While .mof files are generally used for DSC configurations of servers or local machines, they supposedly work well with WMI. I am a dummy when it comes to DSC but have posted WQL scripts over the years.
The code below is an example of creating/removing a WMI Namespace called Winbatch. Of course the .mof files could be created manually in Notepad and later compiled with mofcomp.exe. Be fun to go further
- Create Class or Classes for Winbatch Namespace
- Create Properties for Classes
- Create Instance for Properties
but so far have been unable to find a good reference, i.e. what are all the pragmas, syntax for defining properties, instances.
;NOTE: Using ## to avoid invalid char error
mof = $"##pragma namespace("\\\\.\\Root")
instance of __Namespace
{
Name = "WinBatch";
};
$"
mofile = "C:\temp\CreateWB.mof"
If Fileexist(mofile) Then Filedelete(mofile)
FilePut(mofile,mof)
If FileExist(mofile) Then Message("MOF File Created",mofile)
Exit
;you can run "mofcomp.exe c:\temp\CreateWB.mof" as mofcomp should be installed in \systen32
;after you confirm the Namespace was created use this
mofile = "C:\temp\CreateWB.mof"
If Fileexist(mofile)
delmofile = "C:\temp\RemoveWB.mof"
mof=$"##pragma namespace("\\\\.\\Root")
##pragma deleteinstance
("__Namespace.Name='WinBatch'", FAIL)
$"
FilePut(delmofile,mof)
Endif
Exit
;and run "mofcomp.exe C:\temp\RemoveWB.mof"
;and include error-handler to catch errors for the FAIL option
Very Interesting.
Just to make sure I understand...you can populate the DSC this way and then use WMI to pull the info like you can do for things like the system hardware configuration?
Jim
A further question, what advantage would you gain doing something like this over using the registry? Would this be more broadly accessible?
Jim
Quote from: JTaylor on May 04, 2024, 08:14:51 PMA further question, what advantage would you gain doing something like this over using the registry? Would be this more broadly accessible?
Jim
Probably a huge toss-up. The general idea was tossed at me [not necessarily for WB code] as possible way to manage fully functional distributed executables, i.e. date expires, renew, commands....
It would get complicated, but also could be more advanced than registry.. for example
https://learn.microsoft.com/en-us/mem/configmgr/develop/osd/about-configuration-manager-custom-action-mof-files
This just did a 180.... now the interest shifted from mof=>secure vault. I see there is a Microsoft Azure .NET assembly [but requires a subscription]. Played with new PS modules for creating/configuring/implementing a secure vault [pretty neat]. I was thinking about creating a secure vault for WB with a Wil map [ encrypted/hidden/password protected ] but Maps don't process as data types... so maybe a small SQLite table? Dunno.