PowerShell Scripting with CIM_DataFile

        June 11, 2024

PowerShell Scripting with CIM_DataFile

                I've been exploring the world of CIM scripting a lot these days. I thought we'd continue that journey today. I'm sure most of you are familiar with the Win32 classes in the `Root\CimV2` namespace. These are common classes we've used since the days of VBScript to get system management information.

But there's another class you may not be familiar with that offers a few tantalizing opportunities. Instead of querying the file system to retrieve file information, you can use the `CIM_DataFile` class to get file information. This class is part of the `Root\CimV2` namespace.

This is a rich object. In the last update to the [PSScriptTools](https://github.com/jdhitsolutions/PSScriptTools) module, I added several [CIM-related functions](https://github.com/jdhitsolutions/PSScriptTools#CIM-Tools). These functions are designed to make it easier to discover information about CIM classes.

PS C:\> Get-CimMember Cim_DataFile

   Class: Root/Cimv2:CIM_DataFile

Property              ValueType Flags

--------              --------- -----

AccessMask            UInt32    ReadOnly, NullValue

Archive               Boolean   ReadOnly, NullValue

Caption               String    ReadOnly, NullValue

Compressed            Boolean   ReadOnly, NullValue

CompressionMethod     String    ReadOnly, NullValue

CreationClassName     String    ReadOnly, NullValue

CreationDate          DateTime  ReadOnly, NullValue

CSCreationClassName   String    ReadOnly, NullValue

CSName                String    ReadOnly, NullValue

Description           String    ReadOnly, NullValue

Drive                 String    ReadOnly, NullValue

EightDotThreeFileName String    ReadOnly, NullValue

Encrypted             Boolean   ReadOnly, NullValue

EncryptionMethod      String    ReadOnly, NullValue

Extension             String    ReadOnly, NullValue

FileName              String    ReadOnly, NullValue

FileSize              UInt64    ReadOnly, NullValue

FileType              String    ReadOnly, NullValue

FSCreationClassName   String    ReadOnly, NullValue

FSName                String    ReadOnly, NullValue

Hidden                Boolean   ReadOnly, NullValue

InstallDate           DateTime  ReadOnly, NullValue

InUseCount            UInt64    ReadOnly, NullValue

LastAccessed          DateTime  ReadOnly, NullValue

LastModified          DateTime  ReadOnly, NullValue

Manufacturer          String    ReadOnly, NullValue

Name                  String    Key, ReadOnly, NullValue

Path                  String    ReadOnly, NullValue

Readable              Boolean   ReadOnly, NullValue

Status                String    ReadOnly, NullValue

System                Boolean   ReadOnly, NullValue

Version               String    ReadOnly, NullValue

Writeable             Boolean   ReadOnly, NullValue

Key properties will be highlighted in green. This class, by the way, is derived from the `CIM_LogicalFile` class. If you query for this class, you still end up with the same information, but it will be a `CIM_DataFile` instance.

PS C:\> Get-CimInstance -ClassName CIM_DataFile -Filter "Name='C:\\Windows\\System32\\notepad.exe'" | Tee -Variable f

Compressed : False

Encrypted  : False

Size       :

Hidden     : False

Name       : C:\Windows\System32\notepad.exe

Readable   : True

System     : False

Version    : 10.0.22621.3646

Writeable  : True

PS C:\> $f.PSObject.TypeNames

Microsoft.Management.Infrastructure.CimInstance#root/cimv2/CIM_DataFile

Microsoft.Management.Infrastructure.CimInstance#ROOT/cimv2/CIM_LogicalFile

Microsoft.Management.Infrastructure.CimInstance#ROOT/cimv2/CIM_LogicalElement

Microsoft.Management.Infrastructure.CimInstance#ROOT/cimv2/CIM_ManagedSystemElement

Microsoft.Management.Infrastructure.CimInstance#CIM_DataFile

Microsoft.Management.Infrastructure.CimInstance#CIM_LogicalFile

Microsoft.Management.Infrastructure.CimInstance#CIM_LogicalElement

Microsoft.Management.Infrastructure.CimInstance#CIM_ManagedSystemElement

Microsoft.Management.Infrastructure.CimInstance

System.Object

Let's see what kind of fun we can have with this class.

Get a premium subscription for full article and archive access

I've been exploring the world of CIM scripting a lot these days. I thought we'd continue that journey today. I'm sure most of you are familiar with the Win32 classes in the Root\CimV2 namespace. These are common classes we've used since the days of VBScript to get system management information.
But there's another class you may not be familiar with that offers a few tantalizing opportunities. Instead of querying the file system to retrieve file information, you can use the CIM_DataFile class to get file information. This class is part of the Root\CimV2 namespace.
This is a rich object. In the last update to the PSScriptTools module, I added several CIM-related functions. These functions are designed to make it easier to discover information about CIM classes.

                    Want to read the full issue?

Behind the PowerShell Pipeline

PowerShell Scripting with CIM_DataFile