Thoughts from the EPS Windows Server Performance Team
Last year we did a quick series on WMI troubleshooting. Something that we didn’t cover is a quick method to verify the consistency of the repository. Many of you have probably done a rebuild of the repository on Windows Server 2003 or an earlier operating system by renaming the repository and allowing WINMGMT to rebuild the repository automatically. There are some inherent risks in any rebuild or recovery of the WMI Repository, regardless of the operating system – for example, if an application only updates the repository during installation and does not use .MOF files then a repository rebuild means that the WMI data for that application is lost – at least until the application is re-installed.
Beginning with Windows Vista and Windows Server 2008, there is a new switch that can be used to check the consistency of the repository – /verifyrepository. If you run WINMGMT.EXE /? at a command prompt you can see a description of this switch. The description is below:
Performs a consistency check on the WMI repository. When you add the /verifyrepository switch without the <path> argument, then the live repository currently used by WMI is verified. When you specify the path argument, you can verify any saved copy of the repository. In this case, the path argument should contain the full path to the saved repository copy. The saved repository should be a copy of the entire repository folder. For more information about errors returned by this command, see the Remarks section.
One quick note – you will need to run the command using elevated privileges, otherwise you’ll simply be presented with an error that looks like the one on the left.
There are a couple of different ways to run the command – against the live repository or against a backup copy. You can use the /backup switch to create a backup of the repository to a file. However, for the purposes of this post, I’m going to go ahead and run a consistency check against the live repository on my Windows Server 2008 machine …
In this particular instance, the WMI repository is healthy. However, if the status had been reported as Inconsistent, then we could have used one of the other new switches, /salvagerepository, to attempt to rebuild the repository. The /salvagerepository command will first run a consistency check on the repository and if inconsistencies are discovered, then the repository. The content of the inconsistent repository is merged into the rebuilt repository if it can be read. The salvage operation only uses the live repository. Any MOF files containing the #pragma autorecover preprocessor statement are restored to the registry. Once the salvage operation has completed, you should run another consistency check.
Some other useful switches introduced with Windows Vista are the /standalonehost and /sharedhost switches which can be used to isolate WMI into its own SVCHOST.EXE process and move it back into the shared SVCHOST.EXE process as needed. Also, whether you rebuild the repository using this method or stopping WMI to rename the repository and allow WINMGMT.EXE to rebuild the repository automatically, be aware that you may have to stop (or disable) some dependent services while performing the maintenance.
And that’s it for this post. Remember that the switches we discussed here are not available on any operating systems prior to Windows Vista. Until next time …
- CC Hameed
I tried verifyrepository and got the Access denied result. Would you please tell me how to run the command with higher privileges?
I am not very computer savvy, but I desperately need to install SQL 2005 because a couple of the programs I need to use require it, so please provide me with any kind of help you can, and please be as specific as possible. I'll try my best to learn.
Thank you so much.
I too get the access denied message. I've been running winmgmt /verifyrepository several times trying to restore Windows Defender, because suddenly it will not open no matter what fixes I try. After running winmgmt /verifyrepository about the 3rd time I had success, but windows defender is still dead in the water and now I get the access denied message. I'm running Vista Home premium.
several errors in event viewer on vista, new to vista. Reads "error, in source WMI, Event ID 10, Task Category none.
1. what is it
2. what do I do
One thing that isn't clear is if the /salvagerepository switch will salvage any classes that don't have the autorecover statement in their .mof file?
WMI would not stop. I stopped all services dependant on it, and used the winmgmt /standalonehost command, then I was able to restart it ok. I then put it back to a shared host, and it still restarts ok. Thanks for the switches. We'll see if this fix is permanant.