deepblue/windows-itpro-docs
1
0
Fork 0
mirror of https://github.com/MicrosoftDocs/windows-itpro-docs.git synced 2025-05-12 13:27:23 +00:00
Code Issues Actions 2 Packages Projects Releases Wiki Activity
windows-itpro-docs/windows/client-management/mdm/using-powershell-scripting-with-the-wmi-bridge-provider.md
John Liu a8680be7fe
CAT Auto Pulish for Windows Release Messages - 20190910123725 (#1079) 
* Update waas-servicing-differences.md

Added two clarifications regarding Windows 10 preview updates.  I have consistently fielded questions about why they are 'missing' in people's enterprise environments.  It almost always boils down to one of these two notes: they either weren't published to WSUS or they are looking for the word 'Preview' in the title.

* Update windows/deployment/update/waas-servicing-differences.md

Looks great, thanks Johan!

Co-Authored-By: JohanFreelancer9 <48568725+JohanFreelancer9@users.noreply.github.com>

* Update waas-servicing-differences.md

Implement the MarkDown standard of using 1 space between the indent marker > and the [!Note] markers

* Update windows/deployment/update/waas-servicing-differences.md

Co-Authored-By: Nicole Turner <39884432+nenonix@users.noreply.github.com>

* Update windows/deployment/update/waas-servicing-differences.md

Co-Authored-By: Nicole Turner <39884432+nenonix@users.noreply.github.com>

* Update windows/deployment/update/waas-servicing-differences.md

Co-Authored-By: Trond B. Krokli <38162891+illfated@users.noreply.github.com>

* Updated the document

Updated the steps in the document related to Windows Analytics Solutions.

Problem: https://github.com/MicrosoftDocs/windows-itpro-docs/issues/4392

* Update windows/deployment/update/windows-analytics-FAQ-troubleshooting.md

Co-Authored-By: Trond B. Krokli <38162891+illfated@users.noreply.github.com>

* Update windows/deployment/update/windows-analytics-FAQ-troubleshooting.md

Co-Authored-By: Nicole Turner <39884432+nenonix@users.noreply.github.com>

* Update autopilot-support.md

Remove redundant line (PFE was the old term for an Ecosystem PM).  And added new alias for Ecosystem PMs (after discussing all this with the Ecosystem PM managers).

* Terminology Correction

Terminology Correction

* Incorrect Command Line Arguments

According to this doc https://docs.microsoft.com/en-us/windows-hardware/manufacture/desktop/windows-setup-command-line-options the correct command line argument for ignoring dismissable warnings is /Compat IgnoreWarning not /compat /ignore warning as specified here in the docs. Also, the same incorrect message is included in the setupdiag.exe, so when the report is generated, it is providing incorrect guidance.

* Update mbam-25-server-prerequisites-for-stand-alone-and-configuration-manager-integration-topologies.md

* Enterprise Mode schema: duplicate https usage

- Resolve duplicate use of https where both http and https was intended
- MarkDown code fence XML tag corrections
- Replace HTML `<br>` codes with NewLine
- Remove redundant space at the end of the version 2 file

Resolves #4769

* Update: NewLine changes

- Remove extraneous NewLine breaks
- Remove missed HTML `<br>` code

* Update credential-guard-manage.md

* Update event-5155.md

* Update windows-autopilot-requirements.md

Separated the Windows Autopilot deployment service and Windows Activation items into two separate rows to make it easier to read.

* Update upgrade-mbam2.5-sp1.md

* finish

* Update windows/security/threat-protection/auditing/event-5155.md

Co-Authored-By: JohanFreelancer9 <48568725+JohanFreelancer9@users.noreply.github.com>

* Update windows/security/threat-protection/auditing/event-5155.md

Co-Authored-By: JohanFreelancer9 <48568725+JohanFreelancer9@users.noreply.github.com>

* Update windows/security/threat-protection/auditing/event-5155.md

Co-Authored-By: JohanFreelancer9 <48568725+JohanFreelancer9@users.noreply.github.com>

* Update windows/security/threat-protection/auditing/event-5155.md

Co-Authored-By: JohanFreelancer9 <48568725+JohanFreelancer9@users.noreply.github.com>

* Update windows/security/threat-protection/auditing/event-5155.md

Co-Authored-By: JohanFreelancer9 <48568725+JohanFreelancer9@users.noreply.github.com>

* Update windows/security/threat-protection/auditing/event-5155.md

Co-Authored-By: JohanFreelancer9 <48568725+JohanFreelancer9@users.noreply.github.com>

* Update windows/security/threat-protection/auditing/event-5155.md

Co-Authored-By: JohanFreelancer9 <48568725+JohanFreelancer9@users.noreply.github.com>

* Update windows/security/threat-protection/auditing/event-5155.md

Co-Authored-By: JohanFreelancer9 <48568725+JohanFreelancer9@users.noreply.github.com>

* Update windows/security/threat-protection/auditing/event-5155.md

Co-Authored-By: JohanFreelancer9 <48568725+JohanFreelancer9@users.noreply.github.com>

* Update windows/security/threat-protection/auditing/event-5155.md

Co-Authored-By: Trond B. Krokli <38162891+illfated@users.noreply.github.com>

* Update windows/security/threat-protection/auditing/event-5155.md

Co-Authored-By: Trond B. Krokli <38162891+illfated@users.noreply.github.com>

* Update kiosk-mdm-bridge.md

* Windows Update resources: add MD code block

Description:

The list of manual regsvr32.exe commands becomes translated in other
languages, to the extent that extra words appear among the commands.
This is an attempt to mitigate this behavior in the machine translation,
by adding a MarkDown code block around the list of commands.

Proposed changes:
- Add MD code block around the long list of regsvr32.exe commands
- Remove blank space characters at the end of each line (cosmetic)

issue ticket reference or closure:
Ref. #4800 (Spanish "translation" of commands)
Ref. #3569, #3570, #3571, #3572, #3574, #3575
( [LOC] Back-Translation "regsvr32.exe [...]" )

* MetaData update: convert ^M (2x) to NewLine

- replaced Ctrl-M character with NewLine in MetaData

* Update mdop/mbam-v25/mbam-25-server-prerequisites-for-stand-alone-and-configuration-manager-integration-topologies.md

Co-Authored-By: JohanFreelancer9 <48568725+JohanFreelancer9@users.noreply.github.com>

* comment

* Clarify the registry key needed to set tags

* Update microsoft-defender-atp-mac-install-with-intune.md

adding troubleshooting step for common 'no license found' issue

* Add page for Audit Token Right Adjusted

* Windows/What's New: amend broken link in See Also

The first link under "See Also",
"What's New in Windows Server, version 1903" ,
is broken because it points to the wrong directory for the file
'whats-new-in-windows-server-1903' which resides in the new directory
/get-started-19/ instead of the old directory /get-started/.

This directory difference is only present in the docs.microsoft.com
pages, not on Github. The links are therefore pointing directly to the
docs.microsoft.com pages instead of being relative to the Github
directory structure.

Broken link:
https://docs.microsoft.com/windows-server/get-started/whats-new-in-windows-server-1903

Operative link:
https://docs.microsoft.com/windows-server/get-started-19/whats-new-in-windows-server-1903

Closes #4784

* Update TOC.md

* Added multifactor unlock

Added multifactor unlock feature update using Passport for work CSP.

Problem: https://github.com/MicrosoftDocs/windows-itpro-docs/issues/4700

* Added policies for 1803 and 1809 (1903 not out yet)

https://github.com/MicrosoftDocs/windows-itpro-docs/issues/3912

* Fix typo

* Actually fix typos

* Windows Defender Antivirus: amend broken link

From the issue ticket
> Set-mppreference is configured with dead URL. (#4831)

- The link "Use the [Set-MpPreference][]" is broken,
  but without the empty brackets it will work as expected.
- Removing the redundant empty brackets after the next link too.

Closes #4831

* Update windows/client-management/new-policies-for-windows-10.md

Co-Authored-By: Trond B. Krokli <38162891+illfated@users.noreply.github.com>

* Update windows/client-management/new-policies-for-windows-10.md

Co-Authored-By: Trond B. Krokli <38162891+illfated@users.noreply.github.com>

* Update upgrading-to-mbam-25-sp1-from-mbam-25.md

* Update windows/client-management/new-policies-for-windows-10.md

Co-Authored-By: JohanFreelancer9 <48568725+JohanFreelancer9@users.noreply.github.com>

* Update windows/client-management/new-policies-for-windows-10.md

Co-Authored-By: JohanFreelancer9 <48568725+JohanFreelancer9@users.noreply.github.com>

* Update windows/client-management/new-policies-for-windows-10.md

Co-Authored-By: JohanFreelancer9 <48568725+JohanFreelancer9@users.noreply.github.com>

* Update windows/client-management/new-policies-for-windows-10.md

Co-Authored-By: JohanFreelancer9 <48568725+JohanFreelancer9@users.noreply.github.com>

* URL addition of OWA

Added URL for OWA attachment protection using WIP

Problem: https://github.com/MicrosoftDocs/windows-itpro-docs/issues/3747

* Update windows/security/identity-protection/hello-for-business/feature-multifactor-unlock.md

Co-Authored-By: JohanFreelancer9 <48568725+JohanFreelancer9@users.noreply.github.com>

* Fixed text

"Automated investigation" instead of "Alert"

* Update waas-overview.md

Corrected a typo

* Update windows/deployment/update/waas-overview.md

Makes sense.

Co-Authored-By: Trond B. Krokli <38162891+illfated@users.noreply.github.com>

* edit

* Update microsoft-recommended-block-rules.md

updated typo in description.

* Update windows/security/threat-protection/auditing/audit-token-right-adjusted.md

Co-Authored-By: JohanFreelancer9 <48568725+JohanFreelancer9@users.noreply.github.com>

* note ragarding Company Portal change

https://github.com/MicrosoftDocs/windows-itpro-docs/issues/3843

info found here: https://blogs.technet.microsoft.com/cbernier/2018/03/08/windows-information-protection-adding-the-intune-company-portal-for-windows-as-an-exempt-app/

* Update microsoft-defender-atp-mac-install-with-intune.md

* Microsoft Defender ATP: amend copy-paste error

When using Microsoft Intune as part of the Defender ATP setup,
it will become necessary to configure some controlled folder access.
This bug looks like it could have been transferred from one of the
other pages during editing, but I could not locate it easily enough.

Anyway, the correct part of this step is to refer to
-- Controlled folder access --
exactly as the page name points to.

Thanks to jcampos79 for discovering this text-based bug.

Closes #4854

* Updated how to disable HVCI

Prior guidance to disable HVCI was outdated

* Update windows/security/threat-protection/device-guard/enable-virtualization-based-protection-of-code-integrity.md

Co-Authored-By: Trond B. Krokli <38162891+illfated@users.noreply.github.com>

* update content of upgrade mbam2.5 sp1

* Removed bullet

Removed bullet as it was not making any sense.

* format setting

a minor format setting

* Update windows/security/information-protection/windows-information-protection/enlightened-microsoft-apps-and-wip.md

Co-Authored-By: Trond B. Krokli <38162891+illfated@users.noreply.github.com>

* Update windows/security/information-protection/windows-information-protection/enlightened-microsoft-apps-and-wip.md

Co-Authored-By: Trond B. Krokli <38162891+illfated@users.noreply.github.com>

* sample script syntax error due to ASCII codes for quotes

sample script filter syntax contained ASCII codes for single quotes instead of actual quotes, causing the Get-CimInstance commands to error out.

* Update how-windows-update-works.md: amend typo

Simple typo correction, along with a few MarkDown
codestyle corrections for MD blockquote (`>`) indenting.

- typo correction: initates -> initiates
- codestyle corrections:
  3 MarkDown blockquote indentations amended

Thanks to Jessie Gouw (jessiegouw) for reporting the typo.

Closes #4866

* Moved '.' syntax description to a separate table

* fixes #4760, broken table

The formatting was broken because a pipe character was in the wrong place. There was also an extra row due to double spacing below the table.

* Enterprise Mode schema: convert Important notes

As previously discussed in this PR, I have converted the
**Important** section headings by using their MarkDown equivalent
> [!IMPORTANT] (as well as adding the blockquote for its text content).

* Update text in windows/security/threat-protection/windows-defender-application-guard/configure-wd-app-guard.md

Per review.

Co-Authored-By: JohanFreelancer9 <48568725+JohanFreelancer9@users.noreply.github.com>

* Update text in windows/security/threat-protection/windows-defender-application-guard/configure-wd-app-guard.md

Per review.

Co-Authored-By: JohanFreelancer9 <48568725+JohanFreelancer9@users.noreply.github.com>

* Spelled out acronym, fixed typo

* pull from public to private and fix warnings

* CAT Auto Pulish for Windows Release Messages - CAT_AutoPublish_20190910100213 (#1073)

* pull from public to private and fix warnings

* CAT Auto Pulish for Windows Release Messages - CAT_AutoPublish_20190910112417 (#1077)

* Cat auto publish 20190910112417 (#1081)

* Merge changes from master to live (#950)

* v 1.6

* removed a known issue

* removed references to CB, CBB

* Latest changes for publish today (#949)

* Merge from master to live (#956)

* safety checkin

* added location for group policy object

* replaced reboot w/ restart

* safety commit for some initial noodlings

* restructured to emphasize new policy; connected to TOC

* adjusting heading levels

* fixing tables

* Latest change for August 20 (#955)

* CAT Auto Pulish for Windows Release Messages - CAT_AutoPublish_20190823163336 (#980) (#981)

* CAT Auto Pulish for Windows Release Messages - 20190829112356 (#1007)

* Update deploy-the-latest-firmware-and-drivers-for-surface-devices.md

* add table

* CAT Auto Pulish for Windows Release Messages - CAT_AutoPublish_20190829102107 (#1006)

* CAT Auto Pulish for Windows Release Messages - CAT_AutoPublish_20190829175859 (#1012) (#1013)

* CAT Auto Pulish for Windows Release Messages - CAT_AutoPublish_20190830100739 (#1018) (#1019)

* CAT Auto Pulish for Windows Release Messages - 20190903135254 (#1033)

* SIEM connector: change alert notion to Detection

* update casing and redirects

* remove space json file

* fix json

* CAT Auto Pulish for Windows Release Messages - CAT_AutoPublish_20190903123340 (#1031)

* CAT Auto Pulish for Windows Release Messages - CAT_AutoPublish_20190906173611 (#1061) (#1062)

* CAT Auto Pulish for Windows Release Messages - CAT_AutoPublish_20190910100213 (#1073) (#1074)

* CAT Auto Pulish for Windows Release Messages - CAT_AutoPublish_20190910112417
2019-09-10 13:41:31 -07:00

10 KiB
Raw Blame History

title, description, ms.assetid, ms.reviewer, manager, ms.author, ms.topic, ms.prod, ms.technology, author, ms.date
title description ms.assetid ms.reviewer manager ms.author ms.topic ms.prod ms.technology author ms.date
Using PowerShell scripting with the WMI Bridge Provider This topic covers using PowerShell Cmdlet scripts to configure per-user and per-device policy settings, as well as how to invoke methods through the WMI Bridge Provider. 238D45AD-3FD8-46F9-B7FB-6AEE42BE4C08 dansimp dansimp article w10 windows manikadhiman 06/26/2017

Using PowerShell scripting with the WMI Bridge Provider

This topic covers using PowerShell Cmdlet scripts to configure per-user and per-device policy settings, as well as how to invoke methods through the WMI Bridge Provider.

Configuring per-device policy settings

This section provides a PowerShell Cmdlet sample script to configure per-device settings through the WMI Bridge Provider. If a class supports device settings, there must be a class level qualifier defined for InPartition("local-system").

For all device settings, the WMI Bridge client must be executed under local system user. To do that, download the psexec tool from https://technet.microsoft.com/sysinternals/bb897553.aspx and run psexec.exe -i -s cmd.exe from an elevated admin command prompt.

The script example in this section uses the class MDM_Policy_Config01_WiFi02:

[dynamic, provider("DMWmiBridgeProv"), InPartition("local-system")]
class MDM_Policy_Config01_WiFi02
{
  string InstanceID;
  string ParentID;
  sint32 AllowInternetSharing;
  sint32 AllowAutoConnectToWiFiSenseHotspots;
  sint32 WLANScanMode;
};

The following script describes how to create, enumerate, query, modify, and delete instances.

$namespaceName = "root\cimv2\mdm\dmmap"
$className = "MDM_Policy_Config01_WiFi02"

# Create a new instance for MDM_Policy_Config01_WiFi02 
New-CimInstance -Namespace $namespaceName -ClassName $className -Property @{ParentID="./Vendor/MSFT/Policy/Config";InstanceID="WiFi";AllowInternetSharing=1;AllowAutoConnectToWiFiSenseHotspots=0;WLANScanMode=100}

# Enumerate all instances available for MDM_Policy_Config01_WiFi02
Get-CimInstance -Namespace $namespaceName -ClassName $className

# Query instances with matching properties
Get-CimInstance -Namespace $namespaceName -ClassName $className -Filter "ParentID='./Vendor/MSFT/Policy/Config' and InstanceID='WiFi'"

# Modify existing instance
$obj = Get-CimInstance -Namespace $namespaceName -ClassName $className -Filter "ParentID='./Vendor/MSFT/Policy/Config' and InstanceID='WiFi'"
$obj.WLANScanMode=500
Set-CimInstance -CimInstance $obj

# Delete existing instance
try
{
    $obj = Get-CimInstance -Namespace $namespaceName -ClassName $className -Filter "ParentID='./Vendor/MSFT/Policy/Config' and InstanceID='WiFi'"
    Remove-CimInstance -CimInstance $obj
}
catch [Exception]
{
    write-host $_ | out-string
}

Configuring per-user settings

This section provides a PowerShell Cmdlet sample script to configure per-user settings through the WMI Bridge. If a class supports user settings, there must be a class level qualifier defined for InPartition("local-user").

The script example in this section uses the class MDM_Policy_User_Config01_Authentication02:

[dynamic, provider("DMWmiBridgeProv"), InPartition("local-user")]
class MDM_Policy_User_Config01_Authentication02
{
  string InstanceID;
  string ParentID;
  sint32 AllowEAPCertSSO;
};

Note

  If the currently logged on user is trying to access or modify user settings for themselves, it is much easier to use the per-device settings script from the previous section. All PowerShell cmdlets must be executed under an elevated admin command prompt.

 

If accessing or modifying settings for a different user, then the PowerShell script is more complicated because the WMI Bridge expects the user SID to be set in MI Custom Context, which is not supported in native PowerShell cmdlets.

Note

   All commands must executed under local system.

 

A user SID can be obtained by Windows command wmic useraccount get name, sid. The following script example assumes the user SID is S-1-5-21-4017247134-4237859428-3008104844-1001.

$namespaceName = "root\cimv2\mdm\dmmap"
$className = "MDM_Policy_User_Config01_Authentication02"

# Configure CIM operation options with target user info
$options = New-Object Microsoft.Management.Infrastructure.Options.CimOperationOptions
$options.SetCustomOption("PolicyPlatformContext_PrincipalContext_Type", "PolicyPlatform_UserContext", $false)
$options.SetCustomOption("PolicyPlatformContext_PrincipalContext_Id", "S-1-5-21-4017247134-4237859428-3008104844-1001", $false)

# Construct session used for all operations
$session = New-CimSession

##########################################################################
# Create a new instance for MDM_Policy_User_Config01_Authentication02
##########################################################################
$newInstance = New-Object Microsoft.Management.Infrastructure.CimInstance $className, $namespaceName
$property = [Microsoft.Management.Infrastructure.CimProperty]::Create("ParentID", './Vendor/MSFT/Policy/Config', "string", "Key")
$newInstance.CimInstanceProperties.Add($property)
$property = [Microsoft.Management.Infrastructure.CimProperty]::Create("InstanceID", 'Authentication', "String", "Key")
$newInstance.CimInstanceProperties.Add($property)
$property = [Microsoft.Management.Infrastructure.CimProperty]::Create("AllowEAPCertSSO", 1, "Sint32", "Property")
$newInstance.CimInstanceProperties.Add($property)
try
{
    $session.CreateInstance($namespaceName, $newInstance, $options)
}
catch [Exception]
{
    write-host $_ | out-string
}

##########################################################################
# Enumerate all instances for MDM_Policy_User_Config01_Authentication02
##########################################################################
$session.EnumerateInstances($namespaceName, $className, $options)

##########################################################################
# Query instance for MDM_Policy_User_Config01_Authentication02
# with matching properties
##########################################################################
$getInstance = New-Object Microsoft.Management.Infrastructure.CimInstance $className, $namespaceName
$property = [Microsoft.Management.Infrastructure.CimProperty]::Create("ParentID", './Vendor/MSFT/Policy/Config', "string", "Key")
$getInstance.CimInstanceProperties.Add($property)
$property = [Microsoft.Management.Infrastructure.CimProperty]::Create("InstanceID", 'Authentication', "String", "Key")
$getInstance.CimInstanceProperties.Add($property)
try
{
    $session.GetInstance($namespaceName, $getInstance, $options)
}
catch [Exception]
{
    write-host $_ | out-string
}

##########################################################################
# Modify existing instance for MDM_Policy_User_Config01_Authentication02
##########################################################################
$getInstance = New-Object Microsoft.Management.Infrastructure.CimInstance $className, $namespaceName
$property = [Microsoft.Management.Infrastructure.CimProperty]::Create("ParentID", './Vendor/MSFT/Policy/Config', "string", "Key")
$getInstance.CimInstanceProperties.Add($property)
$property = [Microsoft.Management.Infrastructure.CimProperty]::Create("InstanceID", 'Authentication', "String", "Key")
$getInstance.CimInstanceProperties.Add($property)
try
{
    $updateInstance = $session.GetInstance($namespaceName, $getInstance, $options)[0]
    $updateInstance.AllowEAPCertSSO = 0
    $session.ModifyInstance($namespaceName, $updateInstance, $options)
}
catch [Exception]
{
    write-host $_ | out-string
}

##########################################################################
# Delete existing instance for MDM_Policy_User_Config01_Authentication02
##########################################################################
$getInstance = New-Object Microsoft.Management.Infrastructure.CimInstance $className, $namespaceName
$property = [Microsoft.Management.Infrastructure.CimProperty]::Create("ParentID", './Vendor/MSFT/Policy/Config', "string", "Key")
$getInstance.CimInstanceProperties.Add($property)
$property = [Microsoft.Management.Infrastructure.CimProperty]::Create("InstanceID", 'Authentication', "String", "Key")
$getInstance.CimInstanceProperties.Add($property)
try
{
    $deleteInstance = $session.GetInstance($namespaceName, $getInstance, $options)[0]
    $session.DeleteInstance($namespaceName, $deleteInstance, $options)
}
catch [Exception]
{
    write-host $_ | out-string
}

Invoking methods

This section provides a PowerShell Cmdlet sample script to invoke a WMI Bridge object method. The following script must be executed under local system user. To do that, download the psexec tool from https://technet.microsoft.com/sysinternals/bb897553.aspx and run psexec.exe -i -s cmd.exe from an elevated admin command prompt.

The script example in this section uses the UpgradeEditionWithProductKeyMethod method of the MDM_WindowsLicensing class.

$namespaceName = "root\cimv2\mdm\dmmap"
$className = "MDM_WindowsLicensing"
$methodName = "UpgradeEditionWithProductKeyMethod"
$fakeProductKey = "7f1a3659-3fa7-4c70-93ce-0d354e8e158e"

$session = New-CimSession

$params = New-Object Microsoft.Management.Infrastructure.CimMethodParametersCollection
$param = [Microsoft.Management.Infrastructure.CimMethodParameter]::Create("param", $fakeProductKey, "String", "In")
$params.Add($param)

try
{
    $instance = Get-CimInstance -Namespace $namespaceName -ClassName $className -Filter "ParentID='./Vendor/MSFT' and InstanceID='WindowsLicensing'"
    $session.InvokeMethod($namespaceName, $instance, $methodName, $params)
}
catch [Exception]
{
    write-host $_ | out-string
}

Related topics

WMI Bridge Provider