我第一次从 MSDN 运行此示例 C++ 代码以从远程计算机获取 WMI 数据时,它运行良好。它也适用于与我配置相同的同事:Windows Server 2008 R2 虚拟机(域控制器)作为远程机器;Windows 7 主机(在不同的域中)作为进行调用的客户端。
但是,在某些时候,代码停止工作。代码简要概述:它提示输入凭据,然后连接到远程服务器,然后使用 WQL 行查询其操作系统信息Select * from win32_operatingsystem,然后检索返回的操作系统对象,然后询问表示操作系统名称的对象和表示机器上的可用内存,将此信息打印到控制台。它目前在第一次IEnumWbemClassObject::Next调用时出错,应该检索操作系统对象。
我目前正在使用的代码是上面链接的示例代码的略微改编版本。这是完整的 .cpp(删除了一些注释掉的代码块):
#define _WIN32_DCOM
#define UNICODE
#include <iostream>
using namespace std;
#include <comdef.h>
#include <Wbemidl.h>
#pragma comment(lib, "wbemuuid.lib")
#pragma comment(lib, "credui.lib")
#pragma comment(lib, "comsuppw.lib")
#include <wincred.h>
#include <strsafe.h>
// Macro for cleanup (changed to exit to imitate original code more closely)
#define EXIT(x) { ret = x; goto out; }
// Entry point:
int __cdecl main(int argc, char **argv)
{
HRESULT hres;
int ret = 0;
// Initialize COM
hres = CoInitializeEx(0, COINIT_MULTITHREADED);
if (FAILED(hres))
{
cout << "Failed to initialize COM library. Error code = 0x" << hex << hres << endl;
EXIT(1);
}
// Set general COM security levels
hres = CoInitializeSecurity(
NULL,
-1, // COM authentication
NULL, // Authentication services
NULL, // Reserved
RPC_C_AUTHN_LEVEL_DEFAULT, // Default authentication
RPC_C_IMP_LEVEL_IDENTIFY, // Default Impersonation
NULL, // Authentication info
EOAC_NONE, // Additional capabilities
NULL // Reserved
);
if (FAILED(hres))
{
cout << "Failed to initialize security. Error code = 0x" << hex << hres << endl;
CoUninitialize();
EXIT(1);
}
// Obtain the initial locator to WMI
IWbemLocator* pLoc = NULL;
hres = CoCreateInstance(
CLSID_WbemLocator,
0,
CLSCTX_INPROC_SERVER,
IID_IWbemLocator,
(LPVOID*)&pLoc);
if (FAILED(hres))
{
cout << "Failed to create IWbemLocator object." << hex << hres << endl;
CoUninitialize();
EXIT(1);
}
// Connect to WMI through the IWbemLocator::ConnectServer method...
IWbemServices* pSvc = NULL;
// First, prompt for the user name and password for the remote computer
CREDUI_INFO cui;
bool useToken = false;
bool useNTLM = true;
wchar_t pszName[CREDUI_MAX_USERNAME_LENGTH+1] = {0};
wchar_t pszPwd[CREDUI_MAX_PASSWORD_LENGTH+1] = {0};
wchar_t pszDomain[CREDUI_MAX_USERNAME_LENGTH+1];
wchar_t pszUserName[CREDUI_MAX_USERNAME_LENGTH+1];
wchar_t pszAuthority[CREDUI_MAX_USERNAME_LENGTH+1];
BOOL fSave;
DWORD dwErr;
memset(&cui,0,sizeof(CREDUI_INFO));
cui.cbSize = sizeof(CREDUI_INFO);
cui.hwndParent = NULL;
cui.pszMessageText = TEXT("Press cancel to use process token");
cui.pszCaptionText = TEXT("Enter Account Information");
cui.hbmBanner = NULL;
fSave = FALSE;
dwErr = CredUIPromptForCredentials(
&cui, // CREDUI_INFO structure
TEXT(""), // Target for credentials
NULL, // Reserved
0, // Reason
pszName, // User name
CREDUI_MAX_USERNAME_LENGTH+1, // Max number for user name
pszPwd, // Password
CREDUI_MAX_PASSWORD_LENGTH+1, // Max number for password
&fSave, // State of save check box
CREDUI_FLAGS_GENERIC_CREDENTIALS |// flags
CREDUI_FLAGS_ALWAYS_SHOW_UI |
CREDUI_FLAGS_DO_NOT_PERSIST);
if (ERROR_CANCELLED == dwErr)
{
useToken = true;
}
else if (dwErr)
{
cout << "Did not get credentials: " << dwErr << endl;
pLoc->Release();
CoUninitialize();
EXIT(1);
}
if (!useNTLM)
{
cout << "not using NTLM" << endl;
StringCchPrintf(pszAuthority, CREDUI_MAX_USERNAME_LENGTH+1, L"kERBEROS: %s", L"serverdude");
}
// Connect to the remote root\cimv2 namespace and obtain pointer pSvc to make IWbemServices calls.
hres = pLoc->ConnectServer(
_bstr_t(L"\\\\serverdude\\root\\cimv2"),
_bstr_t(useToken?NULL:pszName), // User name
_bstr_t(useToken?NULL:pszPwd), // User password
NULL, // Locale
NULL, // Security flags
_bstr_t(useNTLM?NULL:pszAuthority),// Authority
NULL, // Context object
&pSvc // IWbemServices proxy
);
if (FAILED(hres))
{
cout << "Could not connect. Error code = 0x" << hex << hres << endl;
pLoc->Release();
CoUninitialize();
EXIT(1);
}
cout << "Connected to ROOT\\CIMV2 WMI namespace" << endl;
// Create COAUTHIDENTITY that can be used for setting security on proxy
COAUTHIDENTITY* userAcct = NULL;
COAUTHIDENTITY authIdent;
if (!useToken)
{
memset(&authIdent, 0, sizeof(COAUTHIDENTITY));
authIdent.PasswordLength = wcslen (pszPwd);
authIdent.Password = (USHORT*)pszPwd;
LPWSTR slash = wcschr (pszName, L'\\');
if (NULL == slash)
{
cout << "Could not create Auth identity. No domain specified.\n";
pSvc->Release();
pLoc->Release();
CoUninitialize();
EXIT(1);
}
StringCchCopy(pszUserName, CREDUI_MAX_USERNAME_LENGTH+1, slash+1);
authIdent.User = (USHORT*)pszUserName;
authIdent.UserLength = wcslen(pszUserName);
StringCchCopyN(pszDomain, CREDUI_MAX_USERNAME_LENGTH+1, pszName, slash - pszName);
authIdent.Domain = (USHORT*)pszDomain;
authIdent.DomainLength = slash - pszName;
authIdent.Flags = SEC_WINNT_AUTH_IDENTITY_UNICODE;
userAcct = &authIdent;
}
// Set security levels on a WMI connection
hres = CoSetProxyBlanket(
pSvc, // Indicates the proxy to set
RPC_C_AUTHN_DEFAULT, // RPC_C_AUTHN_xxx
RPC_C_AUTHZ_DEFAULT, // RPC_C_AUTHZ_xxx
COLE_DEFAULT_PRINCIPAL, // Server principal name
RPC_C_AUTHN_LEVEL_PKT_PRIVACY, // RPC_C_AUTHN_LEVEL_xxx
RPC_C_IMP_LEVEL_IMPERSONATE, // RPC_C_IMP_LEVEL_xxx
userAcct, // client identity
EOAC_NONE // proxy capabilities
);
if (FAILED(hres))
{
cout << "Could not set proxy blanket. Error code = 0x" << hex << hres << endl;
pSvc->Release();
pLoc->Release();
CoUninitialize();
EXIT(1);
}
// Use the IWbemServices pointer to make requests of WMI...
// Get the name of the operating system
IEnumWbemClassObject* pEnum = NULL;
hres = pSvc->ExecQuery(
bstr_t("WQL"),
bstr_t("Select * from Win32_OperatingSystem"),
WBEM_FLAG_FORWARD_ONLY | WBEM_FLAG_RETURN_IMMEDIATELY,
NULL,
&pEnum);
if (FAILED(hres))
{
cout << "Query for operating system name failed." << " Error code = 0x" << hex << hres << endl;
pSvc->Release();
pLoc->Release();
CoUninitialize();
EXIT(1);
}
// Secure the enumerator proxy
hres = CoSetProxyBlanket(
pEnum, // Indicates the proxy to set
RPC_C_AUTHN_DEFAULT, // RPC_C_AUTHN_xxx
RPC_C_AUTHZ_DEFAULT, // RPC_C_AUTHZ_xxx
COLE_DEFAULT_PRINCIPAL, // Server principal name
RPC_C_AUTHN_LEVEL_PKT_PRIVACY, // RPC_C_AUTHN_LEVEL_xxx
RPC_C_IMP_LEVEL_IMPERSONATE, // RPC_C_IMP_LEVEL_xxx
userAcct, // client identity
EOAC_NONE // proxy capabilities
);
if (FAILED(hres))
{
cout << "Could not set proxy blanket on enumerator. Error code = 0x" << hex << hres << endl;
pEnum->Release();
pSvc->Release();
pLoc->Release();
CoUninitialize();
EXIT(1);
}
// Erase credentials from memory.
SecureZeroMemory(pszName, sizeof(pszName));
SecureZeroMemory(pszPwd, sizeof(pszPwd));
SecureZeroMemory(pszUserName, sizeof(pszUserName));
SecureZeroMemory(pszDomain, sizeof(pszDomain));
// Get the data from the OS query
IWbemClassObject* pclsObj = NULL;
ULONG uReturn = 0;
while (pEnum)
{
// DEBUG:
cout << "beginning of loop..." << endl;
// Get the result of the query
HRESULT hr = pEnum->Next(WBEM_INFINITE, 1, &pclsObj, &uReturn);
// DEBUG:
cout << "IEnumWbemClassObject::Next returned 0x" << hex << hr << endl;
// PATCH: NOT SURE WHY IT WORKS
if (0 == uReturn)
{
continue;
}
// Get the value of the Name property
VARIANT vtProp;
hr = pclsObj->Get(L"Name", 0, &vtProp, 0, 0);
if (FAILED(hr))
{
cout << "Could not get OS name. Error code = 0x" << hex << hr << endl;
EXIT(1);
}
// Display OS name info
wcout << "\tOS Name : " << vtProp.bstrVal << endl;
// Get the value of the FreePhysicalMemory property
hr = pclsObj->Get(L"FreePhysicalMemory", 0, &vtProp, 0, 0);
if (FAILED(hr))
{
cout << "Could not get free physical memory. Error code = 0x" << hex << hr << endl;
EXIT(1);
}
// Display free memory info
wcout << "\tFree physical memory (in kilobytes): " << vtProp.uintVal << endl;
VariantClear(&vtProp);
pclsObj->Release();
pclsObj = NULL;
// KEEP THIS ONLY IF USING PATCH SOLN
break;
}
// Clean up
pSvc->Release();
pLoc->Release();
pEnum->Release();
if (pclsObj)
{
pclsObj->Release();
}
CoUninitialize();
out:
system("pause");
return ret;
}
控制台的输出是:
连接到 ROOT\CIMV2 WMI 命名空间
循环开始...
IEnumWbemClassObject::Next 返回 0x800706bf
循环开始...
IEnumWbemClassObject::Next 返回 0x0
操作系统名称:Microsoft Windows Server 2008 R2 Datacenter |C:\Windows|\Device\Harddisk0\Partition1
可用物理内存(以千字节为单位):8050116
按任意键继续 。. .
代码的唯一重大变化是最后的循环。MSDN 示例不检查错误,而是在EnumWbemClassObject::Next将puReturned参数设置为 0 时跳出循环(表示请求的 1 个对象返回 0个对象)。相反,我显示结果但不对其采取行动,如果uResult为 0,则再次尝试循环,并且只有在没有时才跳出循环。这显然是一个 hacky 解决方案,如果代码正常工作,可能会导致无限循环。还值得注意的是,在我尝试循环时,我遇到了其中一个奇怪的访问冲突:程序在某一行抛出异常,但是当我更改下一行时线问题消失了。这让我觉得内存损坏可能会发生一些奇怪的事情。
这是更奇怪的部分:当我运行WBEMtest.exe(Windows 提供的用于运行本地或远程 WMI 命令的 GUI)时,我的查询也只适用于第二次 try。就像我的代码一样,它Error 0x800706bf: The remote procedure call failed and did not execute在第一次尝试时返回。
出于好奇,我使用事件日志记录了 WMI 活动。我无法从结果中收集到太多信息(除了我的代码和 WBEMtest.exe 之间发生了不同的事情),但无论如何它们都在这里:
从我的代码运行:
级别 日期和时间 源 事件 ID 任务类别
信息 12/6/2012 12:22:03 PM Microsoft-Windows-WMI-Activity 1 无 GroupOperationId = 6350;操作 ID = 6350;操作 = IWbemServices::Connect; ClientMachine = MSJOHNSON-THINK;用户 = 公司\管理员;ClientProcessId = 26304; 命名空间名称 = \\serverdude\root\cimv2
信息 12/6/2012 12:22:03 PM Microsoft-Windows-WMI-Activity 1 无 GroupOperationId = 6351;操作 ID = 6352;Operation = 启动 IWbemServices::ExecQuery - 从 Win32_OperatingSystem 中选择 *;ClientMachine = MSJOHNSON-THINK;用户 = 公司\管理员;ClientProcessId = 26304; 命名空间名称 = \\.\root\cimv2
信息 12/6/2012 12:22:03 PM Microsoft-Windows-WMI-Activity 1 无 GroupOperationId = 6351;操作 ID = 6353; 操作 = 启动 IWbemServices::ExecQuery - 从 __ClassProviderRegistration 中选择 *;ClientMachine = 本地;用户 = 公司\管理员;ClientProcessId = 0; 命名空间名称 = \\.\root\CIMV2
信息 12/6/2012 12:22:03 PM Microsoft-Windows-WMI-Activity 1 无 "GroupOperationId = 6351; OperationId = 6354; Operation = 启动 IWbemServices::GetObject - __Win32Provider.Name=""WmiPerfClass""; ClientMachine =本地;用户 = CORP\Administrator;ClientProcessId = 0;命名空间名称 = \\.\root\CIMV2"
信息 12/6/2012 12:22:03 PM Microsoft-Windows-WMI-Activity 3 无停止 OperationId = 6354
信息 12/6/2012 12:22:03 PM Microsoft-Windows-WMI-Activity 1 无 "GroupOperationId = 6351; OperationId = 6355; Operation = Start IWbemServices::ExecQuery - {__Win32Provider.Name=""WmiPerfClass"" 的引用};ClientMachine = 本地;用户 = CORP\Administrator;ClientProcessId = 0;命名空间名称 = \\.\root\CIMV2"
信息 2012 年 12 月 6 日下午 12:22:03 Microsoft-Windows-WMI-Activity 3 无停止 OperationId = 6353
信息 12/6/2012 12:22:03 PM Microsoft-Windows-WMI-Activity 1 无 "GroupOperationId = 6351; OperationId = 6356; Operation = 启动 IWbemServices::GetObject - __Win32Provider.Name=""CIMWin32""; ClientMachine =本地;用户 = CORP\Administrator;ClientProcessId = 0;命名空间名称 = \\.\root\CIMV2"
信息 12/6/2012 12:22:03 PM Microsoft-Windows-WMI-Activity 3 无停止 OperationId = 6356
信息 12/6/2012 12:22:03 PM Microsoft-Windows-WMI-Activity 1 无 "GroupOperationId = 6351; OperationId = 6357; Operation = Start IWbemServices::ExecQuery - {__Win32Provider.Name=""CIMWin32"" 的引用};ClientMachine = 本地;用户 = CORP\Administrator;ClientProcessId = 0;命名空间名称 = \\.\root\CIMV2"
信息 12/6/2012 12:22:03 PM Microsoft-Windows-WMI-Activity 3 无停止 OperationId = 6355
信息 12/6/2012 12:22:03 PM Microsoft-Windows-WMI-Activity 3 无停止 OperationId = 6357
信息 12/6/2012 12:22:03 PM Microsoft-Windows-WMI-Activity 1 无 GroupOperationId = 6358;操作 ID = 6358;操作 = IWbemServices::Connect; ClientMachine = WIN-T53A1FADTFB; 用户 = NT AUTHORITY\网络服务;ClientProcessId = 3000; 命名空间名称 = 根
信息 12/6/2012 12:22:03 PM Microsoft-Windows-WMI-Activity 3 无停止 OperationId = 6358
信息 12/6/2012 12:22:03 PM Microsoft-Windows-WMI-Activity 1 无 "GroupOperationId = 6351; OperationId = 6359; Operation = Start IWbemServices::ExecQuery - {__Win32Provider.Name=""CIMWin32"" 的引用};ClientMachine = 本地;用户 = CORP\Administrator;ClientProcessId = 0;命名空间名称 = \\.\root\CIMV2"
信息 12/6/2012 12:22:03 PM Microsoft-Windows-WMI-Activity 3 无停止 OperationId = 6359
信息 12/6/2012 12:22:03 PM Microsoft-Windows-WMI-Activity 1 无 GroupOperationId = 6351;操作 ID = 6360;操作 = 启动 IWbemServices::GetObject - Win32_OperatingSystem;ClientMachine = 本地;用户 = 公司\管理员;ClientProcessId = 0; 命名空间名称 = \\.\root\CIMV2
信息 12/6/2012 12:22:03 PM Microsoft-Windows-WMI-Activity 3 无停止 OperationId = 6360
信息 12/6/2012 12:22:03 PM Microsoft-Windows-WMI-Activity 1 无 "GroupOperationId = 6351; OperationId = 6361; Operation = 启动 IWbemServices::GetObject - __Win32Provider.Name=""CIMWin32""; ClientMachine =本地;用户 = CORP\Administrator;ClientProcessId = 0;命名空间名称 = \\.\root\CIMV2"
信息 12/6/2012 12:22:03 PM Microsoft-Windows-WMI-Activity 3 无停止 OperationId = 6361
信息 12/6/2012 12:22:03 PM Microsoft-Windows-WMI-Activity 1 无 "GroupOperationId = 6351; OperationId = 6362; Operation = Start IWbemServices::ExecQuery - {__Win32Provider.Name=""CIMWin32"" 的引用};ClientMachine = 本地;用户 = CORP\Administrator;ClientProcessId = 0;命名空间名称 = \\.\root\CIMV2"
信息 12/6/2012 12:22:03 PM Microsoft-Windows-WMI-Activity 3 无停止 OperationId = 6362
信息 2012 年 12 月 6 日下午 12:22:03 Microsoft-Windows-WMI-Activity 2 无 GroupOperationId = 6351 的 ProviderInfo;操作 = Provider::CreateInstanceEnum - Win32_OperatingSystem; 提供者名称 = CIMWin32;ProviderGuid = {d63a5850-8f16-11cf-9f47-00aa00bf345c}; 路径 = %systemroot%\system32\wbem\cimwin32.dll
信息 12/6/2012 12:22:03 PM Microsoft-Windows-WMI-Activity 1 无 GroupOperationId = 6351;操作 ID = 6363;操作 = 启动 IWbemServices::ExecQuery - 从 Win32_Process 中选择 __RELPATH;ClientMachine = 本地;用户 = 公司\管理员;ClientProcessId = 0; 命名空间名称 = \\.\root\CIMV2
信息 12/6/2012 12:22:03 PM Microsoft-Windows-WMI-Activity 1 无 "GroupOperationId = 6351; OperationId = 6364; Operation = 启动 IWbemServices::GetObject - __Win32Provider.Name=""CIMWin32""; ClientMachine =本地;用户 = CORP\Administrator;ClientProcessId = 0;命名空间名称 = \\.\root\CIMV2"
信息 2012 年 12 月 6 日下午 12:22:03 Microsoft-Windows-WMI-Activity 3 无停止 OperationId = 6364
信息 12/6/2012 12:22:03 PM Microsoft-Windows-WMI-Activity 1 无 "GroupOperationId = 6351; OperationId = 6365; Operation = Start IWbemServices::ExecQuery - {__Win32Provider.Name=""CIMWin32"" 的引用};ClientMachine = 本地;用户 = CORP\Administrator;ClientProcessId = 0;命名空间名称 = \\.\root\CIMV2"
信息 2012 年 12 月 6 日下午 12:22:03 Microsoft-Windows-WMI-Activity 3 无停止 OperationId = 6365
信息 12/6/2012 12:22:03 PM Microsoft-Windows-WMI-Activity 1 无 GroupOperationId = 6351;操作 ID = 6366; 操作 = 启动 IWbemServices::GetObject - Win32_Process;ClientMachine = 本地;用户 = 公司\管理员;ClientProcessId = 0; 命名空间名称 = \\.\root\CIMV2
信息 2012 年 12 月 6 日下午 12:22:03 Microsoft-Windows-WMI-Activity 3 无停止 OperationId = 6366
信息 12/6/2012 12:22:03 PM Microsoft-Windows-WMI-Activity 1 无 "GroupOperationId = 6351; OperationId = 6367; Operation = 启动 IWbemServices::GetObject - __Win32Provider.Name=""CIMWin32""; ClientMachine =本地;用户 = CORP\Administrator;ClientProcessId = 0;命名空间名称 = \\.\root\CIMV2"
信息 12/6/2012 12:22:03 PM Microsoft-Windows-WMI-Activity 3 无停止 OperationId = 6367
信息 12/6/2012 12:22:03 PM Microsoft-Windows-WMI-Activity 1 无 "GroupOperationId = 6351; OperationId = 6368; Operation = Start IWbemServices::ExecQuery - {__Win32Provider.Name=""CIMWin32"" 的引用};ClientMachine = 本地;用户 = CORP\Administrator;ClientProcessId = 0;命名空间名称 =
运行 WBEMtest.exe:
级别 日期和时间 源 事件 ID 任务类别
信息 12/6/2012 12:29:41 PM Microsoft-Windows-WMI-Activity 1 无 GroupOperationId = 6373;操作 ID = 6373; 操作 = IWbemServices::Connect; ClientMachine = MSJOHNSON-THINK;用户 = 公司\管理员;ClientProcessId = 26004; 命名空间名称 = \\serverdude\root\cimv2
信息 12/6/2012 12:29:52 PM Microsoft-Windows-WMI-Activity 1 无 GroupOperationId = 6374;操作 ID = 6375; Operation = 启动 IWbemServices::ExecQuery - 从 win32_operatingsystem 中选择 *;ClientMachine = MSJOHNSON-THINK;用户 = 公司\管理员;ClientProcessId = 26004; 命名空间名称 = \\.\root\cimv2
信息 12/6/2012 12:29:52 PM Microsoft-Windows-WMI-Activity 1 无 GroupOperationId = 6374;操作 ID = 6376; 操作 = 启动 IWbemServices::ExecQuery - 从 __ClassProviderRegistration 中选择 *;ClientMachine = 本地;用户 = 公司\管理员;ClientProcessId = 0; 命名空间名称 = \\.\root\CIMV2
信息 12/6/2012 12:29:52 PM Microsoft-Windows-WMI-Activity 1 无 "GroupOperationId = 6374; OperationId = 6377; Operation = 启动 IWbemServices::GetObject - __Win32Provider.Name=""WmiPerfClass""; ClientMachine =本地;用户 = CORP\Administrator;ClientProcessId = 0;命名空间名称 = \\.\root\CIMV2"
信息 2012 年 12 月 6 日下午 12:29:52 Microsoft-Windows-WMI-Activity 3 无停止 OperationId = 6377
信息 2012 年 12 月 6 日下午 12:29:52 Microsoft-Windows-WMI-Activity 1 无 "GroupOperationId = 6374; OperationId = 6378; Operation = Start IWbemServices::ExecQuery - {__Win32Provider.Name=""WmiPerfClass"" 的引用};ClientMachine = 本地;用户 = CORP\Administrator;ClientProcessId = 0;命名空间名称 = \\.\root\CIMV2"
信息 2012 年 12 月 6 日下午 12:29:52 Microsoft-Windows-WMI-Activity 3 无停止 OperationId = 6376
信息 2012 年 12 月 6 日下午 12:29:52 Microsoft-Windows-WMI-Activity 3 无停止 OperationId = 6378
信息 12/6/2012 12:29:52 PM Microsoft-Windows-WMI-Activity 1 无 GroupOperationId = 6374;操作 ID = 6379; 操作 = 启动 IWbemServices::GetObject - win32_operatingsystem;ClientMachine = 本地;用户 = 公司\管理员;ClientProcessId = 0; 命名空间名称 = \\.\root\CIMV2
信息 12/6/2012 12:29:52 PM Microsoft-Windows-WMI-Activity 3 无停止 OperationId = 6379
信息 2012 年 12 月 6 日下午 12:29:52 Microsoft-Windows-WMI-Activity 2 无 GroupOperationId = 6374 的 ProviderInfo;操作 = Provider::CreateInstanceEnum - Win32_OperatingSystem; 提供者名称 = CIMWin32;ProviderGuid = {d63a5850-8f16-11cf-9f47-00aa00bf345c}; 路径 = %systemroot%\system32\wbem\cimwin32.dll
信息 12/6/2012 12:29:52 PM Microsoft-Windows-WMI-Activity 1 无 GroupOperationId = 6374;操作 ID = 6380;操作 = 启动 IWbemServices::ExecQuery - 从 Win32_Process 中选择 __RELPATH;ClientMachine = 本地;用户 = 公司\管理员;ClientProcessId = 0; 命名空间名称 = \\.\root\CIMV2
信息 12/6/2012 12:29:52 PM Microsoft-Windows-WMI-Activity 1 无 GroupOperationId = 6374;操作 ID = 6381;操作 = 启动 IWbemServices::GetObject - Win32_Process;ClientMachine = 本地;用户
所以,是的,我完全失去了。谁能弄清楚发生了什么?我已经看到其他人在类似情况下看到机器之间的 WMI 行为不一致的报告(例如,这里称为Win32_BaseBoard 的 WMI 查询的问题没有返回结果——由于新用户的最大超链接为两个超链接,因此无法链接),但我从未见过令人满意的解释。顺便说一句,我从一个新的虚拟机开始,仍然遇到这个问题(尽管每隔一段时间 WBEMtest.exe 在第一次尝试时没有出错)。