1
00:00:00,940 --> 00:00:01,950
[Autogenerated] now, one of the reasons

2
00:00:01,950 --> 00:00:04,360
for using W. M. I is that it gives us a

3
00:00:04,360 --> 00:00:09,440
powerful platform for managing computers.

4
00:00:09,440 --> 00:00:12,120
We're able to manage not just local

5
00:00:12,120 --> 00:00:15,310
machines but also remote machines. Albeit

6
00:00:15,310 --> 00:00:17,060
there needs to be some configuration doing

7
00:00:17,060 --> 00:00:19,750
on those remote machines to allow the

8
00:00:19,750 --> 00:00:22,010
communication from my machine to that

9
00:00:22,010 --> 00:00:24,490
other machine. Now the prerequsites for

10
00:00:24,490 --> 00:00:27,550
this are focused on four core things. The

11
00:00:27,550 --> 00:00:30,280
first one is Windows firewall settings. So

12
00:00:30,280 --> 00:00:32,260
we need to enable to be my traffic

13
00:00:32,260 --> 00:00:34,500
directly through the windows firewall off

14
00:00:34,500 --> 00:00:36,440
the devices so that communication could

15
00:00:36,440 --> 00:00:38,310
take place. Which means that when I

16
00:00:38,310 --> 00:00:41,130
execute the command, it will be received

17
00:00:41,130 --> 00:00:44,140
on the other end and returned the results.

18
00:00:44,140 --> 00:00:46,570
We may also need to configure the user

19
00:00:46,570 --> 00:00:48,690
account control settings. The easiest way

20
00:00:48,690 --> 00:00:50,420
of doing this without making the changes

21
00:00:50,420 --> 00:00:53,820
is to ensure that we run PowerShell window

22
00:00:53,820 --> 00:00:56,100
or the PowerShell console or the I S. C or

23
00:00:56,100 --> 00:00:57,650
whatever PowerShell application that we

24
00:00:57,650 --> 00:00:59,780
use him, that we run that in the context

25
00:00:59,780 --> 00:01:02,940
off administrator. Then, of course, we may

26
00:01:02,940 --> 00:01:05,470
need to explicitly grant decomp access,

27
00:01:05,470 --> 00:01:09,280
activation and launch rights to the

28
00:01:09,280 --> 00:01:10,770
account that's going to be used for

29
00:01:10,770 --> 00:01:13,540
connecting to the other machine and We may

30
00:01:13,540 --> 00:01:15,730
also need to do some of the same object

31
00:01:15,730 --> 00:01:18,270
model settings. There's a registry key

32
00:01:18,270 --> 00:01:21,180
court allow anonymous call back. So if I'm

33
00:01:21,180 --> 00:01:23,320
trying to connect to a machine and the two

34
00:01:23,320 --> 00:01:25,030
machines are not on the same domain or

35
00:01:25,030 --> 00:01:27,290
their untrusted, we may need to set that

36
00:01:27,290 --> 00:01:29,380
registry key. Now, of course, there are

37
00:01:29,380 --> 00:01:32,120
ways of doing this within Windows we can

38
00:01:32,120 --> 00:01:34,280
actually executable PowerShell command

39
00:01:34,280 --> 00:01:36,890
called Enable ps ra Moting, and it will do

40
00:01:36,890 --> 00:01:39,910
some of the configuration for us now. Of

41
00:01:39,910 --> 00:01:42,030
course, a key thing is retrieving a list

42
00:01:42,030 --> 00:01:45,320
of classes and name spaces to retrieve all

43
00:01:45,320 --> 00:01:47,620
the W my classes within the default name

44
00:01:47,620 --> 00:01:49,990
space, which is route, we would simply say

45
00:01:49,990 --> 00:01:52,600
get doing my object and then use that list

46
00:01:52,600 --> 00:01:54,930
parameter to just render that out as a big

47
00:01:54,930 --> 00:01:58,940
list in the screen. If we wanted to target

48
00:01:58,940 --> 00:02:02,510
it to specific types, then we could say

49
00:02:02,510 --> 00:02:04,670
to be my object list, and then we're going

50
00:02:04,670 --> 00:02:06,750
to utilize standard PowerShell syntax are

51
00:02:06,750 --> 00:02:08,670
where object on. Then we're going to

52
00:02:08,670 --> 00:02:11,950
filter that out by wind. 30. To win 32 is

53
00:02:11,950 --> 00:02:14,110
a standard one for looking for Windows.

54
00:02:14,110 --> 00:02:17,110
Items such as memory process, a hard disk,

55
00:02:17,110 --> 00:02:20,160
etcetera then, of course, we can retrieve

56
00:02:20,160 --> 00:02:24,250
all of the W my name spaces by utilizing

57
00:02:24,250 --> 00:02:27,060
to be my object again Name space is route,

58
00:02:27,060 --> 00:02:29,470
so we specify that were in the root name

59
00:02:29,470 --> 00:02:32,070
space. And then we set the class to

60
00:02:32,070 --> 00:02:34,160
underscore underscore name space, which

61
00:02:34,160 --> 00:02:36,530
will be the default one which looks very

62
00:02:36,530 --> 00:02:38,300
similar to the second one. But this time

63
00:02:38,300 --> 00:02:40,600
I'm using Query. So it's showing you that

64
00:02:40,600 --> 00:02:43,770
we can achieve the same thing by utilizing

65
00:02:43,770 --> 00:02:46,540
either name space and class parameters or

66
00:02:46,540 --> 00:02:49,480
we can use query and then name space. So

67
00:02:49,480 --> 00:02:50,730
two different ways of doing the same

68
00:02:50,730 --> 00:02:52,970
thing. But either way, this will retrieve

69
00:02:52,970 --> 00:02:56,750
a list of the classes and name spaces.

70
00:02:56,750 --> 00:02:58,440
Now, we can also go a little bit further

71
00:02:58,440 --> 00:03:01,840
here where we can use to be my object name

72
00:03:01,840 --> 00:03:03,940
space, and you'll notice we now can do a

73
00:03:03,940 --> 00:03:06,700
combination off what would have been the

74
00:03:06,700 --> 00:03:09,440
name space on then? The class. So one of

75
00:03:09,440 --> 00:03:10,900
the class names, for example, is called

76
00:03:10,900 --> 00:03:13,880
security center too, so we can combine the

77
00:03:13,880 --> 00:03:16,180
two together instead of utilizing the

78
00:03:16,180 --> 00:03:18,690
class parameter. And now we're able to use

79
00:03:18,690 --> 00:03:21,390
list. So we can say retrieval the W M O

80
00:03:21,390 --> 00:03:25,110
classes for a specific name space we can

81
00:03:25,110 --> 00:03:27,590
also then target even further. So, for

82
00:03:27,590 --> 00:03:29,390
example, you notice the parameter last

83
00:03:29,390 --> 00:03:31,920
time was called class name, so that would

84
00:03:31,920 --> 00:03:34,280
be security center to. In this instance,

85
00:03:34,280 --> 00:03:36,650
we're going to retrieve anti virus product

86
00:03:36,650 --> 00:03:39,160
information. How do I know that anti virus

87
00:03:39,160 --> 00:03:41,010
product information is there? Well, when

88
00:03:41,010 --> 00:03:43,250
we use the W my explorer we can actually

89
00:03:43,250 --> 00:03:45,420
do in and see that when we expand onto

90
00:03:45,420 --> 00:03:47,910
route and go to security center to that

91
00:03:47,910 --> 00:03:49,370
will be click into there, you'll see anti

92
00:03:49,370 --> 00:03:52,190
virus as a class, so we can, then drill

93
00:03:52,190 --> 00:03:58,000
down even further to retrieve the specifics for that class and name space.