This topic contains code examples to set passwords on connected data sources using the Windows Management Instrumentation (WMI) Provider.

Note:
For clarity, the passwords are exposed in the example. We recommend that you modify the examples so that the passwords are encrypted and not exposed.

The following Visual Basic Scripting Edition (VBScript) example changes the password on an ADAM, Sun, or Netscape data source using the WMI provider. The example has the following functions:

  • The main function that sets the password on a connector space object.

  • The GetMATypeFromCSObject function gets the name of the management agent that is used to create the connector space object. The management agent performs the password operation on the object in the connected data source.

  • The FindCSObject function searches the connector space for the object with the password that is going to be set.

  • The ErrorHandler function handles any errors that occur in the script. This function contains minimal error handling. Expand this function for your purposes.

If you saved this script to a file called Setpassword.vbs, the following is the syntax for the script: setpassword.vbs SearchDomain SearchUser NewPassword.

The script requires the following arguments if this script is run from the FIM Synchronization Service server using the account that is a member of the MIISPasswordSet security group:

  • SearchDomainthe domain of the account with the password to set.

  • SearchUserthe user name of the account with the password to set.

  • NewPasswordthe new password.

An example of this script would be: setpassword.vbs fabrikam, jeffsmith, NewPasswordIf the script is run remotely, you must also supply the following arguments: setpassword.vbs SearchDomain SearchUser NewPassword MIIS_AccountName MIIS_Password MIIS_MachineName

  • MIIS_AccountName the name of the account that is a member of the MIISPasswordSet security group.

  • MIIS_Password the password of the account that is a member of the MIISPasswordSet security group.

  • MIIS_MachineName the name of the FIM Synchronization Service server.

An example of this script would be: setpassword.vbs fabrikam, jeffsmith, NewPassword, loripenor, MIISAdminPassword, MIISServer

Visual Basic Script  Copy Code
Option Explicit
On Error resume next

Dim MIIS_AccountName
Dim MIIS_Password
Dim MIIS_MachineName
Dim SearchDomain
Dim SearchUser
Dim NewPassword
Dim Service
Dim objLocator 
Dim WMIQuery
Dim CsObjects
Dim CSObject
Dim CSObjectMVGUID
Dim RelatedCSObjects
Dim RelatedCSObject
Dim MVQuery
Dim LenMV
Dim MAQuery
Dim MAObjects
Dim MAObject
Dim Status

Const MIIS_WMI_Namespace		= "root\MicrosoftIdentityIntegrationServer"
Const PktPrivacy				= 6
Const wbemAuthenticationLevelPkt= 6
Const impersonate			 = 3

' Check for the correct number of options
If WScript.Arguments.Count <> 3 and WScript.Arguments.Count <> 6 Then
	WScript.Echo "Missing Arguments"
	WScript.Quit(1)
End If

' Load the arguments into variables
SearchDomain = WScript.Arguments.Item(0)
SearchUser = WScript.Arguments.Item(1)
NewPassword = WScript.Arguments.Item(2)

If WScript.Arguments.Count = 6 then
	MIIS_AccountName = WScript.Arguments.Item(3)
	MIIS_Password = WScript.Arguments.Item(4)
	MIIS_MachineName = WScript.Arguments.Item(5)
End If

' Get service, based on account information
If MIIS_AccountName = "" then
   Set Service = GetObject("WinMgmts:{impersonationLevel=impersonate,authenticationLevel=PktPrivacy}!" & MIIS_WMI_Namespace)
Else
   Set objLocator = CreateObject("WbemScripting.SWbemLocator")
   objLocator.Security_.ImpersonationLevel = impersonate
   objLocator.Security_.AuthenticationLevel = wbemAuthenticationLevelPkt
   Set Service = objLocator.ConnectServer(MIIS_MachineName , MIIS_WMI_Namespace)',  MIIS_AccountName, MIIS_Password)
End if
If Err.Number <> 0 Then ErrorHandler("ERROR: " & Err.Description)

' Find the CS Objects for the specified SearchDomain and SearchUser
FindCSObject

If CsObjects.Count = 0 Then 
	ErrorHandler("Unable to locate " & SearchDomain & "\" & SearchUser & ".")
End If

If IsNull(CSObject.MvGuid) Then 
	ErrorHandler("The connector space object is a disconnector. The password was not set.")
End If

Wscript.Echo ""
Wscript.Echo "Located CS Object for " & SearchDomain & "\" & SearchUser & "."
Wscript.Echo "Locating related connectors..."

' Find the connectors for the MV Object
MVQuery = "Select * from MIIS_CSObject where mvguid='" & CSObject.MVGUID & "'"
Set RelatedCSObjects = Service.ExecQuery(MVQuery)

If RelatedCSObjects.Count = 0 Then
	ErrorHandler("No related CS objects found for " & SearchDomain & "\" & SearchUser & ".")
End If

Wscript.Echo "Located " & RelatedCSObjects.Count & " connectors for MV Object."
Wscript.Echo "Locating MA(s) for connected CS object(s)..."
Wscript.Echo ""

' Get the MA objects and update the password
For Each RelatedCSObject in RelatedCSObjects
	If (LCase(RelatedCSObject.ObjectType) <> "inetorgperson") and (LCase(RelatedCSObject.ObjectType) <> "user") then
		Wscript.Echo "Wrong object type detected, Skipping " & RelatedCSObject.MaName & "'s CS object: " & LCase(RelatedCSObject.ObjectType)
		Wscript.Echo "DN	 : " & RelatedCSObject.Dn
	Else
		' get the MA Objects for the specified SearchDomain and SearchUser
		GetMATypeFromCSObject

		If IsNull(MAObject) Then
			Wscript.Echo "Unable to retrieve the MA " & RelatedCSObject.MaName & "'s for CS Object:"
			Wscript.Echo "DN	 : " & RelatedCSObject.Dn
			Wscript.Echo "MA Type: Unknown"
		Else

			If MAObject.Type <> "Active Directory Application Mode (ADAM)" and MAObject.Type <> "Sun and Netscape directory servers" Then
				Wscript.Echo "Wrong MA type detected, Skipping " & RelatedCSObject.MaName & "'s CS Object:"
				Wscript.Echo "DN	 : " & RelatedCSObject.Dn
				Wscript.Echo "MA Type: " & MAObject.Type
			Else
				Wscript.Echo "Updating password for " & RelatedCSObject.MaName & "'s CS Object:"
				Wscript.Echo "DN	 : " & RelatedCSObject.Dn
				Wscript.Echo "MA Type: " & MAObject.Type
				Status = RelatedCSObject.SetPassword(newPassword)

				If Status = "success" then
					Wscript.Echo "Result : Successful."
				Else
					Wscript.Echo "Result : Failed."
					Wscript.Echo "Status : " & Status
				End If
			End If
		End If
	End If
	Wscript.Echo ""
Next

' Get the MA Objects for the specified SearchDomain and SearchUser
Function GetMATypeFromCSObject()
	MAQuery = "Select * from MIIS_ManagementAgent where guid='" + RelatedCSObject.MaGuid + "'" 
	Set MAObjects = Service.ExecQuery(MAQuery)

	'Move to the first object in the MAObjects Collection and Exit
	For Each MAObject in MAObjects
		Exit for
	Next
End Function

' Find the CS Objects for the specified SearchDomain and SearchUser
Function FindCSObject()
	WMIQuery = "Select * from MIIS_CSObject where " + _
				"(Domain='" + searchDomain + "' and Account='" + searchUser + "') or " + _
				"(FullyQualifiedDomain='" + searchDomain + "' and Account='" + searchUser + "') or " + _
				"(Domain='" + searchDomain + "' and UserPrincipalName='" + searchUser + "') or " + _
				"(FullyQualifiedDomain='" + searchDomain + "' and UserPrincipalName='" + searchUser + "')"
	Set CsObjects = Service.ExecQuery(WMIQuery)

	'Move to the first object in the CsObjects Collection and Exit
	For Each CsObject in CsObjects
		Exit for
	Next
End Function

Sub ErrorHandler (ErrorMessage)
	WScript.Echo ErrorMessage
	WScript.Quit(1)
End Sub

The following C# example changes the password on an ADAM, Sun, or Netscape data source using System.Management namespace to invoke the WMI provider. The example has to be run by an account that is a member of the MIISPasswordSet security group.

The example has the following functions:

  • The main function is the start of the program. This function passes the domain name, the user name, and the new password of the accountwhich has the password to be setto the next function.

  • The SetNewPassword function sets the password of the account specified in the previous function.

  • The FindCSObject function searches the connector space for the object with the password to set. If the connector space exists, the function returns a ManagementObject object.

  • The GetMATypeFromCSObject function returns the type of management agent used to create the object with the password to set. Some connected data sources allow setting passwords on objects. The function is used to set passwords on objects from data sources that allow setting passwords.

  • The GetManagementObjectCount function explicitly enumerates the ManagmentObjectCollection object after the count property is read.

C#  Copy Code
using System;
using System.Management;

namespace MIISSamples
{

  public class SetPasswordExample
  {

	// These constants assume that this application is on the same server
	// as <tla rid="fim_sync_short"/>. If this program is run from a separate computer, change
	// the following constants.  
	const string MIIS_AccountName  = null; // MIISPasswordSet Group member
	const string MIIS_Password	 = null; // Password for above member
	const string MIIS_MachineName  = null; // <tla rid="fim_sync_short"/> Server name

	// WMI namespace path for the <tla rid="fim_sync_short"/> server.
	const string MIIS_WMI_Namespace = @"root\MicrosoftIdentityIntegrationServer";

	static void Main( 
					string searchDomain, 
					string searchUser, 
					string newPassword
					)
	{ 
	ManagementScope WMInamespace;

	// Create the WMI management scope object to connect to the
	// <tla rid="fim_sync_short"/> server. If the password for the MIISPasswordSet group
	// member is null, then <tla rid="fim_sync_short"/> is installed on the local computer.
	// Enable the PacketPrivacy Connection Option to ensure that all
	// communication is encrypted.
	if ( MIIS_Password != null )
	{
		ConnectionOptions connOpt = new ConnectionOptions();
		connOpt.Username = MIIS_AccountName;
		connOpt.Password = MIIS_Password;
		connOpt.Authentication = AuthenticationLevel.PacketPrivacy;
		WMInamespace = new ManagementScope(
											String.Format(@"\\{0}\{1}",
											MIIS_MachineName,
											MIIS_WMI_Namespace),
											connOpt
										 );
}
		
	else
	{
		ConnectionOptions connOpt = new ConnectionOptions();
		connOpt.Authentication = AuthenticationLevel.PacketPrivacy;
		WMInamespace = new ManagementScope(MIIS_WMI_Namespace,connOpt);
}

	try
	{
		// Locate the CSobject corresponding to the domain and name using 
		// an internal function. Display an error message if the object
		// does not exist.
		ManagementObject CSobject = FindCSObject(
												WMInamespace,
												searchDomain,
												searchUser
												 );
		if ( CSobject == null )
		{
		Console.WriteLine(
							 "Unable to find the CS object corresponding to: {0}\\{1}.",
							 searchDomain,
							 searchUser
							);
		return;
	}

		Console.WriteLine();
		Console.WriteLine(
						 "Located CS Object for {0}\\{1}.",
							searchDomain,
							searchUser
						);

		// If the CSobject is a disconnector object, then the
		// program cannot change the password.
		if( CSobject["mvGuid"] == null )
		{
		Console.WriteLine( "The connector space object is a disconnector." );
		Console.WriteLine( "The password was not set.");
		return;
	}

		// Locate all the other CSobjects connected to that MVobject.
		Console.WriteLine("Locating related connectors.");
		string CSobjGUID = CSobject["mvGuid"].ToString();
		string queryString = String.Format( 
											"Select * from MIIS_CSObject where mvGuid ='{0}'",
											 CSobjGUID													 
										 );
		ObjectQuery MVQuery = new ObjectQuery( queryString);
		ManagementObjectSearcher MVSearcher = new ManagementObjectSearcher(WMInamespace,MVQuery);
		ManagementObjectCollection relatedCSObjects = MVSearcher.Get();
		int relCount = GetManagementObjectCount(relatedCSObjects);
		Console.WriteLine("Found {0} connectors for MV Object.", relCount);

		// Enumerate through each CSObject in the collection.
		Console.WriteLine("Locating MA(s) for connected CS object(s)...");

		foreach (ManagementObject Connector in relatedCSObjects )
		{
		string Dn		 = Connector["Dn"].ToString();
		string MaName	 = Connector["MaName"].ToString();
		string ObjectType = Connector["ObjectType"].ToString().ToLower();
		string MaType;
		Console.WriteLine();

		// Look for CSobjects of type 'inetorgperson' or 'user'.
		if ( !(ObjectType.Equals("inetorgperson") || ObjectType.Equals("user")) )
		{
			Console.WriteLine(
							 "Wrong object type detected, Skipping {0}'s CS object:",
								MaName
							);
			Console.WriteLine("DN	 : {0}.",Dn);
			continue;
	}

		// In this example, we only want to change passwords
		// for ADAM, Sun, or Netscape connected directories.

		MaType = GetMATypeFromCSObject(WMInamespace,Connector);
		if( !(MaType.Equals("Active Directory Application Mode (ADAM)") ||
		MaType.Equals("Sun and Netscape directory servers")) )
		{
			Console.WriteLine("Wrong MA type detected, Skipping {0}'s CS object:",MaName);
			Console.WriteLine("DN	 : {0}.",Dn);
			Console.WriteLine("MA Type: {0}.",MaType);
			continue;
	}				
		// Set the password.

		Console.WriteLine("Updating password for {0}'s CS object:", MaName);
		Console.WriteLine("DN	 : {0}.",Dn);
		Console.WriteLine("MA Type: {0}.",MaType);

		string status = (string)Connector.InvokeMethod(
														"SetPassword", 
														 new string[] { newPassword } 
														 );
		 if ( status.Equals("success") )
		 {
			 Console.WriteLine("Result : Successful.");
		 }
		 else
		 {
			 Console.WriteLine("Result : Failed.");
			 Console.WriteLine("Status : {0}",status);
		 }
	}
}
		
	catch(ManagementException mgmtExp)
	{
		Console.WriteLine("System.Management Error: {0}.",mgmtExp.Message);
}
}
	
	// This internal function returns a ManagementObject object that 
	// represents the CSObject with the specified domain and username.
	static ManagementObject FindCSObject(
										ManagementScope WMInamespace,
										string searchDomain,
										string searchUser
										 )
	{
		ManagementObject CSObjectFound = null;

		// Build a WMI query string for our search.
		string wmiQuery = String.Format(
				"Select * from MIIS_CSObject where (Domain='{0}' and Account='{1}') or " +
				"(FullyQualifiedDomain='{0}' and Account='{1}') or (Domain='{0}' " +
				"and UserPrincipalName='{1}') or (FullyQualifiedDomain='{0}' and UserPrincipalName='{1}')",
				searchDomain,
				searchUser
				);

			// Run the WMI query.
			ObjectQuery query = new ObjectQuery(wmiQuery);
			wmiQuery = null;
			ManagementObjectSearcher CSsearcher = new ManagementObjectSearcher(WMInamespace,query);
			ManagementObjectCollection CSobjects = CSsearcher.Get();

			// The search returned an enumeration, but we only expect to get back a single
			// object. Return the first object from the enumeration.
			try
			{
			ManagementObjectCollection.ManagementObjectEnumerator Enum = CSobjects.GetEnumerator();
			Enum.MoveNext();
			CSObjectFound = (ManagementObject)Enum.Current;
			Enum.Dispose();
		}
		
			catch
			{
				// Handle exceptions for the enumeration here.
		}

			return CSObjectFound;
	}

		// Returns the type of the MA that is associated with the specified CSobject.
		static string GetMATypeFromCSObject( 
											 ManagementScope WMInamespace,
											 ManagementObject CSObject
										 )
		{
			string MAGuid = CSObject["maGuid"].ToString();
			string queryString = String.Format( "Select * from MIIS_ManagementAgent where guid = '{0}'",
												MAGuid
											);
		
			ObjectQuery MAQuery = new ObjectQuery( queryString );
			ManagementObjectSearcher MASearcher = new ManagementObjectSearcher(WMInamespace,MAQuery);
			ManagementObjectCollection MAObjects = MASearcher.Get();
			ManagementObjectCollection.ManagementObjectEnumerator Enum = MAObjects.GetEnumerator();
			Enum.MoveNext();
			ManagementObject MAObject = ( ManagementObject)Enum.Current;
			Enum.Dispose();
			return MAObject["Type"].ToString();
	}

		//
		// This helper routine 
		// explicitly enumerates the ManagementObjectCollection object 
		// after the count property is read.
		//
		static int GetManagementObjectCount(ManagementObjectCollection Obj)
		{
			ManagementObjectCollection.ManagementObjectEnumerator Enumerator = Obj.GetEnumerator();
			int count = 0;
			while ( Enumerator.MoveNext() )
				count++;
			return count;
	}
}
}

The following Visual Basic .NET example changes the password on an ADAM, Sun, or Netscape data source using System.Management namespace to invoke the WMI provider. The example has to be run by an account that is a member of the MIISPasswordSet security group.

The example has the following functions:

  • The main function is the start of the program. This function passes the domain name, the user name, and the new password of the accountwith the password to be setto the next function.

  • The SetNewPassword function sets the password of the account specified in the previous function.

  • The FindCSObject function searches the connector space for the object with the password that is going to be set. If the connector space exists, the function returns a ManagementObject object.

  • The GetMATypeFromCSObject function returns the type of management agent used to create the object with the password to set. Some connected data sources allow setting passwords on objects. The function is used to set passwords on objects from data sources that allow setting passwords.

  • The GetManagementObjectCount function explicitly enumerates a ManagmentObjectCollection object after the count property is read.

Visual Basic  Copy Code
Option Explicit On 

Imports System

Imports System.Management

Public Class SetPasswordExample

	' These constants assume that this application is on the same server
	' as <tla rid="fim_sync_short"/>. If this program is run from a separate computer, change
	' the following constants.  

	' MIISPasswordSet Group member
	Private Const MIIS_AccountName As String = Nothing

	' Password for above account
	Private Const MIIS_Password As String = Nothing

	' <tla rid="fim_sync_short"/> Server name
	Private Const MIIS_MachineName As String = Nothing

	' WMI namespace path for the <tla rid="fim_sync_short"/> server.
	Private Const MIIS_WMI_Namespace As String = "root\MicrosoftIdentityIntegrationServer"


	Shared Sub Main()

		' Pass the domain name, user name, and new password to the method
		' that will change the password.
		SetNewPassword("MIISServer", "PCUser2", "ABC!1234")

	End Sub

	' This method sets the password.
	Private Shared Sub SetNewPassword(ByVal searchDomain As String, _
									ByVal searchUser As String, _
									ByVal newPassword As String)

		Dim WMInamespace As ManagementScope

		' Create the WMI management scope object to connect to the
		' <tla rid="fim_sync_short"/> server. If the password for the MIISPasswordSet group
		' member is null, then <tla rid="fim_sync_short"/> is installed on the local computer.
		' Enable the PacketPrivacy Connection Option to ensure all
		' communication is encrypted.
		If Not (MIIS_Password Is Nothing) Then

			Dim connOpt As New ConnectionOptions

			connOpt.Username = MIIS_AccountName

			connOpt.Password = MIIS_Password

			connOpt.Authentication = AuthenticationLevel.PacketPrivacy

			WMInamespace = New ManagementScope(String.Format("\\{0}\{1}", _
															MIIS_MachineName, _
															MIIS_WMI_Namespace), connOpt)

		Else

			Dim connOpt As New ConnectionOptions

			connOpt.Authentication = AuthenticationLevel.PacketPrivacy

			WMInamespace = New ManagementScope(MIIS_WMI_Namespace, connOpt)

		End If

		Try
			' Locate the CSobject corresponding to the domain and name using 
			' an internal function. Display an error message if the object
			' does not exist.
			Dim CSobject As ManagementObject = FindCSObject(WMInamespace, searchDomain, searchUser)

			If CSobject Is Nothing Then

				Console.WriteLine("Unable to find the CS object corresponding to: {0}\{1}.", _
								 searchDomain, searchUser)

				Return
			End If

			Console.WriteLine()

			Console.WriteLine("Located CS Object for {0}\{1}.", searchDomain, searchUser)

			' If the CSobject is a disconnector object, then the
			' program cannot change the password.
			If CSobject("mvGuid") Is Nothing Then

				Console.WriteLine("The connector space object is a disconnector.")

				Console.WriteLine("The password was not set.")

				Return

			End If

			' Locate all the other CSobjects connected to that MVobject.
			Console.WriteLine("Locating related connectors.")

			Dim CSobjGUID As String = CSobject("mvGuid").ToString()

			Dim queryString As String = String.Format("Select * from MIIS_CSObject where mvGuid ='{0}'", _
													 CSobjGUID)

			Dim MVQuery As New ObjectQuery(queryString)

			Dim MVSearcher As New ManagementObjectSearcher(WMInamespace, MVQuery)

			Dim relatedCSObjects As ManagementObjectCollection = MVSearcher.Get()

			Dim relCount As Integer = GetManagementObjectCount(relatedCSObjects)

			Console.WriteLine("Found {0} connectors for MV Object.", relCount)

			' Enumerate through each CSObject in the collection.
			Console.WriteLine("Locating MA(s) for connected CS object(s)...")

			Dim Connector As ManagementObject

			For Each Connector In relatedCSObjects

				Dim Dn As String = Connector("Dn").ToString()

				Dim MaName As String = Connector("MaName").ToString()

				Dim ObjectType As String = Connector("ObjectType").ToString().ToLower()

				Dim MaType As String

				Console.WriteLine()

				' Look for CSobjects of type 'inetorgperson' or 'user'.
				If Not (ObjectType.Equals("inetorgperson") OrElse ObjectType.Equals("user")) Then

					Console.WriteLine("Wrong object type detected, Skipping {0}'s CS object:", MaName)

					Console.WriteLine("DN	 : {0}.", Dn)

					GoTo ContinueForEach1

				End If

				' In this example, we only want to change passwords
				' for ADAM or Sun and Netscape connected directories.
				MaType = GetMATypeFromCSObject(WMInamespace, Connector)

				If Not (MaType.Equals("Active Directory Application Mode (ADAM)") OrElse _
						MaType.Equals("Sun and Netscape directory servers")) Then

					Console.WriteLine("Wrong MA type detected, Skipping {0}'s CS object:", MaName)

					Console.WriteLine("DN	 : {0}.", Dn)

					Console.WriteLine("MA Type: {0}.", MaType)

					GoTo ContinueForEach1

				End If

				' Set the password.
				Console.WriteLine("Updating password for {0}'s CS object:", MaName)

				Console.WriteLine("DN	 : {0}.", Dn)

				Console.WriteLine("MA Type: {0}.", MaType)

				Dim status As String = CStr(Connector.InvokeMethod("SetPassword", _
											New String() {newPassword}))

				If status.Equals("success") Then

					Console.WriteLine("Result : Successful.")

				Else

					Console.WriteLine("Result : Failed.")

					Console.WriteLine("Status : {0}", status)

				End If

ContinueForEach1:
			Next Connector

		Catch mgmtExp As ManagementException

			Console.WriteLine("System.Management Error: {0}.", mgmtExp.Message)

		End Try

	End Sub

	' This internal function returns a ManagementObject object that 
	' represents the CSObject with the specified domain and username.
	Shared Function FindCSObject(ByVal WMInamespace As ManagementScope, _
								 ByVal searchDomain As String, _
								 ByVal searchUser As String) As ManagementObject

		Dim CSObjectFound As ManagementObject = Nothing

		' Build a WMI query string for our search.
		Dim wmiQuery As String = String.Format("Select * from MIIS_CSObject where (Domain='{0}' and Account='{1}') or " + "(FullyQualifiedDomain='{0}' and Account='{1}') or (Domain='{0}' " + "and UserPrincipalName='{1}') or (FullyQualifiedDomain='{0}' and UserPrincipalName='{1}')", searchDomain, searchUser)

		' Run the WMI query.
		Dim query As New ObjectQuery(wmiQuery)

		wmiQuery = Nothing

		Dim CSsearcher As New ManagementObjectSearcher(WMInamespace, query)

		Dim CSobjects As ManagementObjectCollection = CSsearcher.Get()

		' The search returned an enumeration, but we only expect to get back a single
		' object. Return the first object from the enumeration.
		Try

			Dim enumObject As ManagementObjectCollection.ManagementObjectEnumerator = CSobjects.GetEnumerator()

			enumObject.MoveNext()

			CSObjectFound = CType(enumObject.Current, ManagementObject)

			enumObject.Dispose()

		Catch

		' Handle exceptions for the enumeration block here.

		End Try

		Return CSObjectFound

	End Function 'FindCSObject

	' Returns the type of the MA associated with the specified CSobject.
	Shared Function GetMATypeFromCSObject(ByVal WMInamespace As ManagementScope, _
										ByVal CSObject As ManagementObject) As String

		Dim MAGuid As String = CSObject("maGuid").ToString()

		Dim queryString As String

		queryString = String.Format("Select * from MIIS_ManagementAgent where guid = '{0}'", MAGuid)

		Dim MAQuery As New ObjectQuery(queryString)

		Dim MASearcher As New ManagementObjectSearcher(WMInamespace, MAQuery)

		Dim MAObjects As ManagementObjectCollection = MASearcher.Get()

		Dim objectEnum As ManagementObjectCollection.ManagementObjectEnumerator = MAObjects.GetEnumerator()

		objectEnum.MoveNext()

		Dim MAObject As ManagementObject = CType(objectEnum.Current, ManagementObject)

		objectEnum.Dispose()

		Return MAObject("Type").ToString()

	End Function

	'
	' This helper routine works explicitly enumerates the ManagementObjectCollection after the Count property has been read.  
	'
	Shared Function GetManagementObjectCount(ByVal Obj As ManagementObjectCollection) As Integer

		Dim Enumerator As ManagementObjectCollection.ManagementObjectEnumerator = Obj.GetEnumerator()

		Dim count As Integer = 0

		While Enumerator.MoveNext()

			count += 1

		End While

		Return count

	End Function

End Class
[an error occurred while processing this directive]