Search code examples
wmindisoid

Using wmi to trigger query OIDs in NDIS driver


I would like to make wmi query in cs to trigger NDIS OIDs.

For example, to check hardware status (OID_GEN_HARDWARE_STATUS) I can use ManagementObjectSearcher("root\\WMI", "SELECT * FROM MSNDIS_HardwareStatus")

I need to make some other requests, but I cannot find any way to find wmi class name for given OID (let's say it's OID_802_3_RCV_OVERRUN, there is no any obvious relation like OID_GEN_HARDWARE_STATUS -> MSNDIS_HardwareStatus for it, at least I have not found one).

How do I find relations between wmi class name and NDIS OIDs? Is there any documentation for it?


Solution

  • The specific example you cite, OID_802_3_RCV_OVERRUN, does not have a corresponding WMI class. Here's one way to prove that, if you're comfortable using a kernel debugger.

    1. Run the kernel debugger command !ndiskd.miniport -wmi <someHandle>
    2. Search the text output for "OID_802_3_RCV_OVERRUN"
    3. There's no matches, so the miniport does not expose that OID to WMI

    If you'd rather not use a kernel debugger, or if you just want to see a few more examples, here's an article I wrote on how to inspect the relationship between WMI classes and OIDs.