I need to the the Handle or the PID for all the process that are just being created while I run my program.
So far I have used this code that tell me each time that a process is created. The problem is that I just get the information about a process created but I don't have any information about the process itself. https://msdn.microsoft.com/en-us/library/aa390425(VS.85).aspx
This is the fuction where I get the event but I don't know from where I can get the info for the new process:
HRESULT EventSink::Indicate(long lObjectCount,
IWbemClassObject **apObjArray)
{
HRESULT hres = S_OK;
for (int i = 0; i < lObjectCount; i++)
{
printf("Event occurred\n");
}
return WBEM_S_NO_ERROR;
}
Thank you
Since you are using this WQL sentence SELECT * FROM __InstanceCreationEvent WITHIN 1 WHERE TargetInstance ISA 'Win32_Process', In order to get additional info about the created processes you must access the TargetInstance property which in this case will return a Win32_Process instance.
Try this sample
#include "stdafx.h"
#include <conio.h>
#ifndef EVENTSINK_H
#define EVENTSINK_H
#define _WIN32_DCOM
#include <iostream>
using namespace std;
#include <comdef.h>
#include <Wbemidl.h>
# pragma comment(lib, "wbemuuid.lib")
class EventSink : public IWbemObjectSink
{
LONG m_lRef;
bool bDone;
public:
EventSink() { m_lRef = 0; }
~EventSink() { bDone = true; }
virtual ULONG STDMETHODCALLTYPE AddRef();
virtual ULONG STDMETHODCALLTYPE Release();
virtual HRESULT
STDMETHODCALLTYPE QueryInterface(REFIID riid, void** ppv);
virtual HRESULT STDMETHODCALLTYPE Indicate(
LONG lObjectCount,
IWbemClassObject __RPC_FAR *__RPC_FAR *apObjArray
);
virtual HRESULT STDMETHODCALLTYPE SetStatus(
/* [in] */ LONG lFlags,
/* [in] */ HRESULT hResult,
/* [in] */ BSTR strParam,
/* [in] */ IWbemClassObject __RPC_FAR *pObjParam
);
};
#endif // end of EventSink.h
ULONG EventSink::AddRef()
{
return InterlockedIncrement(&m_lRef);
}
ULONG EventSink::Release()
{
LONG lRef = InterlockedDecrement(&m_lRef);
if (lRef == 0)
delete this;
return lRef;
}
HRESULT EventSink::QueryInterface(REFIID riid, void** ppv)
{
if (riid == IID_IUnknown || riid == IID_IWbemObjectSink)
{
*ppv = (IWbemObjectSink *) this;
AddRef();
return WBEM_S_NO_ERROR;
}
else return E_NOINTERFACE;
}
HRESULT EventSink::Indicate(long lObjectCount,
IWbemClassObject **apObjArray)
{
HRESULT hr = S_OK;
_variant_t vtProp;
for (int i = 0; i < lObjectCount; i++)
{
hr = apObjArray[i]->Get(_bstr_t(L"TargetInstance"), 0, &vtProp, 0, 0);
if (!FAILED(hr))
{
IUnknown* str = vtProp;
hr = str->QueryInterface(IID_IWbemClassObject, reinterpret_cast< void** >(&apObjArray[i]));
if (SUCCEEDED(hr))
{
_variant_t cn;
hr = apObjArray[i]->Get(L"Caption", 0, &cn, NULL, NULL);
if (SUCCEEDED(hr))
{
if ((cn.vt == VT_NULL) || (cn.vt == VT_EMPTY))
wcout << "Caption : " << ((cn.vt == VT_NULL) ? "NULL" : "EMPTY") << endl;
else
if ((cn.vt & VT_ARRAY))
wcout << "Caption : " << "Array types not supported (yet)" << endl;
else
wcout << "Caption : " << cn.bstrVal << endl;
}
VariantClear(&cn);
hr = apObjArray[i]->Get(L"CommandLine", 0, &cn, NULL, NULL);
if (SUCCEEDED(hr))
{
if ((cn.vt == VT_NULL) || (cn.vt == VT_EMPTY))
wcout << "CommandLine : " << ((cn.vt == VT_NULL) ? "NULL" : "EMPTY") << endl;
else
if ((cn.vt & VT_ARRAY))
wcout << "CommandLine : " << "Array types not supported (yet)" << endl;
else
wcout << "CommandLine : " << cn.bstrVal << endl;
}
VariantClear(&cn);
hr = apObjArray[i]->Get(L"Handle", 0, &cn, NULL, NULL);
if (SUCCEEDED(hr))
{
if ((cn.vt == VT_NULL) || (cn.vt == VT_EMPTY))
wcout << "Handle : " << ((cn.vt == VT_NULL) ? "NULL" : "EMPTY") << endl;
else
if ((cn.vt & VT_ARRAY))
wcout << "Handle : " << "Array types not supported (yet)" << endl;
else
wcout << "Handle : " << cn.bstrVal << endl;
}
VariantClear(&cn);
}
}
VariantClear(&vtProp);
}
return WBEM_S_NO_ERROR;
}
HRESULT EventSink::SetStatus(
/* [in] */ LONG lFlags,
/* [in] */ HRESULT hResult,
/* [in] */ BSTR strParam,
/* [in] */ IWbemClassObject __RPC_FAR *pObjParam
)
{
if (lFlags == WBEM_STATUS_COMPLETE)
{
printf("Call complete. hResult = 0x%X\n", hResult);
}
else if (lFlags == WBEM_STATUS_PROGRESS)
{
printf("Call in progress.\n");
}
return WBEM_S_NO_ERROR;
} // end of EventSink.cpp
int main(int iArgCnt, char ** argv)
{
HRESULT hres;
// Step 1: --------------------------------------------------
// Initialize COM. ------------------------------------------
hres = CoInitializeEx(0, COINIT_MULTITHREADED);
if (FAILED(hres))
{
cout << "Failed to initialize COM library. Error code = 0x"
<< hex << hres << endl;
return 1; // Program has failed.
}
// Step 2: --------------------------------------------------
// Set general COM security levels --------------------------
// Note: If you are using Windows 2000, you need to specify -
// the default authentication credentials for a user by using
// a SOLE_AUTHENTICATION_LIST structure in the pAuthList ----
// parameter of CoInitializeSecurity ------------------------
hres = CoInitializeSecurity(
NULL,
-1, // COM negotiates service
NULL, // Authentication services
NULL, // Reserved
RPC_C_AUTHN_LEVEL_DEFAULT, // Default authentication
RPC_C_IMP_LEVEL_IMPERSONATE, // Default Impersonation
NULL, // Authentication info
EOAC_NONE, // Additional capabilities
NULL // Reserved
);
if (FAILED(hres))
{
cout << "Failed to initialize security. Error code = 0x"
<< hex << hres << endl;
CoUninitialize();
return 1; // Program has failed.
}
// Step 3: ---------------------------------------------------
// Obtain the initial locator to WMI -------------------------
IWbemLocator *pLoc = NULL;
hres = CoCreateInstance(CLSID_WbemLocator, 0, CLSCTX_INPROC_SERVER, IID_IWbemLocator, (LPVOID *)&pLoc);
if (FAILED(hres))
{
cout << "Failed to create IWbemLocator object. "
<< "Err code = 0x"
<< hex << hres << endl;
CoUninitialize();
return 1; // Program has failed.
}
// Step 4: ---------------------------------------------------
// Connect to WMI through the IWbemLocator::ConnectServer method
IWbemServices *pSvc = NULL;
// Connect to the local root\cimv2 namespace
// and obtain pointer pSvc to make IWbemServices calls.
hres = pLoc->ConnectServer(
_bstr_t(L"root\\CIMV2"),
NULL,
NULL,
0,
NULL,
0,
0,
&pSvc
);
if (FAILED(hres))
{
cout << "Could not connect. Error code = 0x"
<< hex << hres << endl;
pLoc->Release();
CoUninitialize();
return 1; // Program has failed.
}
cout << "Connected to root\\CIMV2 WMI namespace" << endl;
// Step 5: --------------------------------------------------
// Set security levels on the proxy -------------------------
hres = CoSetProxyBlanket(
pSvc, // Indicates the proxy to set
RPC_C_AUTHN_WINNT, // RPC_C_AUTHN_xxx
RPC_C_AUTHZ_NONE, // RPC_C_AUTHZ_xxx
NULL, // Server principal name
RPC_C_AUTHN_LEVEL_CALL, // RPC_C_AUTHN_LEVEL_xxx
RPC_C_IMP_LEVEL_IMPERSONATE, // RPC_C_IMP_LEVEL_xxx
NULL, // client identity
EOAC_NONE // proxy capabilities
);
if (FAILED(hres))
{
cout << "Could not set proxy blanket. Error code = 0x" << hex << hres << endl;
pSvc->Release();
pLoc->Release();
CoUninitialize();
return 1; // Program has failed.
}
// Step 6: -------------------------------------------------
// Receive event notifications -----------------------------
// Use an unsecured apartment for security
IUnsecuredApartment* pUnsecApp = NULL;
hres = CoCreateInstance(CLSID_UnsecuredApartment, NULL, CLSCTX_LOCAL_SERVER, IID_IUnsecuredApartment, (void**)&pUnsecApp);
EventSink* pSink = new EventSink;
pSink->AddRef();
IUnknown* pStubUnk = NULL;
pUnsecApp->CreateObjectStub(pSink, &pStubUnk);
IWbemObjectSink* pStubSink = NULL;
pStubUnk->QueryInterface(IID_IWbemObjectSink, (void **)&pStubSink);
BSTR WQL;
WQL = L"Select * From __InstanceCreationEvent Within 1 "
L"Where TargetInstance ISA 'Win32_Process' "
;
// The ExecNotificationQueryAsync method will call
// The EventQuery::Indicate method when an event occurs
hres = pSvc->ExecNotificationQueryAsync(
_bstr_t("WQL"), _bstr_t(WQL), WBEM_FLAG_SEND_STATUS, NULL, pStubSink);
// Check for errors.
if (FAILED(hres))
{
printf("ExecNotificationQueryAsync failed with = 0x%X\n", hres);
pSvc->Release();
pLoc->Release();
pUnsecApp->Release();
pStubUnk->Release();
pSink->Release();
pStubSink->Release();
CoUninitialize();
return 1;
}
// Wait for the event
cout << "Press any key to terminate" << endl;
while (!_kbhit()) {}
hres = pSvc->CancelAsyncCall(pStubSink);
// Cleanup
// ========
pSvc->Release();
pLoc->Release();
pUnsecApp->Release();
pStubUnk->Release();
pSink->Release();
pStubSink->Release();
CoUninitialize();
return 0; // Program successfully completed.
}
The example above seems to have a memory leak inside EventSink::Indicate.
IUnknown* str = vtProp;
This assignment uses operator IUnknown* of the _variant_t class, which implicitly calls an AddRef() on the object. So str->Release() needs to be called after usage, since
VariantClear(&vtProp);
is not enough to decrement the ref count of the object.
Related
I would like to enable and disable windows devices as camera using WMI in C++. For example I'm able to access to table MDM_Policy_Result01_Camera02 and get the property AllowCamera quite easily where on the documentation is specify "Access type: Read/write".
So in my opinion I should be able to modify it.
But seems like WQL doesn't work with UPDATE.
This is my code to access to table MDM_Policy_Result01_Camera02 :
#include <iostream>
#define _WIN32_DCOM
#include <windows.h>
#include <Wbemidl.h>
#include <comdef.h>
# pragma comment(lib, "wbemuuid.lib")
bool initializeCom(){
// Step 1: --------------------------------------------------
// Initialize COM. ------------------------------------------
HRESULT hres = CoInitializeEx(0, COINIT_MULTITHREADED);
if (FAILED(hres))
{
std::cout << "Failed to initialize COM library. Error code = 0x"
<< std::hex << hres << std::endl;
return false; // Program has failed.
}
// Step 2: --------------------------------------------------
// Set general COM security levels --------------------------
hres = CoInitializeSecurity(
nullptr,
-1, // COM authentication
nullptr, // Authentication services
nullptr, // Reserved
RPC_C_AUTHN_LEVEL_DEFAULT, // Default authentication
RPC_C_IMP_LEVEL_IMPERSONATE, // Default Impersonation
nullptr, // Authentication info
EOAC_NONE, // Additional capabilities
nullptr // Reserved
);
if (FAILED(hres))
{
std::cout << "Failed to initialize security. Error code = 0x"
<< std::hex << hres << std::endl;
CoUninitialize();
return false; // Program has failed.
}
return true;
}
bool setUpWBEM(IWbemLocator*& wbemLocator, IWbemServices*& wbemServices){
// Step 3: ---------------------------------------------------
// Obtain the initial locator to WMI -------------------------
HRESULT hres = CoCreateInstance(
CLSID_WbemLocator,
0,
CLSCTX_INPROC_SERVER,
IID_IWbemLocator, (LPVOID *) &wbemLocator);
if (FAILED(hres))
{
std::cout << "Failed to create IWbemLocator object."
<< " Err code = 0x"
<< std::hex << hres << std::endl;
CoUninitialize();
return false; // Program has failed.
}
// Step 4: -----------------------------------------------------
// Connect to WMI through the IWbemLocator::ConnectServer method
// Connect to the root\cimv2 namespace with
// the current user and obtain pointer wbemServices
// to make IWbemServices calls.
hres = wbemLocator->ConnectServer(
_bstr_t(L"Root\\CIMv2\\MDM\\DMMap"), // Object path of WMI namespace
nullptr, // User name. NULL = current user
nullptr, // User password. NULL = current
0, // Locale. NULL indicates current
0, // Security flags.
0, // Authority (for example, Kerberos)
0, // Context object
&wbemServices // pointer to IWbemServices proxy
);
if (FAILED(hres))
{
std::cout << "Could not connect. Error code = 0x" << std::hex << hres << std::endl;
wbemLocator->Release();
CoUninitialize();
return false; // Program has failed.
}
std::cout << "Connected to ROOT\\CIMV2 WMI namespace" << std::endl;
// Step 5: --------------------------------------------------
// Set security levels on the proxy -------------------------
hres = CoSetProxyBlanket(
wbemServices, // Indicates the proxy to set
RPC_C_AUTHN_WINNT, // RPC_C_AUTHN_xxx
RPC_C_AUTHZ_NONE, // RPC_C_AUTHZ_xxx
nullptr, // Server principal name
RPC_C_AUTHN_LEVEL_CALL, // RPC_C_AUTHN_LEVEL_xxx
RPC_C_IMP_LEVEL_IMPERSONATE, // RPC_C_IMP_LEVEL_xxx
nullptr, // client identity
EOAC_NONE // proxy capabilities
);
if (FAILED(hres))
{
std::cout << "Could not set proxy blanket. Error code = 0x"
<< std::hex << hres << std::endl;
wbemServices->Release();
wbemLocator->Release();
CoUninitialize();
return false; // Program has failed.
}
return true;
}
int main() {
std::cout << "HelloWorld" << std::endl;
IWbemLocator* wbemLocator{nullptr};
IWbemServices* wbemServices{nullptr};
try{
if(!initializeCom())
throw "initializeCom failed";
if(!setUpWBEM(wbemLocator,wbemServices))
throw "setUpWBEM failed";
// Step 6: --------------------------------------------------
// Use the IWbemServices pointer to make requests of WMI ----
BSTR bstr_wql = SysAllocString(L"WQL" );
BSTR bstr_sql = SysAllocString(L"SELECT AllowCamera FROM MDM_Policy_Result01_Camera02" );
// For example, get the name of the operating system
IEnumWbemClassObject* pEnumerator{nullptr};
HRESULT hres = wbemServices->ExecQuery(
bstr_wql,
bstr_sql,
WBEM_FLAG_FORWARD_ONLY | WBEM_FLAG_RETURN_IMMEDIATELY,
nullptr,
&pEnumerator);
if (FAILED(hres))
{
std::cout << "Query for operating system name failed."
<< " Error code = 0x"
<< std::hex << hres << std::endl;
wbemServices->Release();
wbemLocator->Release();
CoUninitialize();
throw "ExecQuery failed";; // Program has failed.
}
// Step 7: -------------------------------------------------
// Get the data from the query in step 6 -------------------
IWbemClassObject *pclsObj{nullptr};
ULONG uReturn = 0;
while (pEnumerator)
{
HRESULT hr = pEnumerator->Next(WBEM_INFINITE, 1,
&pclsObj, &uReturn);
if(0 == uReturn)
{
break;
}
VARIANT vtProp;
// Get the value of the Name property
hr = pclsObj->Get(L"AllowCamera", 0, &vtProp, 0, 0);
if(FAILED(hr))
std::cout << "Failed to get name " << std::endl;
std::cout << "Camera allow : " << vtProp.intVal << std::endl;
VariantClear(&vtProp);
pclsObj->Release();
}
// Cleanup
// ========
wbemServices->Release();
wbemLocator->Release();
pEnumerator->Release();
CoUninitialize();
} catch(const std::string& error){
std::cout << error << std::endl;
}
return 0;
}
Changing SELECT AllowCamera FROM MDM_Policy_Result01_Camera02 with UPDATE MDM_Policy_Result01_Camera02 SET AllowCamera=0 doesn't work ...
If you have any idea, let me know !
Finally came out the MDM brigde WSI C++ example :
https://learn.microsoft.com/fr-fr/windows/win32/wmisdk/example--calling-a-provider-method
I'm having problem detecting some graphics cards using DirectX API. The code I wrote looks like following:
#define _WIN32_DCOM
#include <iostream>
#include <Windows.h>
#include <d3d11.h>
#include <Dxgi1_6.h>
#include <atlbase.h>
#include <string>
#include <vector>
#include <comdef.h>
#include <Wbemidl.h>
struct AdapterInfo
{
std::wstring description;
size_t vRam;
D3D_FEATURE_LEVEL maxFeatureLevel;
};
void getGPUDescriptionVideoRam(IUnknown* pDevice, AdapterInfo & adapterInfo)
{
CComPtr<IDXGIDevice> pDXGIDevice;
pDevice->QueryInterface(__uuidof(IDXGIDevice), (void**)&pDXGIDevice);
if (pDXGIDevice)
{
CComPtr<IDXGIAdapter> pDXGIAdapter;
pDXGIDevice->GetAdapter(&pDXGIAdapter);
if (pDXGIAdapter != nullptr)
{
DXGI_ADAPTER_DESC adapterDesc;
pDXGIAdapter->GetDesc(&adapterDesc);
adapterInfo.description = std::wstring(adapterDesc.Description);
adapterInfo.vRam = adapterDesc.DedicatedVideoMemory;
}
}
}
std::vector<AdapterInfo> GetDescriptionVRamDirectx()
{
std::vector<AdapterInfo> result;
D3D_FEATURE_LEVEL featureLevels[10] = { D3D_FEATURE_LEVEL_12_1,
D3D_FEATURE_LEVEL_12_0,
D3D_FEATURE_LEVEL_11_1,
D3D_FEATURE_LEVEL_11_0,
D3D_FEATURE_LEVEL_10_1,
D3D_FEATURE_LEVEL_10_0,
D3D_FEATURE_LEVEL_9_3,
D3D_FEATURE_LEVEL_9_2,
D3D_FEATURE_LEVEL_9_1,
D3D_FEATURE_LEVEL_1_0_CORE
};
CComPtr<IDXGIAdapter> higher_performance_adapter;
CComPtr<IDXGIFactory> pFactory;
HRESULT createDXGIFactoryResult = CreateDXGIFactory(__uuidof(IDXGIFactory), (void**)(&pFactory));
if (createDXGIFactoryResult != S_OK)
{
printf("Failed to create DXGI factory!\n");
return result;
}
printf("Trying to enumerate graphics adapters...\n");
int i = 0;
while (pFactory->EnumAdapters(i, &higher_performance_adapter) == S_OK)
/*
while (pFactory->EnumAdapterByGpuPreference(i,
DXGI_GPU_PREFERENCE_UNSPECIFIED,
__uuidof(IDXGIAdapter),
(void**)&higher_performance_adapter) == S_OK)
*/
{
i++;
CComPtr<ID3D11Device> device = nullptr;
D3D_FEATURE_LEVEL receivedFeatureLevel;
CComPtr<ID3D11DeviceContext> context = nullptr;
const HRESULT err = D3D11CreateDevice(
higher_performance_adapter,
D3D_DRIVER_TYPE_UNKNOWN,
nullptr,
0, // D3D11_CREATE_DEVICE_DEBUG
featureLevels,
1,
D3D11_SDK_VERSION,
&device,
&receivedFeatureLevel,
&context);
if (err != S_OK)
{
higher_performance_adapter = nullptr;
continue;
}
AdapterInfo info;
getGPUDescriptionVideoRam(device, info);
info.maxFeatureLevel = receivedFeatureLevel;
result.push_back(info);
higher_performance_adapter = CComPtr<IDXGIAdapter>();
}
return result;
}
void displayWMIAdapters()
{
HRESULT hres;
// Step 1: --------------------------------------------------
// Initialize COM. ------------------------------------------
hres = CoInitializeEx(0, COINIT_MULTITHREADED);
if (FAILED(hres))
{
std::cout << "Failed to initialize COM library. Error code = 0x"
<< std::hex << hres << std::endl;
return; // Program has failed.
}
// Step 2: --------------------------------------------------
// Set general COM security levels --------------------------
hres = CoInitializeSecurity(
NULL,
-1, // COM authentication
NULL, // Authentication services
NULL, // Reserved
RPC_C_AUTHN_LEVEL_DEFAULT, // Default authentication
RPC_C_IMP_LEVEL_IMPERSONATE, // Default Impersonation
NULL, // Authentication info
EOAC_NONE, // Additional capabilities
NULL // Reserved
);
if (FAILED(hres))
{
std::cout << "Failed to initialize security. Error code = 0x"
<< std::hex << hres << std::endl;
CoUninitialize();
return; // Program has failed.
}
// Step 3: ---------------------------------------------------
// Obtain the initial locator to WMI -------------------------
IWbemLocator* pLoc = NULL;
hres = CoCreateInstance(
CLSID_WbemLocator,
0,
CLSCTX_INPROC_SERVER,
IID_IWbemLocator, (LPVOID*)&pLoc);
if (FAILED(hres))
{
std::cout << "Failed to create IWbemLocator object."
<< " Err code = 0x"
<< std::hex << hres << std::endl;
CoUninitialize();
return; // Program has failed.
}
// Step 4: -----------------------------------------------------
// Connect to WMI through the IWbemLocator::ConnectServer method
IWbemServices* pSvc = NULL;
// Connect to the root\cimv2 namespace with
// the current user and obtain pointer pSvc
// to make IWbemServices calls.
hres = pLoc->ConnectServer(
_bstr_t(L"ROOT\\CIMV2"), // Object path of WMI namespace
NULL, // User name. NULL = current user
NULL, // User password. NULL = current
0, // Locale. NULL indicates current
NULL, // Security flags.
0, // Authority (for example, Kerberos)
0, // Context object
&pSvc // pointer to IWbemServices proxy
);
if (FAILED(hres))
{
std::cout << "Could not connect. Error code = 0x"
<< std::hex << hres << std::endl;
pLoc->Release();
CoUninitialize();
return; // Program has failed.
}
std::cout << "Connected to ROOT\\CIMV2 WMI namespace" << std::endl;
// Step 5: --------------------------------------------------
// Set security levels on the proxy -------------------------
hres = CoSetProxyBlanket(
pSvc, // Indicates the proxy to set
RPC_C_AUTHN_WINNT, // RPC_C_AUTHN_xxx
RPC_C_AUTHZ_NONE, // RPC_C_AUTHZ_xxx
NULL, // Server principal name
RPC_C_AUTHN_LEVEL_CALL, // RPC_C_AUTHN_LEVEL_xxx
RPC_C_IMP_LEVEL_IMPERSONATE, // RPC_C_IMP_LEVEL_xxx
NULL, // client identity
EOAC_NONE // proxy capabilities
);
if (FAILED(hres))
{
std::cout << "Could not set proxy blanket. Error code = 0x"
<< std::hex << hres << std::endl;
pSvc->Release();
pLoc->Release();
CoUninitialize();
return; // Program has failed.
}
// Step 6: --------------------------------------------------
// Use the IWbemServices pointer to make requests of WMI ----
// For example, get the name of the operating system
IEnumWbemClassObject* pEnumerator = NULL;
hres = pSvc->ExecQuery(
bstr_t("WQL"),
bstr_t("SELECT * FROM Win32_VideoController"),
WBEM_FLAG_FORWARD_ONLY | WBEM_FLAG_RETURN_IMMEDIATELY,
NULL,
&pEnumerator);
if (FAILED(hres))
{
std::cout << "Query for operating system name failed."
<< " Error code = 0x"
<< std::hex << hres << std::endl;
pSvc->Release();
pLoc->Release();
CoUninitialize();
return; // Program has failed.
}
// Step 7: -------------------------------------------------
// Get the data from the query in step 6 -------------------
IWbemClassObject* pclsObj = NULL;
ULONG uReturn = 0;
while (pEnumerator)
{
HRESULT hr = pEnumerator->Next(WBEM_INFINITE, 1,
&pclsObj, &uReturn);
if (0 == uReturn)
{
break;
}
VARIANT vtProp;
// Get the value of the Name property
hr = pclsObj->Get(L"Name", 0, &vtProp, 0, 0);
std::wcout << " OS Name : " << vtProp.bstrVal << std::endl;
VariantClear(&vtProp);
pclsObj->Release();
}
// Cleanup
// ========
pSvc->Release();
pLoc->Release();
pEnumerator->Release();
CoUninitialize();
}
int main(int argc, char* argv[])
{
auto adapters = GetDescriptionVRamDirectx();
int i = 1;
for (AdapterInfo adapter : adapters)
{
printf("Adapter %d:\n", i);
printf("-----------\n");
printf("Description :");
wprintf(adapter.description.c_str());
printf("\n");
printf("Video RAM :");
wprintf(L"%d", adapter.vRam);
printf("\n");
printf("Feature level :");
if (adapter.maxFeatureLevel == D3D_FEATURE_LEVEL_12_1)
printf("12_1\n");
else if (adapter.maxFeatureLevel == D3D_FEATURE_LEVEL_12_0)
printf("12_0\n");
else if (adapter.maxFeatureLevel == D3D_FEATURE_LEVEL_11_1)
printf("11_1\n");
else if (adapter.maxFeatureLevel == D3D_FEATURE_LEVEL_11_0)
printf("11_0\n");
else if (adapter.maxFeatureLevel == D3D_FEATURE_LEVEL_10_1)
printf("10_1\n");
else if (adapter.maxFeatureLevel == D3D_FEATURE_LEVEL_10_0)
printf("10_0\n");
else if (adapter.maxFeatureLevel == D3D_FEATURE_LEVEL_9_3)
printf("9_3\n");
else if (adapter.maxFeatureLevel == D3D_FEATURE_LEVEL_9_2)
printf("9_2\n");
else if (adapter.maxFeatureLevel == D3D_FEATURE_LEVEL_9_1)
printf("9_1\n");
else if (adapter.maxFeatureLevel == D3D_FEATURE_LEVEL_1_0_CORE)
printf("1_0_CORE\n");
printf("\n");
i++;
}
displayWMIAdapters();
printf("Press any key...\n");
getchar();
}
Note, that I'm also using WMI to enumerate graphics cards.
So on most devices this works correctly, namely:
Trying to enumerate graphics adapters...
Adapter 1:
-----------
Description :NVIDIA GeForce MX250
Video RAM :2080038912
Feature level :12_1
Adapter 2:
-----------
Description :Intel(R) UHD Graphics 620
Video RAM :134217728
Feature level :12_1
Adapter 3:
-----------
Description :Microsoft Basic Render Driver
Video RAM :0
Feature level :12_1
Connected to ROOT\CIMV2 WMI namespace
OS Name : Intel(R) UHD Graphics 620
OS Name : NVIDIA GeForce MX250
Press any key...
However, I'm getting information, that on specific setups, no results are returned. For instance my friend said,
My notebook (not all information, installed graphics cards are 2xGT755m in SLI plus standard, integrated - 3 in total)
Adapter 1:
-----------
Description :Microsoft Basic Render Driver
Video RAM :0
Feature level :12_1
Press any key...
I'm having trouble finding out, why I am not getting all cards. Moreover, I have no idea, what kind of debugging could I perform to find out the reason of my problem.
Why am I not getting all installed graphics cards on all machines when using DirectX API?
How do I determine a mapped drive's details like its actual path, FreeSize, and so on? So if I have a mapped drive on a machine called "MP" how can I using C++/Win32 or Qt determine the machine and path for the mapped folder and also other practical details?
I wanted to get extract information from the remote machine filesystem. I can make an SMB connection with the remote machine and get access to shared drive but I wanted to enumerate all information as possible from its file system. How can I do that?
There is a command in Powershell which we can use it to enumerate such information like the following command:
get-WmiObject win32_logicaldisk -Computername remotecomputer
However, I wanted to get such information with written some code in my application and show those information in user friendly format to the user.
You could use WMI class win32_logicaldisk in C++, here is the sample:
#include <stdio.h>
#define _WIN32_DCOM
#include <wbemidl.h>
#pragma comment(lib, "wbemuuid.lib")
#include <iostream>
using namespace std;
#include <comdef.h>
void PrintDriveDetails(wstring drive)
{
HRESULT hr;
IWbemLocator* pWbemLocator = NULL;
IWbemServices* pServices = NULL;
IWbemClassObject* pDrive = NULL;
hr = CoInitializeSecurity(NULL, -1, NULL, NULL,
RPC_C_AUTHN_LEVEL_DEFAULT,
RPC_C_IMP_LEVEL_IMPERSONATE,
NULL, EOAC_NONE, 0);
if (FAILED(hr))
{
CoUninitialize();
cout << "Failed to initialize security. Error code = 0x" << hex << hr << endl;
return;
}
hr = CoCreateInstance(CLSID_WbemLocator, NULL, CLSCTX_INPROC_SERVER, IID_IWbemLocator, (void**)&pWbemLocator);
if (FAILED(hr))
{
CoUninitialize();
cout << "Failed to CoCreateInstance. Error code = 0x" << hex << hr << endl;
return;
}
_bstr_t bstrNamespace = L"root\\cimv2";
hr = pWbemLocator->ConnectServer(bstrNamespace, NULL, NULL, NULL, 0, NULL, NULL, &pServices);
if (FAILED(hr))
{
pWbemLocator->Release();
CoUninitialize();
cout << "Failed to Connect to the Server. Error code = 0x" << hex << hr << endl;
return;
}
pWbemLocator->Release();
printf("Successfully connected to namespace.\n");
hr = CoSetProxyBlanket(
pServices,
RPC_C_AUTHN_WINNT,
RPC_C_AUTHZ_NONE,
NULL,
RPC_C_AUTHN_LEVEL_CALL,
RPC_C_IMP_LEVEL_IMPERSONATE,
NULL,
EOAC_NONE
);
if (FAILED(hr))
{
pServices->Release();
cout << "Could not set proxy blanket. Error code = 0x" << hex << hr << endl;
CoUninitialize();
return; // Program has failed.
}
wstring bstrPath = L"Win32_LogicalDisk.DeviceID=\"" + drive + L"\"";
// *******************************************************//
// Perform a full-instance retrieval.
// *******************************************************//
hr = pServices->GetObject(BSTR(bstrPath.c_str()),
0, 0, &pDrive, 0);
if (FAILED(hr))
{
pServices->Release();
CoUninitialize();
cout << "failed GetObject. Error code = 0x" << hex << hr << endl;
return;
}
// Display the object
BSTR bstrDriveObj;
hr = pDrive->GetObjectText(0, &bstrDriveObj);
if (FAILED(hr))
{
pServices->Release();
CoUninitialize();
cout << "failed GetObjectText. Error code = 0x" << hex << hr << endl;
return;
}
printf("%S\n\n", bstrDriveObj);
VARIANT freesize, totlesize;
hr = pDrive->Get(L"FreeSpace", 0, &freesize, 0, NULL);
if (FAILED(hr))
{
pServices->Release();
CoUninitialize();
cout << "failed Get FreeSpace. Error code = 0x" << hex << hr << endl;
return;
}
printf("freesize %S\n", freesize.bstrVal);
hr = pDrive->Get(L"Size", 0, &totlesize, 0, NULL);
if (FAILED(hr))
{
pServices->Release();
CoUninitialize();
cout << "failed Get Size. Error code = 0x" << hex << hr << endl;
return;
}
printf("totlesize : %S\n", totlesize.bstrVal);
VariantClear(&freesize);
VariantClear(&totlesize);
pDrive->Release();
pServices->Release();
pServices = NULL;
}
void main(void)
{
HRESULT hr = S_OK;
hr = CoInitializeEx(NULL, COINIT_MULTITHREADED);
PrintDriveDetails(L"Z:");
CoUninitialize();
return;
};
I implemented 1-5 steps from :
https://msdn.microsoft.com/en-us/library/aa390423(v=vs.85).aspx
Everyting works, but i have problem with getting data from object which i retreive with query.
My code:
// Step 1: --------------------------------------------------
// Initialize COM. ------------------------------------------
hres = CoInitializeEx(0, COINIT_MULTITHREADED);
if (FAILED(hres))
{
//cout << "Failed to initialize COM library. Error code = 0x"
// << hex << hres << endl;
return 1; // Program has failed.
}
// Step 2: --------------------------------------------------
// Set general COM security levels --------------------------
hres = CoInitializeSecurity(
NULL,
-1, // COM authentication
NULL, // Authentication services
NULL, // Reserved
RPC_C_AUTHN_LEVEL_DEFAULT, // Default authentication
RPC_C_IMP_LEVEL_IMPERSONATE, // Default Impersonation
NULL, // Authentication info
EOAC_NONE, // Additional capabilities
NULL // Reserved
);
if (FAILED(hres))
{
//cout << "Failed to initialize security. Error code = 0x"
// << hex << hres << endl;
CoUninitialize();
return 1; // Program has failed.
}
// Step 3: ---------------------------------------------------
// Obtain the initial locator to WMI -------------------------
pLoc = NULL;
hres = CoCreateInstance(
CLSID_WbemLocator,
0,
CLSCTX_INPROC_SERVER,
IID_IWbemLocator, (LPVOID *) &pLoc);
if (FAILED(hres))
{
//cout << "Failed to create IWbemLocator object."
// << " Err code = 0x"
// << hex << hres << endl;
CoUninitialize();
return 1; // Program has failed.
}
// Step 4: -----------------------------------------------------
// Connect to WMI through the IWbemLocator::ConnectServer method
pSvc = NULL;
// Connect to the root\cimv2 namespace with
// the current user and obtain pointer pSvc
// to make IWbemServices calls.
hres = pLoc->ConnectServer(
_bstr_t(L"ROOT\\CIMV2"), // Object path of WMI namespace
NULL, // User name. NULL = current user
NULL, // User password. NULL = current
0, // Locale. NULL indicates current
NULL, // Security flags.
0, // Authority (for example, Kerberos)
0, // Context object
&pSvc // pointer to IWbemServices proxy
);
if (FAILED(hres))
{
//cout << "Could not connect. Error code = 0x"
// << hex << hres << endl;
pLoc->Release();
CoUninitialize();
return 1; // Program has failed.
}
//OutputDebugString("Connected to ROOT\\CIMV2 WMI namespace");
// Step 5: --------------------------------------------------
// Set security levels on the proxy -------------------------
hres = CoSetProxyBlanket(
pSvc, // Indicates the proxy to set
RPC_C_AUTHN_WINNT, // RPC_C_AUTHN_xxx
RPC_C_AUTHZ_NONE, // RPC_C_AUTHZ_xxx
NULL, // Server principal name
RPC_C_AUTHN_LEVEL_CALL, // RPC_C_AUTHN_LEVEL_xxx
RPC_C_IMP_LEVEL_IMPERSONATE, // RPC_C_IMP_LEVEL_xxx
NULL, // client identity
EOAC_NONE // proxy capabilities
);
if (FAILED(hres))
{
cout << "Could not set proxy blanket. Error code = 0x"
<< hex << hres << endl;
pSvc->Release();
pLoc->Release();
CoUninitialize();
return 1; // Program has failed.
}
code above is the same as msdn example.
Problem is here:
// Get the currently inserted USB devices
IEnumWbemClassObject* pEnumerator = NULL;
hres = pSvc->ExecQuery(
bstr_t("WQL"),
bstr_t("SELECT * FROM Win32_USBControllerDevice"),
WBEM_FLAG_FORWARD_ONLY | WBEM_FLAG_RETURN_IMMEDIATELY,
NULL,
&pEnumerator);
if (FAILED(hres))
{
//cout << "Query for USB devices at startup failed."
// << " Error code = 0x"
// << hex << hres << endl;
pSvc->Release();
pLoc->Release();
CoUninitialize();
return 1; // Program has failed.
}
// Get the data from the query
IWbemClassObject *pclsObj = NULL;
ULONG uReturn = 0;
ostringstream os;
while (pEnumerator){
HRESULT hr = pEnumerator->Next(WBEM_INFINITE, 1,
&pclsObj, &uReturn);
if(0 == uReturn){
break;
}
VARIANT vtProp;
VariantInit(&vtProp);
// Get the value of the accessstate property
hr = pclsObj->Get(L"Dependent", 0, &vtProp, 0, 0);
if (FAILED(hr)){
pSvc->Release();
pLoc->Release();
CoUninitialize();
return 1; // Program has failed.
}
os.str("");
os.clear();
os << vtProp.bstrVal;
OutputDebugString(os.str().c_str());
AddDevice(os.str());//Add device to devices vector
VariantClear(&vtProp);
pclsObj->Release();
}
Exactly in this place:
hr = pclsObj->Get(L"Dependent", 0, &vtProp, 0, 0);
This link describes table elements:
https://msdn.microsoft.com/en-us/library/aa394505(v=vs.85).aspx
So i got Dependent value. My problem is how to get this Dependent properties:
https://msdn.microsoft.com/en-us/library/aa387884(v=vs.85).aspx
for example : DeviceID
If anyone can help i will be very very grateful!
I'm using WMI to retrieve information about physical drives on the system:
SELECT * FROM Win32_PhysicalMedia
And the "Tag" property returns physical device paths such as "\.\PHYSICALDRIVE0", or "\.\CDROM0", etc.
Is there a way to associate it with the actual drive paths, stuff like "C:" or "D:" or at least a device path "\Device\HarddiskVolume1"?
PS. In despite of my use of WMI, I'm writing the code using WinAPIs and C++.
EDIT:
Below is how it's done in C++. Note that this code should not be called right-when-you-need-this because it is extremely slow. What I would do is run it in a worker thread when the app starts and cache it somewhere for later user. I'd also watch for the WM_DEVICECHANGE notification and rerun it if drive layout changes.
Whew. I know it's complicated ... but, hey, it's Windows.
The code below comes from comments to this page.
#define _WIN32_DCOM
#include <iostream>
using namespace std;
#include <comdef.h>
#include <Wbemidl.h>
#pragma comment(lib, "wbemuuid.lib")
BOOL wmi_run();
BOOL wmi_getDriveLetters();
BOOL wmi_close();
IWbemLocator *pLoc = NULL;
IWbemServices *pSvc = NULL;
int main(int argc, char **argv)
{
wmi_run();
wmi_getDriveLetters();
system("pause");
wmi_close();
}
//
// Step 1-5 at:
// http://msdn.microsoft.com/en-us/library/aa390423(VS.85).aspx
BOOL wmi_run()
{
HRESULT hres;
// Step 1: --------------------------------------------------
// Initialize COM. ------------------------------------------
hres = CoInitializeEx(0, COINIT_MULTITHREADED);
if (FAILED(hres))
{
cout << "Failed to initialize COM library. Error code = 0x"
<< hex << hres << endl;
return 1; // Program has failed.
}
// Step 2: --------------------------------------------------
// Set general COM security levels --------------------------
// Note: If you are using Windows 2000, you need to specify -
// the default authentication credentials for a user by using
// a SOLE_AUTHENTICATION_LIST structure in the pAuthList ----
// parameter of CoInitializeSecurity ------------------------
hres = CoInitializeSecurity(
NULL,
-1, // COM authentication
NULL, // Authentication services
NULL, // Reserved
RPC_C_AUTHN_LEVEL_DEFAULT, // Default authentication
RPC_C_IMP_LEVEL_IMPERSONATE, // Default Impersonation
NULL, // Authentication info
EOAC_NONE, // Additional capabilities
NULL // Reserved
);
if (FAILED(hres))
{
cout << "Failed to initialize security. Error code = 0x"
<< hex << hres << endl;
CoUninitialize();
return 1; // Program has failed.
}
// Step 3: ---------------------------------------------------
// Obtain the initial locator to WMI -------------------------
//IWbemLocator *pLoc = NULL;
hres = CoCreateInstance(
CLSID_WbemLocator,
0,
CLSCTX_INPROC_SERVER,
IID_IWbemLocator, (LPVOID *) &pLoc);
if (FAILED(hres))
{
cout << "Failed to create IWbemLocator object."
<< " Err code = 0x"
<< hex << hres << endl;
CoUninitialize();
return 1; // Program has failed.
}
// Step 4: -----------------------------------------------------
// Connect to WMI through the IWbemLocator::ConnectServer method
//IWbemServices *pSvc = NULL;
// Connect to the root\cimv2 namespace with
// the current user and obtain pointer pSvc
// to make IWbemServices calls.
hres = pLoc->ConnectServer(
_bstr_t(L"ROOT\\CIMV2"), // Object path of WMI namespace
NULL, // User name. NULL = current user
NULL, // User password. NULL = current
0, // Locale. NULL indicates current
NULL, // Security flags.
0, // Authority (e.g. Kerberos)
0, // Context object
&pSvc // pointer to IWbemServices proxy
);
if (FAILED(hres))
{
cout << "Could not connect. Error code = 0x"
<< hex << hres << endl;
pLoc->Release();
CoUninitialize();
return 1; // Program has failed.
}
cout << "Connected to ROOT\\CIMV2 WMI namespace" << endl;
// Step 5: --------------------------------------------------
// Set security levels on the proxy -------------------------
hres = CoSetProxyBlanket(
pSvc, // Indicates the proxy to set
RPC_C_AUTHN_WINNT, // RPC_C_AUTHN_xxx
RPC_C_AUTHZ_NONE, // RPC_C_AUTHZ_xxx
NULL, // Server principal name
RPC_C_AUTHN_LEVEL_CALL, // RPC_C_AUTHN_LEVEL_xxx
RPC_C_IMP_LEVEL_IMPERSONATE, // RPC_C_IMP_LEVEL_xxx
NULL, // client identity
EOAC_NONE // proxy capabilities
);
if (FAILED(hres))
{
cout << "Could not set proxy blanket. Error code = 0x"
<< hex << hres << endl;
pSvc->Release();
pLoc->Release();
CoUninitialize();
return 1; // Program has failed.
}
return 0;
}
//
// get Drives, logical Drives and Driveletters
BOOL wmi_getDriveLetters()
{
// Use the IWbemServices pointer to make requests of WMI.
// Make requests here:
HRESULT hres;
IEnumWbemClassObject* pEnumerator = NULL;
// get localdrives
hres = pSvc->ExecQuery(
bstr_t("WQL"),
bstr_t("SELECT * FROM Win32_DiskDrive"),
WBEM_FLAG_FORWARD_ONLY | WBEM_FLAG_RETURN_IMMEDIATELY,
NULL,
&pEnumerator);
if (FAILED(hres)) {
cout << "Query for processes failed. "
<< "Error code = 0x"
<< hex << hres << endl;
pSvc->Release();
pLoc->Release();
CoUninitialize();
return FALSE; // Program has failed.
}
else {
IWbemClassObject *pclsObj;
ULONG uReturn = 0;
while (pEnumerator) {
hres = pEnumerator->Next(WBEM_INFINITE, 1,
&pclsObj, &uReturn);
if(0 == uReturn) break;
VARIANT vtProp;
hres = pclsObj->Get(_bstr_t(L"DeviceID"), 0, &vtProp, 0, 0);
// adjust string
wstring tmp = vtProp.bstrVal;
tmp = tmp.substr(4);
wstring wstrQuery = L"Associators of {Win32_DiskDrive.DeviceID='\\\\.\\";
wstrQuery += tmp;
wstrQuery += L"'} where AssocClass=Win32_DiskDriveToDiskPartition";
// reference drive to partition
IEnumWbemClassObject* pEnumerator1 = NULL;
hres = pSvc->ExecQuery(
bstr_t("WQL"),
bstr_t( wstrQuery.c_str()),
WBEM_FLAG_FORWARD_ONLY | WBEM_FLAG_RETURN_IMMEDIATELY,
NULL,
&pEnumerator1 );
if ( FAILED(hres) ) {
cout << "Query for processes failed. "
<< "Error code = 0x"
<< hex << hres << endl;
pSvc->Release();
pLoc->Release();
CoUninitialize();
return FALSE; // Program has failed.
} else {
IWbemClassObject *pclsObj1;
ULONG uReturn1 = 0;
while( pEnumerator1 ) {
hres = pEnumerator1->Next( WBEM_INFINITE, 1,
&pclsObj1, &uReturn1 );
if(0 == uReturn1) break;
// reference logical drive to partition
VARIANT vtProp1;
hres = pclsObj1->Get( _bstr_t(L"DeviceID"), 0, &vtProp1, 0, 0 );
wstring wstrQuery = L"Associators of {Win32_DiskPartition.DeviceID='";
wstrQuery += vtProp1.bstrVal;
wstrQuery += L"'} where AssocClass=Win32_LogicalDiskToPartition";
IEnumWbemClassObject* pEnumerator2 = NULL;
hres = pSvc->ExecQuery(
bstr_t("WQL"),
bstr_t(wstrQuery.c_str()),
WBEM_FLAG_FORWARD_ONLY | WBEM_FLAG_RETURN_IMMEDIATELY,
NULL,
&pEnumerator2 );
if ( FAILED(hres) ) {
cout << "Query for processes failed. "
<< "Error code = 0x"
<< hex << hres << endl;
pSvc->Release();
pLoc->Release();
CoUninitialize();
return FALSE; // Program has failed.
} else {
// get driveletter
IWbemClassObject *pclsObj2;
ULONG uReturn2 = 0;
while( pEnumerator2 ) {
hres = pEnumerator2->Next( WBEM_INFINITE, 1,
&pclsObj2, &uReturn2 );
if(0 == uReturn2) break;
VARIANT vtProp2;
hres = pclsObj2->Get( _bstr_t(L"DeviceID"), 0, &vtProp2, 0, 0 );
// print result
printf("%ls : %ls\n", vtProp.bstrVal, vtProp2.bstrVal);
VariantClear( &vtProp2 );
}
pclsObj1->Release();
}
VariantClear( &vtProp1 );
pEnumerator2->Release();
}
pclsObj->Release();
}
VariantClear( &vtProp );
pEnumerator1->Release();
}
}
pEnumerator->Release();
return TRUE;
}
BOOL wmi_close()
{
// Cleanup
// ========
pSvc->Release();
pLoc->Release();
CoUninitialize();
return 0; // Program successfully completed.
}
This MSDN article explains how to use WMI to get from a disk drive to a list of the drive letters on it (it's the final section of the page).
You can use Win32_DiskDrivePhysicalMedia to get from the physical media to the disk drive.
But if you actually want a list of partitions, why not start at Win32_LogicalDisk?