED=TRUE" getCaption,SettingID /format:rawxml<COMMAND SEQUENCENUM="1" ISSUEDFROM="CINQUE" STARTTIME="08-30-2011T16:44:44" EVERYCOUNT="0"><REQUEST><COMMANDLINE> path Win32_networkadapterconfiguration where"IPENABLED=TRUE" get Caption,SettingID /format:rawxml</COMMANDLINE><COMMANDLINECOMPONENTS><NODELIST><NODE>CINQUE</NODE></NODELIST></COMMANDLINECOMPONENTS><CONTEXT><NAMESPACE>root\cimv2</NAMESPACE><ROLE>root\cli</ROLE><IMPLEVEL>IMPERSONATE</IMPLEVEL><AUTHLEVEL>PKTPRIVACY</AUTHLEVEL><LOCALE>ms_410</LOCALE><PRIVILEGES>ENABLE</PRIVILEGES><TRACE>OFF</TRACE><RECORD>N/A</RECORD><INTERACTIVE>OFF</INTERACTIVE><FAILFAST>OFF</FAILFAST><OUTPUT>STDOUT</OUTPUT><APPEND>STDOUT</APPEND><USER>N/A</USER><AGGREGATE>ON</AGGREGATE></CONTEXT></REQUEST><RESULTS NODE="CINQUE"><CIM><INSTANCE CLASSNAME="Win32_NetworkAdapterConfiguration"><PROPERTY NAME="Caption" TYPE="string"><VALUE>[00000008] Atheros L1 GigabitEthernet 10/100/1000Base-T Controller</VALUE></PROPERTY><PROPERTY NAME="SettingID" TYPE="string"><VALUE>{4E1252DC-1884-4B8E-BFF4-B016E790CCF4}</VALUE></PROPERTY></INSTANCE></CIM></RESULTS></COMMAND>I have no idea why the CSV option is not working for you. Try checking contents of file %WINDIR%\system32\wbem\xsl-mappings.xml (if any):http://technet.microsoft.com/en-us/library/cc778755(WS.10).aspxhttp://technet.microsoft.com/en-us/library/cc784974(WS.10).aspxAnd if you have a %WINDIR%\system32\wbem\csv.xsl file.And if you have %WINDIR%\system32\wbem\ in path. (or try navigating to %WINDIR%\system32\wbem\ and run WMIC in it)jaclaz Edited September 3, 2011 by jaclaz Link to comment Share on other sites More sharing options...
bphlpt Posted August 30, 2011 Share Posted August 30, 2011 As is often the case, I reran your third suggested command, jaclaz:wmic path Win32_networkadapterconfiguration where "IPENABLED=TRUE" get Caption,SettingID /format:csvand got an output this time:Node,Caption,SettingIDCOMP,[00000007] Broadcom NetXtreme Gigabit Ethernet,{DAF2CE16-5B38-4AFF-BF3B-FD3A4AD9D28A}COMP,[00000012] VMware Virtual Ethernet Adapter for VMnet1,{34E15011-CC8B-4568-8B26-FB3006AC01A4}COMP,[00000013] VMware Virtual Ethernet Adapter for VMnet8,{001DA8BB-0E77-4622-BA99-0BC59B2417D0}Won't try to guess why it worked this time but not before. So anyway, I guess it should work for you as well, TheWalrus?Cheers and Regards Link to comment Share on other sites More sharing options...
jaclaz Posted August 30, 2011 Share Posted August 30, 2011 Won't try to guess why it worked this time but not before. So anyway, I guess it should work for you as well, TheWalrus?I seem (vaguely) to remember that on first EVER execution of a WMI (or WMIC) query/command on a system the WBEM (whatever it is) is *somehow* "initialized".Maybe this is the case. http://ss64.com/nt/wmic.htmlWhen you type WMIC for the first time in Windows 2003 all the aliases are compiled. The second, and subsequent times you run WMIC, it will start immediately. Under XP WMIC is slower to initialise, therefore to run several WMI queries it can be quicker to use interactive mode. Or maybe it is an Administrator/UAC/permission issue?Anyway, now that it works, run it like this:wmic path Win32_networkadapterconfiguration get /format:csv>C:\test\test.csvand open/import the resulting .csv file in *any* spreadsheet program.This way you will see easily all the info that is coming from the command and see which conditions you can use in the query and which fields are to be retrieved.Generic query syntax is:wmic path <wmi path> where <condition> get <comma separated fields you want to retrieve>jaclaz Link to comment Share on other sites More sharing options...
Octopuss Posted September 1, 2011 Author Share Posted September 1, 2011 (edited) tried running the command several times in a row, on work and home computers both, and still the same error message (UAC off, using local admin account)edit: if I skip the whole /format part, I do get some results. Edited September 1, 2011 by TheWalrus Link to comment Share on other sites More sharing options...
jaclaz Posted September 3, 2011 Share Posted September 3, 2011 (edited) tried running the command several times in a row, on work and home computers both, and still the same error message (UAC off, using local admin account)edit: if I skip the whole /format part, I do get some results.This is a mistery, since it came out as working for bphlpt I really have no idea why it does not work for you.Have you actually tried the suggested checks?:Try checking contents of file %WINDIR%\system32\wbem\xsl-mappings.xml (if any):http://technet.microsoft.com/en-us/library/cc778755(WS.10).aspxhttp://technet.microsoft.com/en-us/library/cc784974(WS.10).aspxAnd if you have a %WINDIR%\system32\wbem\csv.xsl file.And if you have %WINDIR%\system32\wbem\ in path. (or try navigating to %WINDIR%\system32\wbem\ and run WMIC in it)jaclaz Edited September 3, 2011 by jaclaz Link to comment Share on other sites More sharing options...
jaclaz Posted September 13, 2011 Share Posted September 13, 2011 As often happen OT (but not much ) a small app that is useful to do WQL Queries to WMI:WMI testerhttp://www.paessler.com/tools/wmitester(unlike the Wbemtest that is - to say the least - terrible in usage)jaclaz Link to comment Share on other sites More sharing options...
PatM Posted September 18, 2011 Share Posted September 18, 2011 There is probably an easy way to do this, but I am not too educated on the command line subject, so if someone could help me out I'd really appreciate it.I need to rename network adapter names on all the machines of our client from the default "Local area connection" to "LAN" for batch network settings change.I figured this is stored in registry, and finding it is actually pretty simple: REG QUERY HKLM\SYSTEM\CurrentControlSet\control\network\ /s /e /f "Local area connection"BUT how do I change it when I don't know where is it located in the first place? There are a few diferent machine types with different adapters, so obviously the registry location is slightly different.You can use a simple AutoIT script and AutoIT is free. Link to comment Share on other sites More sharing options...
Recommended Posts
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
Register a new accountSign in
Already have an account? Sign in here.
Sign In Now