WMIC command on Ubuntu 16.04 LTS

I have written several months ago a post on how to install the wmic command on a linux system. Some additional steps are required now to get the wmic command on an Ubuntu 16.04 LTS server.

Description

Windows Management Instrumentation Command-line (WMIC) uses Windows Management Instrumentation (WMI) to enable system management from the command line.

Installation
Pre-requisites

Patch

The current sources are outdated and use some deprecated instructions. Before running the compilation, please follow these steps:

  • Edit the file GNUmakefile and add the following line at the top after the license info:
    ZENHOME=$(HOME)
  • Edit the file /data/tools/wmi-1.3.14/Samba/source/pidl/pidl : remove the line number 583
    defined @$pidl || die "Failed to parse $idl_file";
  • Edit the file /data/tools/wmi-1.3.14/Samba/source/lib/tls/tls.c
    • Line 508: replace gnutls_transport_set_lowat(tls->session, 0); by gnutls_record_check_pending(tls->session);
    • Line 579: remove the line gnutls_certificate_type_set_priority(tls->session, cert_type_priority);
    • Line 587: replace gnutls_transport_set_lowat(tls->session, 0); by gnutls_record_check_pending(tls->session);
Compilation

Usage

Examples

Note: For a complete list of classes you can request, please refer to http://msdn.microsoft.com/en-us/library/aa394554(v=vs.85).aspx

Get system information

Get list of running processes

<>

References

Source 1
Source 2
Source 3

4 thoughts on “WMIC command on Ubuntu 16.04 LTS

  • June 30, 2018 at 05:40
    Permalink

    hello,
    I installed wmic according to your descriptions. My problem is that when I run below command with quotation in RecordNumber it does not run correctly and generate error code ([wmi/wmic.c:212:main()] ERROR: Retrieve result data.NTSTATUS: NT code 0xc002001b – NT code 0xc002001b) but without quotation it run correctly.
    /usr/local/bin/wmic -U domain/user%password //host “select * from Win32_NTLogEvent where Logfile = ‘Security’ and RecordNumber > ‘216665699’”
    What is the reason?!
    Thanks

    Reply
    • July 3, 2018 at 08:22
      Permalink

      Hello,

      You can troubleshoot the issue by performing these three steps:
      – connect locally on the windows host and run the following command in a Powershell window (admin mode) : get-wmiobject -query “select * from Win32_NTLogEvent where Logfile = ‘Security’ and RecordNumber > ‘216665699’”
      – connect on another windows host and try the same with the command : get-wmiobject -query “select * from Win32_NTLogEvent where Logfile = ‘Security’ and RecordNumber > ‘216665699’” -computername host
      – on your linux box, try again with the command : /usr/local/bin/wmic -U domain/user%password //host “select * from Win32_NTLogEvent where Logfile = ‘Security’ and RecordNumber > ‘216665699’”

      On the linux box, try different commands : use ip address, change the username (admin, non admin, local, …)

      Waiting for your feedback

      Have a nice day

      Nico

      Reply
  • July 4, 2018 at 08:00
    Permalink

    For host machine how to use Wmic?
    Please give example

    Reply

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.