PhyrePhoX

hm, i also stumbled about a similar problem: in our office we use cardreaders and cards with our pgp keys on them. in order to encrypt/decrypt mails, we have to put our ID cards into the cardreader. when it's time to go home or go out for lunch we often forget to take back the ID cards - thus we cannot enter the building anymore because we need them to open the door so i thought i'd write a script that activates the systemspeaker with a loud beep - whenever you either lock your workstation and leave the card in the reader or shutdown and leave the card in the reader. now here's the problem: there is no commandline tool or program to figure out the state of the cardreader - or is there? otherwise i'd have to write a script that reads the color of the icon of "cardreader application" in the systray (yellow for "card in" and grey for "not present"). i hope you can follow me same problem as the threadcreator. thanks in advance

;- This function returns the user who is logged in on a remote machine, provided you know the proper admin credentials of the remote machine. ; This assumes you either have ONE domain or local accounts (can be changed easily). ; In our environment we (the admins) only have LOCAL adminrights, our useraccounts are no domainadminaccounts. ; you can rewrite this script so that you can use domainadminaccounts whatever. ; one problem remains: execution of the script does take a while (as in a few seconds). tested on win2k and winxp (both local and remote) ; no extratools needed, tasklist is already preinstalled in windows ; p.s: i know this code is ugly as hell, but it works ;) #include <String.au3> Func _GetUserName($hostname,$admaccount,$adminpw,$domain) Local $process = Run("tasklist /v /fo list /fi ""IMAGENAME eq explorer.exe"" " & "/s "& $hostname & " /u " & $hostname & "\" & $admaccount & " /p " & $adminpw, "", @SW_HIDE, 2) Local $_buffer = '' Local $Result Local $exploreruser Do $_buffer &= StdoutRead($process) Until @error If StringReplace($_buffer, 'explorer.exe', '') <> $_buffer Then If StringReplace($_buffer, $domain & '\', '') <> $_buffer Then ;Show Domainuser $exploreruser = _StringBetween($_buffer,$domain & "\",@CRLF) Return $exploreruser[0]& " (Domain account!)" Else ;No domainuser, show local logged in account $exploreruser = _StringBetween($_buffer,$hostname&"\",@CRLF) Return $exploreruser[0] & " (Local account!)" EndIf Else Return "no user logged in locally (or no windows OS :D)" EndIf EndFunc ;Example usage ;~ $hostname = "machine1" ;~ $admaccount = "administrator" ;~ $adminpw = "foo" ;~ $domain = "domain" ;~ MsgBox(1,"Currently logged in user on " & $hostname & " is:",_GetUserName($hostname,$admaccount,$adminpw,$domain)) though it is ugly and i still have to parse cmd, it suits my needs. this script is working, take it

thanks for the reply, but how do i "impersonate" another account? the situation is as follows: on my workstation i am logged in as a regular domain user with no special privileges. in order to read out the process list of the "target pc" i have to use the (on the target pc) local administrator account. how do i set these credentials? many thanks in advance!

found a way to run the script - i just have to mount the administrative share of the remote computer in order to have the right to execute the "get values from registry" program. so the only problem remaining is to find out if (&who) a local user is logged on. $strComputer = "Machine" $adminpw = "Password" DriveMapAdd("", "\\" & $strComputer & "\c$", 0, $text & "\administrator" & $adminpw) Const $HKEY_LOCAL_MACHINE = 0x80000002 Dim $strKeyPath, $strValueName, $strValue $objRegistry=ObjGet("winmgmts:\\" & $strComputer & "\root\default:StdRegProv") $strKeyPath = "SOFTWARE\Microsoft\Windows NT\CurrentVersion\WinLogon" $strValueName = "DefaultUserName" $objRegistry.GetStringValue ($HKEY_LOCAL_MACHINE, $strKeyPath, $strValueName, $strValue) MsgBox(1,"",$strValue &@CR) $strValueName = "DefaultDomainName" $objRegistry.GetStringValue ($HKEY_LOCAL_MACHINE, $strKeyPath, $strValueName, $strValue) MsgBox(1,"",$strValue &@CR) hm, i managed to write autotit instead of autoit twice in this post, only realized that because i remembered to delete our adminpw and thus searched the code again. hm, seems i'm a freak 2nd Edit: haha, i had my source wrong, it still doesnt work on remote pcs

well, that could be a solution, if there was an easy way of actually running these commands on remote machines. therein lies the whole problem.

oh, i didnt know something like this exists, thanks. well, these commands only return the local user, not the one logged in on the remote machine (if i understood this correctly)

exactly like that. muchas gracias!

hm, can't edit my post anymore. ptrex, seems your script only is of use in case it is run by a domainadmin (or an account which is admin on both the local and the remote machine). since in our environment the admin accounts are local only i need a way of telling your script to run as another user, including password etc. do you think this is possible?

Wow people, you're fast! Posted this before lunch and now i already got several working solutions, thanks a bunch! Yes, i want to avoid using external tools, external as in "not preinstalled in XP". but your approach is much better, thanks, already tested it (although it throws an error when there is a local user logged in on the remote pc - the registry values are not filled then - there must be preinstalled tool that covers that too?). Since you guys solved my problem so easily, you maybe also have some ideas regarding another problem: In order to resolve the account into a full name (surname and given name) and department, a colleague of mine wrote a vb script which i also could not convert into actual autoit code. instead i take the vbscript code, alter it (the variables), write it to a file and dosrun the script via cscript and parse the output - everytime i need the builtin function. Set wshnetwork = CreateObject("WScript.Network") DomainName = "DOMAIN" UserName = "USERNAME" Set user = GetObject("WinNT://" & DomainName & "/" & username & ",user") wscript.echo "FullName: " & user.FullName wscript.echo "Description: " & user.Description i know this is extremely dumb, and only adds up to my 400 lines of spaghetti code - but it works. there's gotta be some other way though, aint it? thanks in advance, PhoX

Hello folks, atm i am writing a script to help administrating pc in my office. though i found out a lot of stuff myself, there still is one function i dont know how to turn into code: Finding out who (domain\account) is currently logged in on a remote machine. Sometimes we need this feature to find out who is using a machine without physically going there and taking a look. i HAVE a way of finding out, but it is VERY ugly & slow. Right now i doscall "tasklist /v /s Computername /u Computername/Adminaccount /p PASSWORD" The output takes a while to produce, i then look for the "explorer.exe" task and parse it's user - thats the username of the currently logged in user. there has GOT to be a better and quicker way? normally i manage to find a lot of stuff on google, but seems all the search strings & combinations i used led me to "wrong forum topics" and stuff. hope my question comes across the right way. regards, PhoX