How To Get PC Domain Information

[bgruett]

Hello all.

I've been writing a script which will be run on all PCs in several different AD domains and will reset their local administrative passwords to a single, consistent password across the board.

All in all it's working as intended, with one problem: because I'm running the same script across multiple domains, the domain admin credentials I will be using for each domain will be different.

Initially I thought that by checking the values of the @LogonDNSDomain or @LogonDomain macros I'd be able to call a specific set of credentials via If/Then. However, I learned quickly that these macros only return the user domain membership, not the PC domain membership.

What I need to know is whether or not AutoIT can detect the PC's domain membership, and if so, how? All I really need to do is dump the value into a string variable for comparison against several known domain names, thereby directing the script to use one set or another based on the value.

Anyone know how to do this? I can't find anything in the AutoIT macro reference that looks right, and I haven't found anything online either, but I'm sure it's a common requirement of AD scripting.

Thanks!

-Bob

[MerkurAlex]

I think you should be able to figure out how to use this for what you want.

Local $colItems, $objWMIService, $objItem

$objWMIService = ObjGet("winmgmts:\\" & @ComputerName & "\root\CIMV2")
$colItems = $objWMIService.ExecQuery("SELECT * FROM Win32_ComputerSystem", "WQL", 0x10 + 0x20)

If IsObj($colItems) Then
    For $objItem In $colItems
        consolewrite($objItem.Domain&@CRLF)
    Next

EndIf

[bgruett]

I think you should be able to figure out how to use this for what you want.

Local $colItems, $objWMIService, $objItem

$objWMIService = ObjGet("winmgmts:\\" & @ComputerName & "\root\CIMV2")
$colItems = $objWMIService.ExecQuery("SELECT * FROM Win32_ComputerSystem", "WQL", 0x10 + 0x20)

If IsObj($colItems) Then
    For $objItem In $colItems
        consolewrite($objItem.Domain&@CRLF)
    Next

EndIf

Thanks. I'm looking at it (and will continue to do so) but to be honest I have no idea what this script is doing. I get the ObjGet piece (although the arguments are unfamiliar to me so I'm lost already), but even after that I don't see how this puts the domain name into any format that I can then look to as a variable.

Sorry to be such a pain (I'm still not too familiar with AutoIT and I have a hard time reverse engineering code), but could you step me through what this script is doing, line by line?

Thanks,

Bob

[bgruett]

Ah - Nevermind. I figured it out.

Without worrying too much about what's going on under the hood, so to speak, I see that the value I'm looking for gets dropped into $objItem.Domain, which I should be able to compare as a regular variable.

One last question, just because I'm paranoid about running any script against 700+ PCs without fully understanding all aspects of it (this being a subroutine of the larger script): are there any concerns you would have running this against a production workstations-class system (that is, not a server)? In other words, is there anything your routine might do that could be hazardous to a system in any way?

Looking at this I highly doubt it, but since you're the author I wanted to check with you just in case.

In any case, thanks a LOT for putting this together. I really appreciate it!

-Bob

[MerkurAlex]

Ah - Nevermind. I figured it out.

Without worrying too much about what's going on under the hood, so to speak, I see that the value I'm looking for gets dropped into $objItem.Domain, which I should be able to compare as a regular variable.

One last question, just because I'm paranoid about running any script against 700+ PCs without fully understanding all aspects of it (this being a subroutine of the larger script): are there any concerns you would have running this against a production workstations-class system (that is, not a server)? In other words, is there anything your routine might do that could be hazardous to a system in any way?

Looking at this I highly doubt it, but since you're the author I wanted to check with you just in case.

In any case, thanks a LOT for putting this together. I really appreciate it!

-Bob

Nah I don't see how requesting a WMI object and grabbing a variable from it could cause any harm to any computer at all as we are not modifying anything I would think its safe to use.

No problem at all glad it works.