I've been exploring the world of CIM scripting a lot these days. I thought we'd continue that journey today. I'm sure most of you are familiar with the Win32 classes in the `Root\CimV2` namespace. These are common classes we've used since the days of VBScript to get system management information.
But there's another class you may not be familiar with that offers a few tantalizing opportunities. Instead of querying the file system to retrieve file information, you can use the `CIM_DataFile` class to get file information. This class is part of the `Root\CimV2` namespace.
This is a rich object. In the last update to the [PSScriptTools](https://github.com/jdhitsolutions/PSScriptTools) module, I added several [CIM-related functions](https://github.com/jdhitsolutions/PSScriptTools#CIM-Tools). These functions are designed to make it easier to discover information about CIM classes.
PS C:\> Get-CimMember Cim_DataFile
Class: Root/Cimv2:CIM_DataFile
Property ValueType Flags
-------- --------- -----
AccessMask UInt32 ReadOnly, NullValue
Archive Boolean ReadOnly, NullValue
Caption String ReadOnly, NullValue
Compressed Boolean ReadOnly, NullValue
CompressionMethod String ReadOnly, NullValue
CreationClassName String ReadOnly, NullValue
CreationDate DateTime ReadOnly, NullValue
CSCreationClassName String ReadOnly, NullValue
CSName String ReadOnly, NullValue
Description String ReadOnly, NullValue
Drive String ReadOnly, NullValue
EightDotThreeFileName String ReadOnly, NullValue
Encrypted Boolean ReadOnly, NullValue
EncryptionMethod String ReadOnly, NullValue
Extension String ReadOnly, NullValue
FileName String ReadOnly, NullValue
FileSize UInt64 ReadOnly, NullValue
FileType String ReadOnly, NullValue
FSCreationClassName String ReadOnly, NullValue
FSName String ReadOnly, NullValue
Hidden Boolean ReadOnly, NullValue
InstallDate DateTime ReadOnly, NullValue
InUseCount UInt64 ReadOnly, NullValue
LastAccessed DateTime ReadOnly, NullValue
LastModified DateTime ReadOnly, NullValue
Manufacturer String ReadOnly, NullValue
Name String Key, ReadOnly, NullValue
Path String ReadOnly, NullValue
Readable Boolean ReadOnly, NullValue
Status String ReadOnly, NullValue
System Boolean ReadOnly, NullValue
Version String ReadOnly, NullValue
Writeable Boolean ReadOnly, NullValue
Key properties will be highlighted in green. This class, by the way, is derived from the `CIM_LogicalFile` class. If you query for this class, you still end up with the same information, but it will be a `CIM_DataFile` instance.
PS C:\> Get-CimInstance -ClassName CIM_DataFile -Filter "Name='C:\\Windows\\System32\\notepad.exe'" | Tee -Variable f
Compressed : False
Encrypted : False
Size :
Hidden : False
Name : C:\Windows\System32\notepad.exe
Readable : True
System : False
Version : 10.0.22621.3646
Writeable : True
PS C:\> $f.PSObject.TypeNames
Microsoft.Management.Infrastructure.CimInstance#root/cimv2/CIM_DataFile
Microsoft.Management.Infrastructure.CimInstance#ROOT/cimv2/CIM_LogicalFile
Microsoft.Management.Infrastructure.CimInstance#ROOT/cimv2/CIM_LogicalElement
Microsoft.Management.Infrastructure.CimInstance#ROOT/cimv2/CIM_ManagedSystemElement
Microsoft.Management.Infrastructure.CimInstance#CIM_DataFile
Microsoft.Management.Infrastructure.CimInstance#CIM_LogicalFile
Microsoft.Management.Infrastructure.CimInstance#CIM_LogicalElement
Microsoft.Management.Infrastructure.CimInstance#CIM_ManagedSystemElement
Microsoft.Management.Infrastructure.CimInstance
System.Object
