email

Thursday, September 24, 2009

Check and terminate process on remote machine using wmi

WMI is a wonderful tool for remote administration!!!

Today in this post, I will demonstrate on how to query and terminate processes in remote machine using wmi command line utility (wmic). Ofcourse, you need have administrator rights on remote machine to run these command(may be a domain admin account is a right choice here).

In all these below examples, "myremote" is my remote machine name against which I am performing these operations.

To query all processes in remote machine use below command..

wmic /node:myremote process

To query a specific process(outlook.exe) in remote machine...

wmic /node:myremote process where name="outlook.exe"

If you are not sure of exact process name but know only few letters of it, then use this...

wmic /node:myremote process where "name like '%outlo%'" get name

To terminate(kill) a process...

wmic /node:myremote process where name="outlook.exe"  call terminate

To query the owner of a process...

wmic /node:myremote process where name="outlook.exe"  call getowner

Enough for today.. :-) I will post more command lines when I get some time...

If you want a command for any specific requirement, please leave a note below in comments section. I will get back to you ASAP.

Happy Learning..,
Sitaram Pamarthi

No comments:

Post a Comment