i am building an Adobe Air App where i can only fetch the "drive letter" of the particular usb thumb drive i am plugging in.
This drive can be easily also fetched with wmic logicaldisk where 'DeviceId="D:"' if drive letter is D:
But what i really want is to get the PNPDeviceID of Win32_DiskDrive class for the drive mentioned before.
As far as i can think , linking win32_logicaldisk and win32_diskdrive with some class in between would do the trick , yet i can't figure the way for it.
So i kindly request to put your expertise forward on this thread to solve this problem.
cheers
SJ
I believe you need two different WMI classes to derive this. First, Win32_LogicalDiskToPartition, to (obviously enough) map the logical disk to a partition. Then you can use Win32_DiskDriveToDiskPartition to find the physical drive holding that partition.
Found the Answer from here http://forum.exetools.com/showthread.php?t=11226
WMIC PATH WIN32_DISKPARTITION ASSOC <-- this command links win32_logicaldisk with win32_diskdrive in a weird but manageable way.
thanks for your help guys !
Related
Does anyone know how to be able to list down all the working local drives ( like drive C, D, removable disks and so on..) through combo box? And with that, I could be able to scan that specific drive and retrieve all the deleted files in it. I mean, to recover those files that have been deleted through formatting or by pressing shift+delete.
Just the functions that would be needed to do all of these stuffs would be enough though. By the way,
I know it would be hard if I would be using high-level language like Java and C# to do that, so visual c++ is the one I've been working on.
That's it! I hope to get positive response from you guys. Any suggestions would be highly appreciated. Thank you!
Use TestDrive
http://www.cgsecurity.org/wiki/TestDisk_Download
Its open source and works great
pull the drive out of the unit, if it's NTFS, go get getdataback for NTFS.
Install it on a windows computer, slave this drive to the system and scan it for deleted files.
It will show all the ntfs structures, even deleted or destroyed ones.
It's not free but will be the best $100 you ever spent if it saves your files.
When I Rightclick on a Shell Drive I want to differentiate whether the Drive is a Normal Drive or a Network Drive.
I hope we can do this using Initialize(LPCITEMIDLIST, LPDATAOBJECT, HKEY) method but unsure which parameter to use.
Initialize is now documented to take a PCIDLIST_ABSOLUTE (not LPCITEMIDLIST), so you know it's rooted in My Desktop. My Computer is the second ItemID on that list, and the drive is the third ItemID. As Luke indicated, once you have the drive, GetDriveType will tell you whether the drive is remote.
You can use GetDriveType.
Goal
I'm porting a filesystem to Windows, and am writing a more Windows-like interface for the mounter executable. Part of this process is letting the user locate a partition and pick a drive letter. Ultimately the choice of partition has to result in something I can open using CreateFile(), open(), fopen() or similar.
Leads
Windows seems to revolve around the concept of volumes, which don't seem quite analogous to disks, and only occur for already mounted filesystems.
Promising leads I've had include:
IOCTL_DISK_GET_DRIVE_LAYOUT_EX
Physical Disks and Volumes
Displaying Volume Paths
However these all end in volumes or offsets thereof, not the /dev/sda1 partition-specific-style handle I'm after.
This question is after a very similar thing, I considered a bounty until I observed the OP is after physical disk names, not partitions. This answer contains a method to brute force partition names, I'd like to avoid that (or see documentation containing bounds for the possible paths).
Question
I'd like:
Correct terminology and documentation for unmounted partitions in Windows.
An effective and documented method to reliably retrieve all available partitions.
The closest fit to the partition file abstraction as available in Linux, wherein all IO is bound to the appropriate area of the disk for the partition opened.
Update0
While the main goal is still opening raw partitions, it appears the solution may involve first acquiring a handle to each disk drive, and then using that in turn to acquire each partition. How to enumerate all the disk drives (even those without mounted volumes on them already) is required.
As you noted, you can use IOCTL_DISK_GET_DRIVE_LAYOUT_EX to get a list of partitions.
There's a good overview of the related concepts here. I wonder if the missing link for you is
Detecting the Type of Disk
There is no specific function to
programmatically detect the type of
disk a particular file or directory is
located on. There is an indirect
method.
First, call GetVolumePathName. Then,
call CreateFile to open the volume
using the path. Next, use
IOCTL_VOLUME_GET_VOLUME_DISK_EXTENTS
with the volume handle to obtain the
disk number and use the disk number to
construct the disk path, such as
"\?\PhysicalDriveX". Finally, use
IOCTL_DISK_GET_DRIVE_LAYOUT_EX to
obtain the partition list, and check
the PartitionType for each entry in
the partition list.
The full list of disk management control codes may have more that would be useful. To be honest I'm not sure how the Unix partition name maps onto Windows, maybe it just doesn't directly.
If you can imagine moving from safe haven of userspace and the Windows API (win32) to coding a device driver with NTTDK, you could try IoReadPartitionTableEx or some other low level disk function.
To be blunt, the best way to reliably get all mounted/unmounted disk partitions is to parse the mbr/gpt yourself.
First to clear a few things up: Disks contain partitions and partitions combine to create volumes. Therefore, you can have one volume which consists of two partitions from two different disks.
IOCTL_DISK_GET_DRIVE_LAYOUT_EX is the closest solution you're going to get without doing it manually. The problem with this is that it relies on windows which can incorrectly parse the MBR for god knows what reason. My current working theory is that if Windows was installed via EFI but is being booted via MBR, youll see this sort of issue. Windows manages to get away with this because most partition managers copy the important partition information to the MBR alongside the GPT. But this means that you wont get important information like the partition UUID (which is only stored in the GPT).
All of the other solutions involve getting the Volume information which is completely different from the partition information.
Side Note: a Volume id will usually be of the form \\.\Volume{PARTITION_UUID}. Cases where this would not hold: if the drive is partitioned with MBR and not GPT (MBR does not have a partition UUID, therefore windows makes one up), if you have a raid drive, or if you have a volume consisting of partitions from multiple disks (kinda the same thing as raid). Those are just the cases that come to my mind, dont hold me to them.
I think you're slightly mistaken in an earlier phase. For instance, you seem to assume that "mounting" works in Windows like it works in Unix. It's a bit different.
Let's start at the most familiar end. Paths like C:\ use drive letters. Those are essentially just a set of symbolic links nowadays (On Windows, they're more formally known as "junctions"). There's a base set for all users, and each user can add their own. Even if there is no drive letter for a volume, there will still be a volume name like \\?\Volume{4c1b02c1-d990-11dc-99ae-806e6f6e6963}\. You can use this volume name in calls to CreateFile() etc. I'm not sure if fopen() likes them, though.
The function QueryDosDevice will get you the Windows device name for a drive letter or a volume name. A device name looks like "\Device\HarddiskVolume1", but you can't pass it to CreateFile
Microsoft has example code to enumerate all partitions.
On Windows, like on Linux, you can open the partition itself as if it were a file. This is quite well documented under CreateFile.
I'm looking to do some things involving (removable) devices, so I was looking at WMI and other APIs, the 'Devices and Printers' screen and the Safely Remove Hardware popup as I want to have as seamless an experience as possible. Problem however.. is that I can't find any way to get the names as my user 'knows' them in his PC.
Example... I connect an iPod, this shows in both DaP and SRH as 'iPod', which is awesome. In WMI the closest I've been able to find are 'Apple Inc. iPod' and 'Apple iPod USB Device'. Similar stories apply for other hardware like a WD My Book and other such hardware. Where do I find the proper string?
Since I am beginning to doubt whether I'm approaching the bigger picture from the right direction with WMI, a bit more explanation... we do a fair bit with removable hardware around here, 99% disk drives. I thought over hard-coding a loop from A to Z and inspect each drive, but to my knowledge removable volumes do not NEED to be mounted on a letter, but can also be dumped in an empty folder on ntfs. That and my small doubt there might be other (non-drive) hardware that needs 'finalizing' before being unplugged is adding to a small nagging doubt that I might be asking the wrong question alltogether. (editors: if this is too much irrelevant information, feel free to edit this out of the question.)
You can get this with WMI. This Powershell script does just that, the interesting property being Label:
PS C:\>gwmi -Class Win32_Volume | select Name, Label
Name Label
---- -----
C:\ Windows 7
D:\ Windows 2008
C:\TEST\ MYUSBKEY
E:\ RECOVERY
As you can see, it also works with devices not mounted with a letter.
As far as i can see, this does not work. The Powershell code (which is nothing else than another wmi wrapper) only retrieves the volume information for the mounted devices, such as usb keys. I have an iphone connected, and i see noting..
In windows is it possible to know what kind of disk we are dealing with from a c/c++ program? forget about gpt or mbr, how to know whether it is basic or dynamic? Program input can be drive letter or any info related to disk, output should be dynamic or basic.
No need of a direct way of doing, even if it is lengthy process, its okay.
I couldn't find much in msdn. Please help me out.
There is a way in windows, but it's not straight forward.
There is no direct API to determine if a disk is Basic or Dynamic, however all dynamic disks will have LDM Information.
So if a drive has a partion with LDM information on it, then it's going to be a dynamic disk.
the DeviceIoControl() method with the IOCTL_DISK_GET_DRIVE_LAYOUT_EX control code can be used to get this information.
Here is a post with a sample console application to do what you're asking for.
As per from MSDN http://msdn.microsoft.com/en-us/library/aa363785(VS.85).aspx
Detecting the Type of Disk
There is no specific function to programmatically detect the type of disk a particular file or directory is located on. There is an indirect method.
First, call GetVolumePathName. Then, call CreateFile to open the volume using the path. Next, use IOCTL_VOLUME_GET_VOLUME_DISK_EXTENTS with the volume handle to obtain the disk number and use the disk number to construct the disk path, such as "\?\PhysicalDriveX". Finally, use IOCTL_DISK_GET_DRIVE_LAYOUT_EX to obtain the partition list, and check the PartitionType for each entry in the partition list.
check out for GetDriveType() .