Skip to main content

Overview

Examine the properties and structure of WMI classes to understand available data fields and plan targeted queries. This command is essential for understanding class schemas before performing detailed data extraction.

Syntax

SharpSCCM get class-properties <wmi-class> [options]

Parameters

wmi-class
string
required
The WMI class to examine (e.g., “SMS_R_System”)
sms-provider
string
The IP address, FQDN, or NetBIOS name of the SMS Provider to connect to
site-code
string
The three-character site code (e.g., “PS1”)

Examples

# Get properties of system class
SharpSCCM get class-properties SMS_R_System -sms SCCM01.corp.local -sc PS1

# Examine admin class structure
SharpSCCM get class-properties SMS_Admin -sms SCCM01.corp.local -sc PS1

Required Permissions

SMS Admins local group membership on the SMS Provider server

Output Format

The command displays properties with their data types and characteristics: 
-----------------------------------
SMS_R_System
-----------------------------------
Name (String, Key)
ResourceID (UInt32, Key)
LastLogonUserName (String)
LastLogonTimestamp (DateTime)
IPAddresses (String Array)
OperatingSystemNameandVersion (String)
-----------------------------------

Property Analysis

String Types:
  • Text data and identifiers
  • User and system names
  • Network addresses and paths
Numeric Types:
  • UInt32: Resource IDs and counts
  • DateTime: Timestamps and dates
  • Boolean: True/false flags
Array Types:
  • String arrays: Multiple values (IP addresses, software)
  • Numeric arrays: Collections of numbers
Key Properties:
  • Unique identifiers for instances
  • Used for object relationships
  • Critical for data correlation
Indexed Properties:
  • Optimized for searching and filtering
  • Better query performance
  • Common filter targets
Required vs Optional:
  • Required properties always have values
  • Optional properties may be null
  • Impact filtering and data quality

Common Class Properties

Identity Properties:
  • Name: NetBIOS computer name
  • ResourceID: Unique system identifier
  • SMSID: SCCM unique identifier
User Information:
  • LastLogonUserName: Last logged-on user
  • LastLogonTimestamp: Last logon time
  • PrimaryUserName: Primary user assignment
Network Information:
  • IPAddresses: Network IP addresses
  • MACAddresses: Hardware MAC addresses
  • IPSubnets: Network subnet information
System Information:
  • OperatingSystemNameandVersion: OS details
  • Architecture: System architecture
  • Domain: Active Directory domain
Account Information:
  • LogonName: Domain\username
  • DisplayName: Friendly display name
  • AdminSid: Security identifier
Role Information:
  • RoleNames: Assigned security roles
  • Permissions: Effective permissions
  • SecurityScopes: Administrative scopes
Metadata:
  • CreatedDate: Account creation
  • LastModifiedDate: Last modification
  • SourceSite: Site where defined
Collection Identity:
  • Name: Collection display name
  • CollectionID: Unique identifier
  • Comment: Description or notes
Collection Configuration:
  • CollectionType: 1 (User) or 2 (Device)
  • MemberCount: Number of members
  • IsBuiltIn: Microsoft default collection
Relationship Properties:
  • LimitToCollectionID: Parent collection
  • RefreshType: Refresh schedule type
  • LastRefreshTime: Last refresh timestamp

Query Planning

Essential Properties:
  • Key properties for identification
  • Security-relevant properties
  • Relationship properties for correlation
Performance Considerations:
  • Select only needed properties
  • Use indexed properties for filtering
  • Avoid large array properties when possible
String Properties:
  • Use LIKE for pattern matching
  • Case-insensitive comparisons
  • Wildcard and substring matching
Numeric Properties:
  • Range comparisons (>, <, BETWEEN)
  • Equality and inequality tests
  • NULL checks for optional properties
Date Properties:
  • Date range filtering
  • Recent activity analysis
  • Timeline-based queries

Use Cases

Schema Understanding:
  • Identify available data fields
  • Understand data types and formats
  • Plan efficient query structures
Data Validation:
  • Verify expected properties exist
  • Understand property relationships
  • Validate data quality assumptions
Sensitive Data Identification:
  • User authentication properties
  • Network configuration data
  • Administrative role information
  • System identification details
Attack Surface Mapping:
  • Available data for reconnaissance
  • Properties useful for targeting
  • Information disclosure opportunities

Property Examples by Category

Name, ResourceID, SMSID, CollectionID