Permissions can be set to either allow access ot to deny access. The functions I’ve presented so far only work with Allow permissions. Using Deny permissions should be avoided if at all possible but sometimes there’s no alternative.

First thing is to modify Get-SharePermission so that it shows if the permission is allowed or denied.

#requires -Version 3.0

function Get-SharePermission {

[CmdletBinding()]

param (

[Parameter(Mandatory=$true)]

[string]$sharename,

[string]$computername = $env:COMPUTERNAME

)

$shss = Get-CimInstance -Class Win32_LogicalShareSecuritySetting -Filter “Name=’$sharename’” -ComputerName $computername

$sd = Invoke-CimMethod -InputObject $shss -MethodName GetSecurityDescriptor |

select -ExpandProperty Descriptor

foreach ($ace in $sd.DACL) {

switch ($ace.AccessMask) {

1179817 {$permission = ‘Read’}

1245631 {$permission = ‘Change’}

2032127 {$permission = ‘FullControl’}

default {$permission = ‘Special’}

}

$trustee = $ace.Trustee

$user = “$($trustee.Domain)\$($trustee.Name)”

switch ($ace.AceType) {

0 {$status = ‘Allow’}

1 {$status = ‘Deny’}

2 {$status = ‘Audit’}

}

$props = [ordered]@{

User = $user

Permissions = $permission

Status = $status

}

New-Object -TypeName PSObject -Property $props

} # emd foreach

} # end function

The modification is to add a switch based on the AceType property of the Win32_ACE object (http://msdn.microsoft.com/en-us/library/aa394063(v=vs.85).aspx) to determine the status of the permission. Add a property called Status to the output object and set it equal to the status determined in the switch.

Modifying the Add-SharePermission function to enable the application of Deny permissions is a simple matter of adding a switch parameter –deny and modifying the way the AcreType is set:

#requires -Version 3.0

function Add-SharePermission {

[CmdletBinding()]

param (

[Parameter(Mandatory=$true)]

[string]$sharename,

[string]$domain = $env:COMPUTERNAME,

[Parameter(Mandatory=$true)]

[string]$trusteeName,

[Parameter(Mandatory=$true)]

[ValidateSet("Read", "Change", "FullControl")]

[string]$permission = “Read”,

[string]$computername = $env:COMPUTERNAME,

[switch]$deny

)

switch ($permission) {

‘Read’ {$accessmask = 1179817}

‘Change’ {$accessmask = 1245631}

‘FullControl’ {$accessmask = 2032127}

}

$tclass = [wmiclass]“\\$computername\root\cimv2:Win32_Trustee”

$trustee = $tclass.CreateInstance()

$trustee.Domain = $domain

$trustee.Name = $trusteeName

$aclass = [wmiclass]“\\$computername\root\cimv2:Win32_ACE”

$ace = $aclass.CreateInstance()

$ace.AccessMask = $accessmask

$ace.AceFlags = 0

if ($deny)

{

$ace.AceType = 1

}

else

{

$ace.AceType = 0

}

$ace.Trustee = $trustee

$shss = Get-WmiObject -Class Win32_LogicalShareSecuritySetting -Filter “Name=’$sharename’” -ComputerName $computername

$sd = Invoke-WmiMethod -InputObject $shss -Name GetSecurityDescriptor |

select -ExpandProperty Descriptor

$sclass = [wmiclass]“\\$computername\root\cimv2:Win32_SecurityDescriptor”

$newsd = $sclass.CreateInstance()

$newsd.ControlFlags = $sd.ControlFlags

foreach ($oace in $sd.DACL){$newsd.DACL += $oace}

$newsd.DACL += $ace

$share = Get-WmiObject -Class Win32_LogicalShareSecuritySetting -Filter “Name=’$sharename’” -ComputerName $computername

$share.SetSecurityDescriptor($newsd)

} # end function

The hard work is done by this part of the code:

if ($deny)

{

$ace.AceType = 1

}

else

{

$ace.AceType = 0

}

where the value of AceType is set to 1 for deny and 0 for allow.

The last change to the share permissions functions to modify the Set-SharePermissions functions to enable the application of Deny permissions.

The function becomes:

#requires -Version 3.0

function Set-SharePermission {

[CmdletBinding()]

param (

[Parameter(Mandatory=$true)]

[string]$sharename,

[string]$domain = $env:COMPUTERNAME,

[Parameter(Mandatory=$true)]

[string]$trusteeName,

[Parameter(Mandatory=$true)]

[ValidateSet("Read", "Change", "FullControl")]

[string]$permission = “Read”,

[string]$computername = $env:COMPUTERNAME,

[parameter(ParameterSetName="AllowPerm")]

[switch]$allow,

[parameter(ParameterSetName="DenyPerm")]

[switch]$deny

)

switch ($permission) {

‘Read’ {$accessmask = 1179817}

‘Change’ {$accessmask = 1245631}

‘FullControl’ {$accessmask = 2032127}

}

$tclass = [wmiclass]“\\$computername\root\cimv2:Win32_Trustee”

$trustee = $tclass.CreateInstance()

$trustee.Domain = $domain

$trustee.Name = $trusteeName

$aclass = [wmiclass]“\\$computername\root\cimv2:Win32_ACE”

$ace = $aclass.CreateInstance()

$ace.AccessMask = $accessmask

switch ($psCmdlet.ParameterSetName) {

“AllowPerm” {$ace.AceType = 0}

“DenyPerm” {$ace.AceType = 1}

default {Write-Host “Error!!! Should not be here” }

}

$ace.Trustee = $trustee

$shss = Get-WmiObject -Class Win32_LogicalShareSecuritySetting -Filter “Name=’$sharename’” -ComputerName $computername

$sd = Invoke-WmiMethod -InputObject $shss -Name GetSecurityDescriptor |

select -ExpandProperty Descriptor

$sclass = [wmiclass]“\\$computername\root\cimv2:Win32_SecurityDescriptor”

$newsd = $sclass.CreateInstance()

$newsd.ControlFlags = $sd.ControlFlags

foreach ($oace in $sd.DACL){

if (($oace.Trustee.Name -eq $trusteeName) -AND ($oace.Trustee.Domain -eq $domain) ) {

continue

}

else

{

$newsd.DACL += $oace

}

}

$newsd.DACL += $ace

$share = Get-WmiObject -Class Win32_LogicalShareSecuritySetting -Filter “Name=’$sharename’” -ComputerName $computername

$share.SetSecurityDescriptor($newsd)

} # end function

The changes are to add two switches –allow & –deny. Put them in different parametersets to ensure mutual exclusivity.

As you are using parametersets you can use a switch based on the parameterset name to set the ACE type.

switch ($psCmdlet.ParameterSetName) {

“AllowPerm” {$ace.AceType = 0}

“DenyPerm” {$ace.AceType = 1}

default {Write-Host “Error!!! Should not be here” }

}

Everything else remains the same.

The CIM and WMI cmdlets both provide a way to use the methods on CIM classes namely Invoke-CimMethod and Invoke-WmiMethod. The cmdlets are very similar in operation.

$vol = Get-WmiObject -Class Win32_Volume -Filter “DriveLetter = ‘D:’”

Invoke-WmiMethod -InputObject $vol -Name Chkdsk -ArgumentList $false, $true, $true, $false, $false, $false

The argumenst list isn’t very informative – unless you know the class, read the documentation or investigate with Get-CimClass

Using the CIM cmdlets is a bit more informative as to what is going on.

$vol = Get-CimInstance -ClassName Win32_Volume -Filter “DriveLetter = ‘D:’”

Invoke-CimMethod -InputObject $vol -MethodName Chkdsk -Arguments @{FixErrors=$false; ForceDismount=$false; OkToRunAtB
ootUp = $false; RecoverBadSectors = $false; SkipFolderCycle = $true; VigorousIndexCheck = $true}

You present the arguments as a hash table – this means you can create the hash table and pass it to the method

$margs = @{
FixErrors=$false
ForceDismount=$false
OkToRunAtBootUp = $false
RecoverBadSectors = $false
SkipFolderCycle = $true
VigorousIndexCheck = $true
}
Invoke-CimMethod -InputObject $vol -MethodName Chkdsk -Arguments $margs

This also means that you can create a default set of values and manipulate them in your scripts very easily

Using Invoke-CimMethod involves more typing but I think that’s worth it for the clarity. Of course if you are going to be using the methods of class a lot then I’d recommend that you create a CDXML module from the class – but that’s a whole different set of articles.

I was investigating something on my disks and started to look at the partitions:

£> Get-CimInstance -ClassName Win32_Partition
Get-CimInstance : Invalid class
At line:1 char:1
+ Get-CimInstance -ClassName Win32_Partition
+ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+ CategoryInfo          : MetadataError: (root\cimv2:Win32_Partition:String) [Get-CimInstance], CimException
+ FullyQualifiedErrorId : HRESULT 0×80041010,Microsoft.Management.Infrastructure.CimCmdlets.GetCimInstanceCommand

OK so my memory isn’t what it was and I got the class name wrong. How to find the correct class?

£> Get-CimClass *Partition*
NameSpace: ROOT/cimv2

CimClassName
————
CIM_DiskPartition
Win32_DiskPartition
Win32_SystemPartitions
CIM_LogicalDiskBasedOnPartition
Win32_LogicalDiskToPartition
CIM_RealizesDiskPartition
Win32_DiskDriveToDiskPartition
Win32_PerfFormattedData_HvStats_…
Win32_PerfRawData_HvStats_HyperV…
Win32_PerfFormattedData_HvStats_…
Win32_PerfRawData_HvStats_HyperV…
Win32_PerfFormattedData_VidPerfP…
Win32_PerfRawData_VidPerfProvide…

I’ve truncated the display horizontally as not interested in methods & properties at this point
So the class I want is Win32_DiskPartition.

Get-CimClass is one of the biggest benefits from PowerShell 3.0

I much prefer the CIM cmdlets for accessing remote machines. The WMI cmdlets use DCOM which is firewall unfriendly and can often be unavailable of a server – cue the dreaded RPC server is unavailable error messages.

By contrast the CIM cmdlets use WSMAN.

For one off access to a remote machine use the computername parameter

Get-CimInstance -ClassName Win32_OperatingSystem -ComputerName RSSURFACEPRO2

If you want to access a machine multiple times in the session create a CIM session – analagous to a remoting session

$cs = New-CimSession -ComputerName RSSURFACEPRO2
Get-CimInstance -ClassName Win32_OperatingSystem -CimSession $cs

By default a CIM session uses WSMAN

£> $cs
Id           : 1
Name         : CimSession1
InstanceId   : 30c2b530-4ff7-448e-b68d-1f1282890e6a
ComputerName : RSSURFACEPRO2
Protocol     : WSMAN

though you can configure them to use DCOM if need be

$opt = New-CimSessionOption -Protocol DCOM
$csd = New-CimSession -ComputerName RSSURFACEPRO2 -SessionOption $opt
Get-CimInstance -ClassName Win32_OperatingSystem -CimSession $csd

When would you need to use DCOM – if you are accessing a machine with PowerShell 2 installed. The CIM cmdlets want to use WSMAN 3 and will error if you access a machine with WSMAN 2 installed however if you include a –Filter they will work

So

Get-CimInstance -ClassName Win32_OperatingSystem -ComputerName computer1

will fail if computer1 is running WSMAN 2 (PowerShell 2)

However, if you change the command to include a filter

Get-CimInstance -ClassName Win32_OperatingSystem -Filter “Manufacturer LIKE ‘Microsoft%’” -ComputerName computer1

Even if, as in this case, the filter doesn’t actually do anything

Saw a question on the forums about formatting all disks but the C: drive.  Assuming you ever need to do such a destructive activity you might want think about ths sort of approach

Get-CimInstance -ClassName Win32_Volume -Filter “DeviceId != ‘C:’” |
foreach {
Invoke-CimMethod -whatif -InputObject $psitem -MethodName Format -Arguments @{
ClusterSize = 4096
EnableCompression = $false
FileSystem = ‘NTFS’
QuickFormat = $true
}
}

Notice I’ve left the –whatif in for safety

More details on the Win32_Volume class at http://msdn.microsoft.com/en-us/library/aa394515%28v=vs.85%29.aspx

Finding the Windows features installed on a remote machine can be an interesting task. You could use Get-WindowsFeature but that gives you a “graphical” display:

£> Get-WindowsFeature | where DisplayName -like ‘*DNS*’

Display Name         Name             Install State
————         —-             ————-
[X] DNS Server       DNS              Installed
[X] DNS Server Tools RSAT-DNS-Server  Installed

Or you could use Get-SMServerFeature from the ServerManagerTasks module:

£> Get-SMServerFeature -BatchSize 1000  | where DisplayName -like ‘*DNS*’ | sort Displayname | ft -a Displayname, State, Type, ConfigurationStatus

Displayname      State Type ConfigurationStatus
———–      —– —- ——————-
DNS Server           1    0                   3
DNS Server Tools     1    2                   3

Which is CIM based and uses a new class: root/microsoft/windows/servermanager/MSFT_ServerFeature

Following the tradition firmly established since the introduction of WMI the data from this class is represented by integer values AND just for giggles its not documented. To be fair most of the WMI classes aren’t documented.

<rant>

We need documentation for these classes

</rant>

In an effort to work out which are the important values I compared the outputs from

Get-SMServerFeature -BatchSize 1000  | where DisplayName -like ‘*PowerShell*’ | sort Displayname | ft -a Displayname, State, Type, ConfigurationStatus

AND

Get-WindowsFeature | where DisplayName -like ‘*PowerShell*’ | sort Displayname

The important property from  Get-SMServerFeature  seems to be State which takes a 0 or 1. O corresponds to Available in Get-WindowsFeature and 1 corresponds to Installed.

You can use the trick I show in PowerShell and WMI (www.manning.com/siddaway2)

$state = DATA {ConvertFrom-StringData -StringData @’
0 = Available
1 = Installed
‘@}

Get-SMServerFeature -BatchSize 1000  |
where DisplayName -like ‘*PowerShell*’ |
sort Displayname |
select DisplayName, UniqueName,
@{N=’State’; E={$state["$($_.State)"]}

$state = DATA {ConvertFrom-StringData -StringData @’
0 = Available
1 = Installed
‘@}

Create a hash table for the integer values and their meaning and use that hash table in a calculated field to get the meaning from the integer value.

The output will look like this:

DisplayName : Windows PowerShell Web Access
UniqueName  : WindowsPowerShellWebAccess
State       : Available

Its now easy to compare the data between different machines.  Get-SMServerFeature has a CimSession parameter for working with remote machines

A WMI troubleshooting series has been started on the Ask the Performance Team Blog.

The overview article is:

http://blogs.technet.com/b/askperf/archive/2014/08/07/troubleshooting-wmi-series-coming.aspx

The first article is about common symptoms and errors:

http://blogs.technet.com/b/askperf/archive/2014/08/08/wmi-common-symptoms-and-errors.aspx

followed by an article on dealing with WMI repository corruption:

http://blogs.technet.com/b/askperf/archive/2014/08/08/wmi-repository-corruption-or-not.aspx

Very useful information in both articles. If the rest of the series is at this level you’ll want to book mark these posts

If you use Get-CimInstance and examine the object returnd – you’ll find some meta-data at the end of the object:

CimClass                                  : root/cimv2:Win32_OperatingSystem
CimInstanceProperties                     : {Caption, Description, InstallDate, Name…}
CimSystemProperties                       : Microsoft.Management.Infrastructure.CimSystemProperties

Expand CimInstanceProperties

£> Get-CimInstance Win32_OperatingSystem | select -ExpandProperty CimInstanceProperties | fl *

And you’ll see an entry like this for each property
Name            : Caption
Value           : Microsoft Windows 8.1 Pro
CimType         : String
Flags           : Property, ReadOnly, NotModified
IsValueModified : False

The CimType and Flags attributes are especially useful

For instance you can use them to discover which properties can be modified:

Get-CimInstance Win32_OperatingSystem |
select -ExpandProperty CimInstanceProperties |
foreach {
$flags =   ($psitem | select -ExpandProperty Flags)  -split “, ”

if ($flags -notcontains ‘ReadOnly’){$psitem}
}

Remember that other properties may be modifiable via a method on the class.

You can find similar information via Get-CimClass

$class = Get-CimClass -ClassName Win32_OperatingSystem

$class.CimClassProperties |
foreach {
$flags =   ($psitem | select -ExpandProperty Flags)  -split “, ”

if ($flags -notcontains ‘ReadOnly’){$psitem}
}

Get-CimClass gives you the qualifiers as well as the flags. Get-CimInstance gives you the value of the property if set.

Two options with slightly different results. All the better to investigate CIM classes

A question on the forum asked about extracting the year from the ReleaseDate property returned by Win32_BIOS

They were trying to do this

Get-CimInstance Win32_BIOS | Select-Object @{n=”ReleaseDate”;e={$_.ConvertToDateTime($_.ReleaseDate).year()}}

There are 2 problems with this approach – firstly the objects that Get-CimInstance produces don’t have the ConvertToDateTime method (its added by PowerShell to the objects produces by Get-WmiObject) and secondly on a DateTime object Year is a property not a method.

If you use the WMI cmdlet you see this

£> Get-WmiObject -Class Win32_Bios | select Releasedate

Releasedate
———–
20140512000000.000000+000

The date is in WMI format and needs to be converted.

£> Get-WmiObject Win32_BIOS | Select-Object @{n=”ReleaseDate”;e={$_.ConvertToDateTime($_.ReleaseDate)}}

ReleaseDate
———–
12/05/2014 01:00:00

If you want just the year

£> Get-WmiObject Win32_BIOS | Select-Object @{n=”ReleaseDate”;e={($_.ConvertToDateTime($_.ReleaseDate)).Year}}

ReleaseDate
———–
2014

This conversion is already done for you with the CIM cmdlets

£> Get-CimInstance -CimSession $c -ClassName Win32_Bios | select ReleaseDate

ReleaseDate
———–
12/05/2014 01:00:00

Again if you just want the year

£> ((Get-CimInstance -CimSession $c -ClassName Win32_Bios).ReleaseDate).Year
2014

I saw a question regarding finding the Win32_NetworkAdapter instance using the matching Win32_NetworkAdapterConfiguration starting point.  This answers the “which adapter has an IP address of X” type question.

The Index property on a Win32_NetworkAdapterConfiguration instance has the same value as the DeviceId property on the corresponding Win32_NetworkAdapter.

An alternative is to use the ASSOCIATORS WQL keyword.

That approach get s a bit messy but looks like this:

$query = “ASSOCIATORS OF {Win32_NetworkAdapterConfiguration.Index=’18′} WHERE RESULTCLASS = Win32_NetworkAdapter”
Get-WmiObject -Query $query

The CIM cmdlets get a bit better

$config = Get-CimInstance win32_networkadapterconfiguration -Filter “Index = 18″
Get-CimAssociatedInstance -InputObject $config -ResultClassName Win32_NetworkAdapter

Much simpler and you avoid the WQL

One common mistake I see is people trying to set the value of a read only property on a WMI class.  There isn’t a quick way to see if a property is writable. Get-CimClass can be used but you have to dig into the Qualifiers for each property.

You can use this function to determine the read\write settings on all of the properties of a WMI class

function get-cimreadwriteproperties {
[CmdletBinding()]
param (
[string]$classname
)

$props = @()

$class = Get-CimClass -ClassName $classname
$class.CimClassProperties |
foreach {
$prop = [ordered]@{
Name = $psitem.Name
Read = $false
Write = $false
}

$psitem |
select -ExpandProperty Qualifiers |
foreach {
if ($_.Name.ToLower() -eq ‘read’) {
$prop.Read = $true
}
if ($_.Name.ToLower() -eq ‘write’) {
$prop.Write = $true
}
}

$props += New-Object -TypeName PSObject -Property $prop
}

$props

}

Take the class name as a parameter and use Get-CimClass. Iterate through the properties and foreach create an output object. Test each qualifier to determine if read or write and set out to true. Add to array and output.

The output looks like this

£> get-cimreadwriteproperties -classname Win32_bios | ft -AutoSize

Name                  Read Write
—-                  —- —–
Caption               True False
Description           True False
InstallDate           True False
Name                  True False
Status                True False
BuildNumber           True False

etc

£> get-cimreadwriteproperties -classname Win32_LogicalDisk | ft -AutoSize

Name                          Read Write
—-                          —- —–
Caption                       True False
Description                   True False
InstallDate                   True False
<truncated>

ErrorMethodology              True False
NumberOfBlocks               False False
Purpose                       True False
<truncated>
VolumeDirty                   True False
VolumeName                    True  True
VolumeSerialNumber            True False

KB3000850 – the November roll up for Windows 2012 R2 contains some very useful updates.

I’ve installed it on some machines in my lab but not all. The update is huge so I’m installing it manually rather than through WSUS.

I need to test a remote machine to determine if the update  is installed.

If it is installed you get a this back

£> Get-HotFix -Id KB3000850 -ComputerName w12r2dsc

Source        Description             HotFixID         InstalledBy
——          ———–                ——–          ———–
W12R2DSC      Update           KB3000850      MANTICORE\Richard

But if its not installed you get this

£> Get-HotFix -Id KB3000850 -ComputerName w12r2od01
Get-HotFix : Cannot find the requested hotfix on the ‘w12r2od01′ computer. Verify the input and run the command again.
At line:1 char:1
+ Get-HotFix -Id KB3000850 -ComputerName w12r2od01
+ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+ CategoryInfo          : ObjectNotFound: (:) [Get-HotFix], ArgumentException
+ FullyQualifiedErrorId : GetHotFixNoEntriesFound,Microsoft.PowerShell.Commands.GetHotFixCommand

Get-Hotfix actually uses the Win32_QuickFixEngineering CIM class so you need to have DCOM open on the remote system otherwise you get a

Get-HotFix : The RPC server is unavailable. (Exception from HRESULT: 0x800706BA)

error.

You need to wrap the call to Get-Hotfix in a try catch. You only need to know if the update is installed so creating a specialised output object manages that for you

Get-VM |
where State -eq ‘Running’ |
foreach {

$props = @{
Machine = $($psitem.Name)
Present = $false
}

try {
$hf = Get-HotFix -Id KB3000850 -ComputerName $psitem.Name -ErrorAction Stop
$props.Present = $true
}
catch {
$props.Present = $false
}

New-Object -TypeName PSObject -Property $props

}

Substitute any other method of getting a list of computer names, for my call to Get-VM, to match your environment.

Today starts a four part series I’ve written for the Scripting Guy blog on using CDXML to create a module to work with the registry.  Don’t know what CDXML is – you will when you’ve read the series

The first post is at http://blogs.technet.com/b/heyscriptingguy/archive/2015/02/02/registry-cmdlets-manage-the-registry.aspx

My CDXML series on the Scripting Guy blog finished today.  The 4 articles are:

http://blogs.technet.com/b/heyscriptingguy/archive/2015/02/02/registry-cmdlets-manage-the-registry.aspx

http://blogs.technet.com/b/heyscriptingguy/archive/2015/02/03/registry-cmdlets-first-steps-with-cdxml.aspx

http://blogs.technet.com/b/heyscriptingguy/archive/2015/02/04/registry-cmdlets-advanced-cdxml.aspx

http://blogs.technet.com/b/heyscriptingguy/archive/2015/02/05/registry-cmdlets-using-advanced-cdxml.aspx

A question came up on the forum about copying files with CIM (WMI). I normally use Copy-Item rather than CIM as its easier. The questioner was using CIM_LogicalFile when I’ve normally used CIM_DataFile so I decided to take a look at the class. In reality the two classes are very similar and CIM-datafile could be substituted for CIM_LogicalFile in the code that follows.

The obvious starting point is to use the Copy method on the CIM_LogicalFile class

$files = Get-WmiObject -Class CIM_LogicalFile -Filter “Path = ‘\\Test\\’ AND Extension = ‘txt'”

foreach ($file in $files) {
$newfile = “C:\Test2\$($file.FileName).$($file.Extension)”

$file.Copy($newfile)

}

Couple of points to note. In the Path part of the filter you have to escape the \ delimiter.  Extension doesn’t include the ‘.’

You have to give the full path – including file name – to the loaction to which you want to copy the file. In this case you don’t have to escape the \ delimiter. Consistency is a wonderful thing and usually absent from WMI.

You can also use Invoke-WmiMethod

$files = Get-WmiObject -Class CIM_LogicalFile -Filter “Path = ‘\\Test\\’ AND Extension = ‘txt'”

foreach ($file in $files) {
$newfile = “C:\Test2\$($file.FileName).$($file.Extension)”

Invoke-WmiMethod -InputObject $file  -Name Copy -ArgumentList $newfile

}

OR

use the new CIM cmdlets

$files = Get-CimInstance -ClassName CIM_LogicalFile -Filter “Path = ‘\\Test\\’ AND Extension = ‘txt'”

foreach ($file in $files) {
$newfile = “C:\Test2\$($file.FileName).$($file.Extension)”

Invoke-CimMethod -InputObject $file  -MethodName Copy -Arguments @{Filename = $newfile}

}

In this case you have to give the argument name for the method as well as its value. You can discover the method parameters using Get-CimClass

$class = Get-CimClass CIM_LogicalFile

£> $class.CimClassMethods[“Copy”].Parameters

I’ve tended to advocate using the –Filter parameter rather than the –Query parameter with the CIM (and WMI) cmdlets but a recent post on the Windows Management Infrastructure blog has me questioning that decision.

Using Measure-Command I tried various pairs of commands – such as:

Measure-Command {Get-CimInstance -ClassName Win32_Directory -Filter “Name = ‘C:\\Test2′”}

Measure-Command {Get-CimInstance -Query “SELECT * FROM Win32_Directory WHERE Name = ‘C:\\Test2′”}

The results weren’t conclusive but it seems that at worst there is no significant difference between the approaches and at best using a query is significantly faster.

At the moment my best advice would be use the –Filter parameter if you want to reduce typing but try –Query if speed becomes your main issue.

Don Jones provides a very good summary of the similarities and differences between WMI, CIM and OMI http://powershell.org/wp/2015/04/24/management-information-the-omicimwmimidmtf-dictionary/

Recommended reading if you’re using these technologies

I recently had a question asking why the Bloacksize property on Win32_LogicalDisk is empty but is populated on Win32_Volume.

The thing is to remember the underlying thing that these 2 CIM classes represent.

A logical disk is a subdivision of an extended partition. An extended partition can hold one or more logical disks.

When you create a volume on a disk you use either a primary partition or a logical disk from an extended partition. Until you format the volume you can’t have a block size as that is determined by the parameters you use to perform the format.

The documentation for Win32_LogicalDisk states that block size is not populated for logical disks https://msdn.microsoft.com/en-us/library/aa394173(v=vs.85).aspx.