How To: (Almost) Everything In WMI via C# Part 2: Processes

thund3rstruck

4.50/5 (22 votes)

Mar 26, 2007

CPOL

2 min read

323305

7859

A C# Wrapper for WMI Win32_Process Class

Download source - 19.22 KB

Introduction

This is the second article in the series of articles How To: (Almost) Everything In WMI via C#.

Reference Part 1: WIN32_Registry
Reference Part 2: WIN32_Process

This article focuses on the Win32_Process class within the root\CIMV2 namespace. This library exposes all the properties and methods encapsulated in this namespace to your application (and there are quite a few). Using this library, you can enumerate properties of the processes on your machines, kick off processes, terminate processes, enumerate processes, and gather significant details regarding your processes. The library facilitates running any of these tasks on local or remote workstations.

Consideration

Please do not send me emails with instructions on how to perform these tasks using .NET native classes. That is not the point of these articles. I'm composing these articles for the purpose of demonstrating how to use WMI within C#.NET with the System.Management namespace. Also note that WMI is a bit slower than the .NET classes so if you have no specific need to use WMI, you should probably be using System.Diagnostics.Process instead.

Using the Attached Code

Methods (Local Machine or Remote Machine)

CreateProcess(string processPath) - Starts a process
GetProcessOwner(string processName) - Gets the user name of the process owner
GetProcessOwnerSID(string processName) - Gets the SID of the process owner
ProcessProperties(string processName) - Gets the 60+ property values of the process
RunningProcesses() - Gets the names of all the running processes (can be changed)
SetPriority(string processName, ProcessPriority.priority priority) - Changes the process priority
TerminateProcess(string processName) - Kills the process

Instantiate the Local Provider

//using baileysoft.Wmi.Process; *must include
ProcessLocal processObject = new ProcessLocal();

Walkthrough All the Methods

 //Get Running Processes
 Console.WriteLine("Fetching Running Processes: ");
 foreach (string eachProcess in processObject.RunningProcesses())
 {
    Console.WriteLine("Process: " + eachProcess);
 }
 Console.WriteLine("");
 
 //Start Process
 string processName = "notepad.exe";
 Console.WriteLine("Creating Process: " + processName);
 Console.WriteLine(processObject.CreateProcess(processName));
 
 //Change the Priority
 Console.WriteLine("Setting Process Priority: Idle");
 processObject.SetPriority(processName, ProcessPriority.priority.IDLE);
 
 //Get the Owner of a Process
 Console.WriteLine("Process Owner: " + processObject.GetProcessOwner(processName));
 
 //Get the Process Owner's SID 
 Console.WriteLine("Process Owner SID: " + 
    processObject.GetProcessOwnerSID(processName));
 Console.WriteLine("");

 //Get a collection of all the Properties of a Process (Memory Usage, etc, etc)
 Console.WriteLine("Properties of Process: " + processName);
 foreach (string property in processObject.ProcessProperties(processName))
  {
      Console.WriteLine(property);
  }
  Console.WriteLine("");
  
  //Terminate a Process  
  Console.WriteLine("Killing Process: " + processName);
  processObject.TerminateProcess(processName);
  Console.WriteLine("Process Terminated");  
  
  Console.ReadLine();

Remote System Processes

In order to run the code above against a remote machine, you must instantiate the ProcessRemote class. During this instantiation, you need to either send in explicit credentials or you can send in null values if you're running this on a workstation on a domain, logged in with a domain account with the appropriate permissions to perform these tasks against the remote workstation.

Instantiating the Remote Provider

//using baileysoft.Wmi.Process; *must include
ProcessRemote processObject = 
              new ProcessRemote(userName,
                                password,
                                domain,
                                machine/ip);

Connecting to a Remote Machine Where You Want to Use The Domain Credentials from the LoggedIn User

ProcessRemote processObject = 
                    new ProcessRemote(null,
                                      null,
                                      null,
                                      machine/ip);

Using a Service Account to kick off a Remote Process

ProcessRemote processObject = 
                    new ProcessRemote("neal.bailey",
                                      "S3cr3tPa$$",
                                      "BAILEYSOFT",
                                      "192.168.2.1");
                                      
                    processObject.OneOfTheMethodsDetailedAbove;

Conclusion

The WMI (Windows Management Instrumentation) provider is considerably slower than the native .NET classes. At first it may seem pointless to use WMI for process management tasks considering the ease of use of the .NET System.Diagnostics.Process classes, however a lot of developers out there spent a lot of time learning WMI and would like to have it available in their toolbox.

History

Originally submitted on 26^th March, 2007