Sign in to follow this  
Followers 0
RogFleming

Active Directory OU Administration

5 posts in this topic

I been working on a Ad tool which I could use as a bases for future script to target specific OU, Computers or the complete Directory. It also had to be fast and functional. I needed to read computer object properties, I need to scan thousands of computer on our network, looking for specific issue on workstations. So so far this is what i have come up with. Many of you might find this help or worthless. Check it out, be mindful to change the Ou names or Direcotry informatiojn for your own environments.

This is the Main OU Administrative Gui

#Region ;**** Directives created by AutoIt3Wrapper_GUI ****
#AutoIt3Wrapper_outfile=OUAdminWorkstation_r22.exe
#EndRegion ;**** Directives created by AutoIt3Wrapper_GUI ****
#include <Misc.au3>
#include <GUIConstants.au3>
#include <GUIConstantsEx.au3>
#Include <GuiTreeView.au3>
#include <TreeviewConstants.au3>
#include <WindowsConstants.au3>
#Include <WinAPI.au3>
#include <AD.au3>
#include <array.au3>
#include <StaticConstants.au3>
#Include <WinAPI.au3>
#Include <GuiMenu.au3>
#include "DNS.au3"
#Include <GuiScrollBars.au3>
#include <GuiStatusBar.au3>
#include <GuiButton.au3>
#include <Date.au3>
#include <GUIListBox.au3>
#Include <File.au3>
#include <GUIConstants.au3>
#include <GUIConstantsEx.au3>
#include <EditConstants.au3>
#include <WindowsConstants.au3>

Global Enum $idMcShield = 1000, $adMcVTPS=2000, $adWorkstations=3000, $idWorkstations=4000, $adMcShield=5000, $idMcVTPS=6000
Global  $iMemo, $SelectedTV, $msg, $TVtext,$TVhItem,  $tviewPI, $idReg,  $idAbout, $idWIM, $idExit, $WksTmLbl

Global $timer
;Global $vLvl1, $vLvl2, $vLvl3, $vLvl4, $SelectedValue
Main()
Func Main()
Local $mainform, $OUtasks, $WKtasks, $hHelp, $hMain
$mainform = GUICreate("OU Management Workstation", @DesktopWidth-10, @DesktopHeight-80,-1,-1)
$tviewPI = _GuiCtrlTreeView_Create($mainform,5,5,590,915, BitOR($TVS_HASBUTTONS, $TVS_HASLINES, $TVS_LINESATROOT, $TVS_DISABLEDRAGDROP, $TVS_SHOWSELALWAYS, $TVS_Checkboxes), $WS_EX_CLIENTEDGE)
$MainOU = _GUICtrlTreeView_Add($tviewPI,0,"Workstation Organizational Units")
$WksTmLbl = GUICtrlCreateLabel("Workstations Complete:",600,10,200,20)
$iMemo = GUICtrlCreateEdit("" & @CRLF, 600, 50, 665, 935,$ES_AUTOVSCROLL + $WS_VSCROLL)
GUICtrlSetFont($iMemo, 9, 400, 0, "Courier New")

    $OUtasks = _GUICtrlMenu_CreateMenu ()
    _GUICtrlMenu_InsertMenuItem ($OUtasks, 0, "&Scan for McShield", $idMcShield)
    _GUICtrlMenu_InsertMenuItem ($OUtasks, 1, "&Scan for McVTPS", $idMcVTPS)
    _GUICtrlMenu_InsertMenuItem ($OUtasks, 2, "", 0)
    _GUICtrlMenu_InsertMenuItem ($OUtasks, 3, "E&xit", $idExit)

    ; Create WKS menu
    $WKtasks = _GUICtrlMenu_CreateMenu ()
    _GUICtrlMenu_InsertMenuItem ($WKtasks, 3, "&Scan for Active Workstations", $idWorkstations)

    ; Create AD menu
    $ADtasks = _GUICtrlMenu_CreateMenu ()
    _GUICtrlMenu_InsertMenuItem ($ADtasks, 4, "&Scan for Active Workstations in AD", $adWorkstations)
    _GUICtrlMenu_InsertMenuItem ($ADtasks, 5, "&Scan for McShield in AD", $adMcShield)
    _GUICtrlMenu_InsertMenuItem ($ADtasks, 6, "&Scan for McAfee VTPS in AD", $adMcVTPS)

    ; Create Help menu
    $hHelp = _GUICtrlMenu_CreateMenu ()
    _GUICtrlMenu_InsertMenuItem ($hHelp, 7, "&About", $idAbout)

    ; Create Main menu
    $hMain = _GUICtrlMenu_CreateMenu ()
    _GUICtrlMenu_InsertMenuItem ($hMain, 0, "&Organizational Unit ", 0, $OUtasks)
    _GUICtrlMenu_InsertMenuItem ($hMain, 1, "&Workstation Tasks", 0, $WKTasks)
    _GUICtrlMenu_InsertMenuItem ($hMain, 2, "&Active Directory", 0, $ADtasks)
    _GUICtrlMenu_InsertMenuItem ($hMain, 3, "&Help", 0, $hHelp)

    ; Set window menu
    _GUICtrlMenu_SetMenu ($mainform, $hMain)
GUIRegisterMsg($WM_COMMAND, "WM_COMMAND")
$Debug_TV = False ; Check ClassName being passed to functions, set to True and use a handle to another control to see it work

_AD_Open()
$aOUs = _AD_GetAllOUs("OU=ABC Workstations,DC=ABCcorp,DC=org")
_ArraySort($aOUs)
;_ArrayDisplay($aOUs)
;Exit

;"OU=Administrative,OU=ABC Workstations,DC=ABCcorp,DC=org"
$AdminParentOU=_GUICtrlTreeView_AddChild($tviewPI, $MainOU,"Administrative OU Group")
_GUICtrlTreeView_AddChild($tviewPI,$AdminParentOU,"OU=Administrative,OU=ABC Workstations,DC=ABCcorp,DC=org")
;"OU=AMH,OU=ABC Workstations,DC=ABCcorp,DC=org"
$AMHParentOU=_GUICtrlTreeView_AddChild($tviewPI, $MainOU,"AMH OU Group")
$amhou = _ArrayFindAll($aOUs,"OU=AMH",0,0,0,1,1)
For $i = 1 To UBound($amhou,1) - 1
_GUICtrlTreeView_AddChild($tviewPI,$AMHParentOU,$aOUs[$amhou[$i]][1])
Next
;"OU=ARL,OU=ABC Workstations,DC=ABCcorp,DC=org
$ARLParentOU=_GUICtrlTreeView_AddChild($tviewPI, $MainOU,"ARL OU Group")
$arlou = _ArrayFindAll($aOUs,"OU=ARL",0,0,0,1,1)
For $i = 1 To UBound($arlou,1) - 1
_GUICtrlTreeView_AddChild($tviewPI,$ARLParentOU,$aOUs[$arlou[$i]][1])
Next
;"OU=CBO,OU=ABC Workstations,DC=ABCcorp,DC=org
$CBOParentOU=_GUICtrlTreeView_AddChild($tviewPI, $MainOU,"CBO OU Group")
$cboou = _ArrayFindAll($aOUs,"OU=CBO",0,0,0,1,1)
For $i = 1 To UBound($cboou,1) - 1
_GUICtrlTreeView_AddChild($tviewPI,$CBOParentOU,$aOUs[$cboou[$i]][1])
Next
;OU=HEB,OU=ABC Workstations,DC=ABCcorp,DC=org
$HEBParentOU=_GUICtrlTreeView_AddChild($tviewPI, $MainOU,"HEB OU Group")
$hebou = _ArrayFindAll($aOUs,"OU=HEB",0,0,0,1,1)
For $i = 1 To UBound($hebou,1) - 1
_GUICtrlTreeView_AddChild($tviewPI,$HEBParentOU,$aOUs[$hebou[$i]][1])
Next
;OU=HFW,OU=ABC Workstations,DC=ABCcorp,DC=org
$HFWParentOU=_GUICtrlTreeView_AddChild($tviewPI, $MainOU,"HFW OU Group")
$hfwou = _ArrayFindAll($aOUs,"OU=HFW",0,0,0,1,1)
For $i = 1 To UBound($hfwou,1) - 1
_GUICtrlTreeView_AddChild($tviewPI,$HFWParentOU,$aOUs[$hfwou[$i]][1])
Next
;OU=HMEC,OU=ABC Workstations,DC=ABCcorp,DC=org
$HMECParentOU=_GUICtrlTreeView_AddChild($tviewPI, $MainOU,"HMEC OU Group")
$hmecou = _ArrayFindAll($aOUs,"OU=HMEC",0,0,0,1,1)
For $i = 1 To UBound($hmecou,1) - 1
_GUICtrlTreeView_AddChild($tviewPI,$HMECParentOU,$aOUs[$hmecou[$i]][1])
Next
;OU=HNW,OU=ABC Workstations,DC=ABCcorp,DC=org
$HNWParentOU=_GUICtrlTreeView_AddChild($tviewPI, $MainOU,"HNW OU Group")
$hnwou = _ArrayFindAll($aOUs,"OU=HNW",0,0,0,1,1)
For $i = 1 To UBound($hnwou,1) - 1
_GUICtrlTreeView_AddChild($tviewPI,$HNWParentOU,$aOUs[$hnwou[$i]][1])
Next
;OU=HSW,OU=ABC Workstations,DC=ABCcorp,DC=org
$HSWParentOU=_GUICtrlTreeView_AddChild($tviewPI, $MainOU,"HSW OU Group")
$hswou = _ArrayFindAll($aOUs,"OU=HSW",0,0,0,1,1)
For $i = 1 To UBound($hswou,1) - 1
_GUICtrlTreeView_AddChild($tviewPI,$HSWParentOU,$aOUs[$hswou[$i]][1])
Next
;OU=PHA,OU=ABC Workstations,DC=ABCcorp,DC=org
$PHAParentOU=_GUICtrlTreeView_AddChild($tviewPI, $MainOU,"PHA OU Group")
$phaou = _ArrayFindAll($aOUs,"OU=PHA",0,0,0,1,1)
For $i = 1 To UBound($phaou,1) - 1
_GUICtrlTreeView_AddChild($tviewPI,$PHAParentOU,$aOUs[$phaou[$i]][1])
Next
;OU=PHD,OU=ABC Workstations,DC=ABCcorp,DC=org
$PHDParentOU=_GUICtrlTreeView_AddChild($tviewPI, $MainOU,"PHD OU Group")
$phdou = _ArrayFindAll($aOUs,"OU=PHD",0,0,0,1,1)
For $i = 1 To UBound($phdou,1) - 1
_GUICtrlTreeView_AddChild($tviewPI,$PHDParentOU,$aOUs[$phdou[$i]][1])
Next
;OU=PHK,OU=ABC Workstations,DC=ABCcorp,DC=org
$PHKParentOU=_GUICtrlTreeView_AddChild($tviewPI, $MainOU,"PHK OU Group")
$phkou = _ArrayFindAll($aOUs,"OU=PHK",0,0,0,1,1)
For $i = 1 To UBound($phkou,1) - 1
_GUICtrlTreeView_AddChild($tviewPI,$PHKParentOU,$aOUs[$phkou[$i]][1])
Next
;OU=PHP,OU=ABC Workstations,DC=ABCcorp,DC=org
$PHPParentOU=_GUICtrlTreeView_AddChild($tviewPI, $MainOU,"PHP OU Group")
$phpou = _ArrayFindAll($aOUs,"OU=PHP",0,0,0,1,1)
For $i = 1 To UBound($phpou,1) - 1
_GUICtrlTreeView_AddChild($tviewPI,$PHPParentOU,$aOUs[$phpou[$i]][1])
Next
;OU=PHW,OU=ABC Workstations,DC=ABCcorp,DC=org
$PHWParentOU=_GUICtrlTreeView_AddChild($tviewPI, $MainOU,"PHW OU Group")
$phwou = _ArrayFindAll($aOUs,"OU=PHW",0,0,0,1,1)
For $i = 1 To UBound($phwou,1) - 1
_GUICtrlTreeView_AddChild($tviewPI,$PHWParentOU,$aOUs[$phwou[$i]][1])
Next
;OU=THDN,OU=ABC Workstations,DC=ABCcorp,DC=org
$THDNParentOU=_GUICtrlTreeView_AddChild($tviewPI, $MainOU,"THDN OU Group")
$thdnou = _ArrayFindAll($aOUs,"OU=THDN",0,0,0,1,1)
For $i = 1 To UBound($thdnou,1) - 1
_GUICtrlTreeView_AddChild($tviewPI,$THDNParentOU,$aOUs[$thdnou[$i]][1])
Next
;OU=WAL,OU=ABC Workstations,DC=ABCcorp,DC=org
$WALParentOU=_GUICtrlTreeView_AddChild($tviewPI, $MainOU,"WAL OU Group")
$walou = _ArrayFindAll($aOUs,"OU=WAL",0,0,0,1,1)
For $i = 1 To UBound($walou,1) - 1
_GUICtrlTreeView_AddChild($tviewPI,$WALParentOU,$aOUs[$walou[$i]][1])
Next
;OU=WST,OU=ABC Workstations,DC=ABCcorp,DC=org
$WSTParentOU=_GUICtrlTreeView_AddChild($tviewPI, $MainOU,"WST OU Group")
$wstou = _ArrayFindAll($aOUs,"OU=WST",0,0,0,1,1)
For $i = 1 To UBound($wstou,1) - 1
_GUICtrlTreeView_AddChild($tviewPI,$WSTParentOU,$aOUs[$wstou[$i]][1])
Next
;Test OU GRoup
$TestParentOU=_GUICtrlTreeView_AddChild($tviewPI, $MainOU,"Test OU Group")
$tstou = _ArrayFindAll($aOUs,"OU=Test Workstation",0,0,0,1,1)
For $i = 1 To UBound($tstou,1) - 1
_GUICtrlTreeView_AddChild($tviewPI,$TestParentOU,$aOUs[$tstou[$i]][1])
Next
_GUICtrlTreeView_AddChild($tviewPI,$TestParentOU,"OU=Kiosk,OU=ABC Workstations,DC=ABCcorp,DC=org")
_GUICtrlTreeView_AddChild($tviewPI,$TestParentOU,"OU=Laptops,OU=ABC Workstations,DC=ABCcorp,DC=org")
_GUICtrlTreeView_AddChild($tviewPI,$TestParentOU,"OU=Lost and Found,OU=ABC Workstations,DC=ABCcorp,DC=org")
_GUICtrlTreeView_AddChild($tviewPI,$TestParentOU,"OU=Non Standard,OU=ABC Workstations,DC=ABCcorp,DC=org")
_GUICtrlTreeView_AddChild($tviewPI,$TestParentOU,"OU=NonAntivirus,OU=Non Standard,OU=ABC Workstations,DC=ABCcorp,DC=org")
_GUICtrlTreeView_AddChild($tviewPI,$TestParentOU,"OU=OPS Consoles,OU=ABC Workstations,DC=ABCcorp,DC=org")
_GUICtrlTreeView_AddChild($tviewPI,$TestParentOU,"OU=CleanUp,OU=ABC Workstations,DC=ABCcorp,DC=org")
_GUICtrlTreeView_AddChild($tviewPI,$TestParentOU,"OU=Cleanup Stage 2,OU=ABC Workstations,DC=ABCcorp,DC=org")
_GUICtrlTreeView_AddChild($tviewPI,$TestParentOU,"OU=GPO test OU,OU=ABC Workstations,DC=ABCcorp,DC=org")
_GUICtrlTreeView_AddChild($tviewPI,$TestParentOU,"OU=Groups,OU=ABC Workstations,DC=ABCcorp,DC=org")
_GUICtrlTreeView_AddChild($tviewPI,$TestParentOU,"OU=POC,OU=ABC Workstations,DC=ABCcorp,DC=org")
_GUICtrlTreeView_AddChild($tviewPI,$TestParentOU,"OU=Pre Production,OU=ABC Workstations,DC=ABCcorp,DC=org")
_GUICtrlTreeView_AddChild($tviewPI,$TestParentOU,"OU=Standard,OU=ABC Workstations,DC=ABCcorp,DC=org")
_GUICtrlTreeView_AddChild($tviewPI,$TestParentOU,"OU=Test Clinical GPO OU,OU=ABC Workstations,DC=ABCcorp,DC=org")
_GUICtrlTreeView_AddChild($tviewPI,$TestParentOU,"OU=Test GPO OU,OU=ABC Workstations,DC=ABCcorp,DC=org")

GUICtrlSetColor(-1, 0x0000C0)
GUIRegisterMsg($WM_NOTIFY, "WM_NOTIFY")

GUISetState(@SW_SHOW)
Do
    Until GUIGetMsg() = $GUI_EVENT_CLOSE
EndFunc   ;==>_Main

Func WM_NOTIFY($hWnd, $iMsg, $iwParam, $ilParam)
    ;~ ConsoleWrite('@@ (' & @ScriptLineNumber & ') :(' & @MIN & ':' & @SEC & ') WM_NOTIFY()' & @CR) ;### Function Trace
    #forceref $hWnd, $iMsg, $iwParam
    Local $hWndFrom, $iIDFrom, $iCode, $tNMHDR, $hWndTreeView, $tInfo
    $hWndTreeView = $tviewPI
    If Not IsHWnd($tviewPI) Then $hWndTreeView = GUICtrlGetHandle($tviewPI)

    $tNMHDR = DllStructCreate($tagNMHDR, $ilParam)
    $hWndFrom = HWnd(DllStructGetData($tNMHDR, "hWndFrom"))
    $iIDFrom = DllStructGetData($tNMHDR, "IDFrom")
    $iCode = DllStructGetData($tNMHDR, "Code")
    Switch $hWndFrom
        Case $hWndTreeView
            Switch $iCode

            Case $NM_ClICK

                $tInfo = DllStructCreate($tagNMITEMACTIVATE, $ilParam)
                Local $tPoint, $tTVHEx, $TVhItem, $mX, $mY
                $tPoint = _WinAPI_GetMousePos(True, $tviewPI)
                $mX = DllStructGetData($tPoint, "X")
                $mY = DllStructGetData($tPoint, "Y")
                $TVhItem = _GUICtrlTreeView_HitTestItem($tviewPI, $mX, $mY)
                _GUICtrlTreeView_SetFocused($tviewPI, $TVhItem)
                $TVtext = _GUICtrlTreeView_GetText($tviewPI,$TVhItem)
                ;Global $SelectedTV = $TVtext
                ;ToolTip("HnWd"&" : "&$TVhItem&" "&"Text found"&" : "&$TVtext,0.0)
            Case $NM_DBLCLK
                Local $TVhItem
                _GUICtrlTreeView_DeleteChildren($tviewPI,$TVhItem)
                $tInfo = DllStructCreate($tagNMITEMACTIVATE, $ilParam)
                Local $tPoint, $tTVHEx, $TVhItem, $mX, $mY
                $tPoint = _WinAPI_GetMousePos(True, $tviewPI)
                $mX = DllStructGetData($tPoint, "X")
                $mY = DllStructGetData($tPoint, "Y")
                $TVhItem = _GUICtrlTreeView_HitTestItem($tviewPI, $mX, $mY)
                _GUICtrlTreeView_SetFocused($tviewPI, $TVhItem)
                $TVtext = _GUICtrlTreeView_GetText($tviewPI,$TVhItem)

                 If _GUICtrlTreeView_GetChildCount($tviewPI,$TVhItem) =-1 Then
                    $tstoumembers = _AD_GetObjectsInOU($TVtext, "(&(objectcategory=computer)(objectclass=computer))", 2, "name"); searches the OU PCs
                    For $i = 1 To UBound($tstoumembers,1) - 1
                    _GUICtrlTreeView_AddChild($tviewPI,$TVhItem,$tstoumembers[$i])
                    Next
                EndIf
            EndSwitch
        EndSwitch
    Return $GUI_RUNDEFMSG
EndFunc ;==>WM_NOTIFY
; Show at the given coordinates (x, y) the popup menu (hMenu) which belongs to a given GUI window (hWnd)
#cs
Func WM_COMMAND($hWnd, $iMsg, $iwParam, $ilParam)
    Switch _WinAPI_LoWord ($iwParam)
        Case $idMcShield
            MsgBox(4096,"","Starting McShield Scan.",2)
            ;GetActiveMcShield($TVtext)
            Exit
        Case $idWorkstations
            MsgBox(4096,"","Starting Workstation Scan.",2)
            ;GetActiveWorkstations($TVtext)
            Exit
    EndSwitch
    Return $GUI_RUNDEFMSG
EndFunc   ;==>WM_COMMAND
#ce
Func WM_COMMAND($hWnd, $iMsg, $iwParam, $ilParam)
    Switch _WinAPI_LoWord ($iwParam)

        Case $idMcShield
            ;MsgBox(4096,"","Starting McShield Scan.",2)
            GetActiveMcShield($TVtext)
            ;Exit

        Case $idWorkstations
            ;MsgBox(4096,"","Starting Workstation Scan.",2)
            GetActiveWorkstations($TVtext)
            ;Exit

        Case $idMcVTPS
            GetActiveMcVTPS()

        Case $idExit
            Exit

        Case $adMcShield
            MsgBox(4096,"Process Warning","It will take a few minutes to load all the workstation objects. ")
            GetActiveMcShieldfromAD()

        Case $adMcVTPS
            MsgBox(4096,"Process Warning","It will take a few minutes to load all the workstation objects. ")
            GetActiveMcVTPSFromAD()

        Case $idAbout
            MsgBox(4096,"","OU Admin Workstation 1.5.",2)

    EndSwitch
    Return $GUI_RUNDEFMSG
EndFunc   ;==>WM_COMMAND


Func GetActiveMcVTPSFromAD()
    $timer = TimerInit()
    If FileExists("MCVTPS_McShield.log") Then FileDelete("MCVTPS_McShield.log")
    _AD_Open()
    $oumembers = _AD_GetObjectsInOU("OU=ABC Workstations,DC=ABCcorp,DC=org", "(&(objectcategory=computer)(objectclass=computer))", 2, "name"); searches the OU PCs
    ;$oumembers = _AD_GetObjectsInOU($TVtext, "(&(objectcategory=computer)(objectclass=computer))", 2, "name"); searches the OU PCs
    _AD_Close()
    Run("SysLoadMon.exe"&" "&"MCVTPS_McShieldScanner.exe"&" "&"MCVTPS_McShield.log"&" "&$oumembers[0])
        For $i = 1 To UBound($oumembers) - 1
            GUICtrlSetData($WksTmLbl,"Workstations Complete: "&$i&"/"&$oumembers[0])
            MemoWrite("Scanning"&" : "&$oumembers[$i])
            Run("MCVTPS_McShieldScanner.exe"&" "&$oumembers[$i])
            Sleep(250) ; This determines the speed to spawn subprocesses (current setting Quad CPU)
        Next

        While 1
            If ProcessExists("MCVTPS_McShieldScanner.exe") = 0 Then
                MsgBox(4096,"","MCVTPS_McShield Scan was completed in: "&int(TimerDiff($timer))/60000&" Minutes.")
                ProcessClose("SysLoadMon.exe")
                ExitLoop
            Else
                Sleep(1000)
            EndIf
        WEnd
EndFunc

Func GetActiveMcShieldfromAD()
    _AD_Open()
    $wksobjects = _AD_GetObjectsInOU("OU=ABC Workstations,DC=ABCcorp,DC=org", "(&(objectcategory=computer)(objectclass=computer))", 2, "name"); searches the OU PCs
    _AD_Close()
    Run("SysLoadMon.exe"&" "&"AD_McShieldScanner.exe"&" "&"AD_McShield.log"&" "&$wksobjects[0])
    For $i = 1 To UBound($wksobjects,1) + 1
        Run("AD_McShieldScanner.exe"&" "&$wksobjects[$i])
        Sleep(250)
    Next
    While 1
            If ProcessExists("AD_McShieldScanner.exe") = 0 Then
                MsgBox(4096,"","AD_McShield Scan was completed in: "&int(TimerDiff($timer))/60000&" Minutes.")
                ProcessClose("SysLoadMon.exe")
                ExitLoop
            Else
                Sleep(1000)
            EndIf
    WEnd
Exit
EndFunc

Func GetActiveMcShield($TVtext)
                $timer = TimerInit()
                If FileExists("McShield.log") Then FileDelete("McShield.log")
                $tstoumembers = _AD_GetObjectsInOU($TVtext, "(&(objectcategory=computer)(objectclass=computer))", 2, "name"); searches the OU PCs
                Run("SysLoadMon.exe"&" "&"McShieldScanner.exe"&" "&"Mcshield.log"&" "&$tstoumembers[0])
                For $i = 1 To UBound($tstoumembers,1) -1
                Run("McShieldScanner.exe"&" "&$tstoumembers[$i])
                Sleep(250) ; This determines the speed to spawn subprocesses (current setting Quad CPU)
                Next

                While 1
                    If ProcessExists("McShieldScanner.exe") = 0 Then
                        MsgBox(4096,"","McShield Scan was completed in: "&int(TimerDiff($timer))/60000&" Minutes.")
                        ProcessClose("SysLoadMon.exe")
                        ;GetMcShieldLogFile()
                        ExitLoop
                    Else
                    Sleep(1000)
                    EndIf
                WEnd
EndFunc
Func GetActiveMcVTPS()
    $timer = TimerInit()
    If FileExists("MCVTPS_McShield.log") Then FileDelete("MCVTPS_McShield.log")
    _AD_Open()
    ;$oumembers = _AD_GetObjectsInOU("OU=ABC Workstations,DC=ABCcorp,DC=org", "(&(objectcategory=computer)(objectclass=computer))", 2, "name"); searches the OU PCs
    $oumembers = _AD_GetObjectsInOU($TVtext, "(&(objectcategory=computer)(objectclass=computer))", 2, "name"); searches the OU PCs
    _AD_Close()
        Run("SysLoadMon.exe"&" "&"MCVTPS_McShieldScanner.exe"&" "&"MCVTPS_McShield.log"&" "&$oumembers[0])
    For $i = 1 To UBound($oumembers) - 1
            GUICtrlSetData($WksTmLbl,"Workstations Complete: "&$i&"/"&$oumembers[0])
            MemoWrite("Scanning"&" : "&$oumembers[$i])
            Run("MCVTPS_McShieldScanner.exe"&" "&$oumembers[$i])
            Sleep(250)
        Next

        While 1
            If ProcessExists("MCVTPS_McShieldScanner.exe") = 0 Then
                MsgBox(4096,"","MCVTPS_McShield Scan was completed in: "&int(TimerDiff($timer))/60000&" Minutes.")
                ProcessClose("SysLoadMon.exe")
                ExitLoop
            Else
                Sleep(1000)
            EndIf
        WEnd
EndFunc














Func GetActiveWorkstations($TVtext)
                $timer = TimerInit()
                If FileExists("WorkstationScanner.log") Then FileDelete("WorkstationScanner.log")
                $oumembers = _AD_GetObjectsInOU($TVtext, "(&(objectcategory=computer)(objectclass=computer))", 2, "name"); searches the OU PCs

                Run("SysLoadMon.exe"&" "&"WorkstationScanner.exe"&" "&"WorkstationScanner.log"&" "&$oumembers[0])
                _FileWriteLog("WorkstationScanner.log","Organizational Unit Workstation Report for:")
                _FileWriteLog("WorkstationScanner.log",$TVtext)
                _FileWriteLog("WorkstationScanner.log","Workstation Name"&","&"LastLogonTimeStamp"&","&"IP Address"&","&"Ping Response")

                For $i = 1 To UBound($oumembers,1) - 1
                    IF TCPNameToIP($oumembers[$i]) <> "" Then
                Run("WorkstationScanner.exe"&" "&$oumembers[$i])
                Sleep(750)
                EndIf
                Next

                While 1
                    If ProcessExists("WorkstationScanner.exe") = 0 Then
                        MsgBox(4096,"","Workstation Scan Complete.",3)
                        ;GetWorkstationLogFile()
                        ExitLoop
                    Else
                    Sleep(100)
                    EndIf
                WEnd
EndFunc

Func GetMcShieldLogFile()
                GUICreate("McShield Workstation Status",400,400,-1,-1,$WS_VSCROLL)
                GUISetState(@SW_SHOW)
                $Onlinelist = GUICtrlCreateListView("Actice McShield Workstations", 10, 10, 190, 380)
                $Offlinelist = GUICtrlCreateListView("Disabled McShield Workstations", 200, 10, 190, 380)
                $file = FileOpen("McShield.log", 1)
                $fLines = _FileCountLines("McShield.log")
                For $i = 1 to $fLines
                    $line = FileReadLine("McShield.log",$i)
                    $wksdata = StringTrimLeft ($line, 21)
                    If StringInStr($line,"McShield.exe was found") Then
                        GUICtrlCreateListViewItem($wksdata,$Onlinelist)
                    ElseIf StringInStr($line,"McShield.exe was not running") Then
                        GUICtrlCreateListViewItem($wksdata,$Offlinelist)
                        FileClose($file)
                    EndIf
                Next
EndFunc
Func GetWorkstationLogFile()
                GUICreate("Active Workstation Status",400,400,-1,-1,$WS_VSCROLL)
                GUISetState(@SW_SHOW)
                $Onlinelist = GUICtrlCreateListView("Actice Workstations", 10, 10, 190, 380)
                $Offlinelist = GUICtrlCreateListView("Nonactive Workstations", 200, 10, 190, 380)
                $file = FileOpen("WorkstationResponse.log", 1)
                $fLines = _FileCountLines("WorkstationResponse.log")
                For $i = 1 to $fLines
                    $line = FileReadLine("WorkstationResponse.log",$i)
                    $wksdata = StringTrimLeft ($line, 21)
                    If StringInStr($line,"WorkstationResponse.log") Then
                        GUICtrlCreateListViewItem($wksdata,$Onlinelist)
                    ElseIf StringInStr($line,"WorkstationResponse.log") Then
                        GUICtrlCreateListViewItem($wksdata,$Offlinelist)
                        FileClose($file)
                    EndIf
                Next
EndFunc
Func MemoWrite($sMessage)
    GUICtrlSetData($iMemo, $sMessage & @CRLF,"Combo")
EndFunc   ;==>MemoWrite

CPU and Process Monitor

#Region ;**** Directives created by AutoIt3Wrapper_GUI ****
#AutoIt3Wrapper_outfile=SysLoadMon.exe
#EndRegion ;**** Directives created by AutoIt3Wrapper_GUI ****
#include <GuiConstants.au3>
#include <GUIConstantsEx.au3>
#include <WindowsConstants.au3>
#include <GUIConstantsEx.au3>
#include <ProgressConstants.au3>
#include <Array.au3>
#Include <File.au3>
#Include <Date.au3>
IF $cmdline[0] = 0 Then
$ScanName = "McShieldScanner.exe"
$LogFile = "McShield.log"
$totalWks = "100"
Else
$ScanName = $cmdline[1]
$LogFile = $cmdline[2]
$totalWks = $cmdline[3]
;MsgBox(1,"Parameters Passed",$ScanName&":"&$LogFile&":"&$totalWks)
EndIf
;Sleep(10000)
Global $timer
MonitorProc()
Func MonitorProc()
    $timer = TimerInit()
    Local $CpuUtilLbl, $CpuUtilPb, $ProcCntLbl, $ProcCntPb, $WksCntLbl, $WksCntPb, $msg, $wks, $cpu, $WksTmLbl
    GUICreate("OU Admin Monitor", 220, 200,750, 100, 200)
    $CpuUtilLbl = GUICtrlCreateLabel("CPU Utilization",10,10,200,20)
    $CpuUtilPb = GUICtrlCreateProgress(10, 30, 200, 20,$PBS_SMOOTH)
    $ProcCntLbl = GUICtrlCreateLabel("Processes Running",10,60,200,20)
    $ProcCntPb = GUICtrlCreateProgress(10, 80, 200, 20,$PBS_SMOOTH)
    $WksTmLbl = GUICtrlCreateLabel("Time:",10,130,200,20)
    GUISetState()
;int(TimerDiff($timer)) & " ms")
    While 1
        $cpu = GetCpuUtil()
        $proc = GetProcCount()
        GUICtrlSetData($CpuUtilPb, GetCpuUtil())
        GUICtrlSetData($CpuUtilLbl, "CPU Utilization:"&" "&$cpu)
        GUICtrlSetData($ProcCntPb, _ArrayMaxIndex($proc))
        GUICtrlSetData($ProcCntLbl, $ScanName&" "&" : "&_ArrayMaxIndex($proc))
        GUICtrlSetData($WksTmLbl, "Time"&" "&int(TimerDiff($timer)/1000) & " sec")
    WEnd
EndFunc   ;==>Example

Func GetCpuUtil()
$wbemFlagReturnImmediately = 0x10
$wbemFlagForwardOnly = 0x20
$colItems = ""
$strComputer = "localhost"

;$OutputTitle = ""
$Output = ""
;$OutputTitle &= "Computer: " & $strComputer  & @CRLF
;$OutputTitle &= "==========================================" & @CRLF
$objWMIService = ObjGet("winmgmts:\\" & $strComputer & "\root\CIMV2")
$colItems = $objWMIService.ExecQuery("SELECT * FROM Win32_Processor", "WQL", _
                                          $wbemFlagReturnImmediately + $wbemFlagForwardOnly)

If IsObj($colItems) then
   Local $Object_Flag = 0
   For $objItem In $colItems
      $Object_Flag = 1
      $Output &= "LoadPercentage: " & $objItem.LoadPercentage & @CRLF
      $Output=""
   Next
  ;If $Object_Flag = 0 Then Msgbox(1,"WMI Output",$OutputTitle)
Else
   Msgbox(0,"WMI Output","No WMI Objects Found for class: " & "Win32_Processor" )
Endif
Return $objItem.LoadPercentage
EndFunc

Func WMIDateStringToDate($dtmDate)
    Return (StringMid($dtmDate, 5, 2) & "/" & _
    StringMid($dtmDate, 7, 2) & "/" & StringLeft($dtmDate, 4) _
    & " " & StringMid($dtmDate, 9, 2) & ":" & StringMid($dtmDate, 11, 2) & ":" & StringMid($dtmDate,13, 2))
EndFunc

Func GetProcCount()
    Local $s
    $sComputerName = "localhost"
    $count = 1
    Local $arTasks [1]
    $wbemFlagReturnImmediately = 0x10
    $wbemFlagForwardOnly = 0x20
    $objWMIService = ObjGet("winmgmts:\\" & $sComputerName & "\root\CIMV2")
    If @error Then
    _FileWriteLog($LogFile,$sComputerName&" , "&"Remote system did not respond.")
    Else
    $colItems = $objWMIService.ExecQuery("SELECT * FROM Win32_Process", "WQL", _
                                          $wbemFlagReturnImmediately + $wbemFlagForwardOnly)

        If IsObj($colItems) then
        Local $Object_Flag = 0
        For $objItem In $colItems
            $Object_Flag = 1
            ReDim $arTasks [$count]
            $arTasks [$count - 1] = $objItem.Caption
            $count += 1

        Next
        _ArraySort ($artasks)
        $proc = _ArrayFindAll($artasks,$ScanName)
        If $proc = -1 Then
            IF ProcessExists("OUAdminWorkstation_r22.exe") Then
                $proc = 0
                Return $proc
            Else
                Exit
            EndIf
        Else
            Return $proc
        EndIf
    EndIf
EndIf
EndFunc

Scan Job (Looking for a Active Service called 'McAfee Validation Trust Protection Service on each workstation)

#Region ;**** Directives created by AutoIt3Wrapper_GUI ****
#AutoIt3Wrapper_outfile=MCVTPS_McShieldScanner.exe
#EndRegion ;**** Directives created by AutoIt3Wrapper_GUI ****
#include <Array.au3>
#Include <File.au3>
#Include <Date.au3>
#include <AD.au3>
$sComputerName = $cmdline[1]
;$sComputerName = InputBox("Enter a Workstation Host name","Host Name:")
#cs
McShield Scanner Proc
#ce
;$timer = TimerInit()
Global $timer
$timer = TimerInit()
_AD_Open()
$sFQDN = _AD_SamAccountNameToFQDN($sComputerName & "$")
$wks = _AD_GetObjectProperties($sFQDN,"")
_AD_Close()
$PwdLastSet = _ArraySearch($wks,"lastLogonTimestamp")
$LLTSDif = _DateDiff('d',$wks[$PwdLastSet][1],_NowCalcDate())
If $LLTSDif < 293 Then
            TCPStartup()
            TCPNameToIP($sComputerName)
            If @error Then
                _FileWriteLog("MCVTPS_McShield.log",$sComputerName&","&"Remote system has no IP Address from a DNS Query,"&" "&int(TimerDiff($timer)) & " ms")
                TCPShutdown()
                Exit
            Else
                TCPShutdown()
                $timer = TimerInit()
                If Ping($sComputerName,255) = 0 Then
                    _FileWriteLog("MCVTPS_McShield.log",$sComputerName&","&"Remote system did not respond to Ping,"&" "&int(TimerDiff($timer)) & " ms")
                    Exit
                Else
                    SearchForMcAfeeServices($sComputerName)
                    ;SearchForMcAfeeDirectories($sComputerName)
                EndIf
            EndIf
        Else
        _FileWriteLog("MCVTPS_McShield.log",$sComputerName&","&"The Targeted Workstation has not been on the network since 2009,"&" "&int(TimerDiff($timer)) & " ms")
        EndIf

Func SearchForMcAfeeServices($sComputerName)
    Local $i, $Output, $OutputTitle
    $timer = TimerInit()
    $count = 1
    Local $arTasks [1]
    $wbemFlagReturnImmediately = 0x10
    $wbemFlagForwardOnly = 0x20
    $objWMIService = ObjGet("winmgmts:\\" & $sComputerName & "\root\CIMV2")
    If @error Then
        _FileWriteLog("MCVTPS_McShield.log",$sComputerName&","&"Remote system did not respond to WMI Query,"&" "&int(TimerDiff($timer)) & " ms")
        Exit
    Else
        $colItems = $objWMIService.ExecQuery("SELECT * FROM Win32_Service Where Caption = 'McAfee Validation Trust Protection Service'", "WQL", _
                                          $wbemFlagReturnImmediately + $wbemFlagForwardOnly)
        If IsObj($colItems) then
            Local $Object_Flag = 0
            For $objItem In $colItems
                $Object_Flag = 1
            _FileWriteLog("MCVTPS_McShield.log",$sComputerName&","&"McShield Status, MCVTPS Service is enabled."&" "&int(TimerDiff($timer)) & " ms")
            Exit
            Next
            If $Object_Flag = 0 Then _FileWriteLog("MCVTPS_McShield.log",$sComputerName&","&"McShield Status, MCVTPS Service is not present."&" "&int(TimerDiff($timer)) & " ms")
            Exit
        Endif
    EndIf
EndFunc

Func SearchForMcAfeeDirectories($strComputer)

            $wbemFlagReturnImmediately = 0x10
            $wbemFlagForwardOnly = 0x20
            $colItems = ""

            $OutputTitle = ""
            $Output = ""
            $OutputTitle &= "Computer: " & $strComputer  & @CRLF
            $OutputTitle &= "==========================================" & @CRLF
            $objWMIService = ObjGet("winmgmts:\\" & $strComputer & "\root\CIMV2")

            $mcafee = $objWMIService.ExecQuery("SELECT * FROM Win32_Directory Where Name = 'C:\\Program Files\\mcafee'")
            If @error Then $mcerror = 0
            $framework = $objWMIService.ExecQuery("SELECT * FROM Win32_Directory Where Name = 'c:\\program files\\mcafee\\common framework'")
            If @error Then $frameerror =0
            $virusscan = $objWMIService.ExecQuery("SELECT * FROM Win32_Directory Where Name = 'c:\\program files\\mcafee\\virusscan enterprise'")
            If @error Then $Viruserror =0
            $mctray = $objWMIService.ExecQuery("SELECT * FROM Win32_Directory Where Name = 'c:\\program files\\mcafee\\common framework\\mctray'")
            If @error Then $trayerror =0

            ;_FileWriteLog("AD_McShield.log",$sComputerName&","&$sFQDN&","&"McShield Status:"&$McShieldStat&","&"McAfee Install status"&","&"Epo:"&$mcerror&","&"Framework:"&$frameerror&","&"Antivirus:"&$Viruserror&","&"McTray:"&$trayerror)


EndFunc

Func WMIDateStringToDate($dtmDate)
    Return (StringMid($dtmDate, 5, 2) & "/" & _
    StringMid($dtmDate, 7, 2) & "/" & StringLeft($dtmDate, 4) _
    & " " & StringMid($dtmDate, 9, 2) & ":" & StringMid($dtmDate, 11, 2) & ":" & StringMid($dtmDate,13, 2))
EndFunc
Exit

Looks for an active process on each workstation in this case MCShield.exe

#Region ;**** Directives created by AutoIt3Wrapper_GUI ****
#AutoIt3Wrapper_outfile=AD_McShieldScanner.exe
#EndRegion ;**** Directives created by AutoIt3Wrapper_GUI ****
#include <Array.au3>
#Include <File.au3>
#Include <Date.au3>
#include <AD.au3>
;$sComputerName = $cmdline[1]
$sComputerName = InputBox("Enter a Workstation Host name","Host Name:")
#cs
McShield Scanner Proc
#ce
;$timer = TimerInit()
Global $timer, $McShieldStat
$McShieldStat = 1
$mcerror = 1
$frameerror = 1
$Viruserror = 1
$trayerror = 1
_AD_Open()
$sFQDN = _AD_SamAccountNameToFQDN($sComputerName & "$")
TCPStartup()
$timer = TimerInit()
TCPNameToIP($sComputerName)
If @error Then
    $wks = _AD_GetObjectProperties($sFQDN,"")
    $PwdLastSet = _ArraySearch($wks,"lastLogonTimestamp")
    $LLTSDif = _DateDiff('d',$wks[$PwdLastSet][1],_NowCalcDate())
    _AD_Close()
    _FileWriteLog("AD_McShield.log",$sComputerName&","&$sFQDN&","&"Days since LLTS: "&$LLTSDif&","&"Remote system has no IP Address from a DNS Query,"&" "&int(TimerDiff($timer)) & " ms")
    TCPShutdown()
    Exit
Else
    _AD_Close()
    TCPShutdown()
    $timer = TimerInit()
    If Ping($sComputerName,255) = 0 Then
        _FileWriteLog("AD_McShield.log",$sComputerName&","&$sFQDN&","&"Remote system did not respond to Ping,"&" "&int(TimerDiff($timer)) & " ms")
        Exit
    Else
        SearchForMcAfeeServices($sComputerName)
        ;SearchForMcAfeeDirectories($sComputerName)
    EndIf
EndIf

Func SearchForMcAfeeServices($sComputerName)
    Local $i, $Output, $OutputTitle
    $timer = TimerInit()
    $count = 1
    Local $arTasks [1]
    $wbemFlagReturnImmediately = 0x10
    $wbemFlagForwardOnly = 0x20
    $objWMIService = ObjGet("winmgmts:\\" & $sComputerName & "\root\CIMV2")
    If @error Then
        _FileWriteLog("AD_McShield.log",$sComputerName&","&$sFQDN&","&"Remote system did not respond to WMI Query,"&" "&int(TimerDiff($timer)) & " ms")
        Exit
    Else
        $colItems = $objWMIService.ExecQuery("SELECT * FROM Win32_Service Where Caption = 'McAfee Validation Protection Service'", "WQL", _
                                          $wbemFlagReturnImmediately + $wbemFlagForwardOnly)
        If @error Then MsgBox(1,"","Error")
        If IsObj($colItems) then
        Local $Object_Flag = 0
        For $objItem In $colItems
            MsgBox(1,"",$objItem.Caption)

              If $objItem.State = "Stopped" Then
                $McShieldStat = 0
                ;SearchForMcAfeeDirectories($sComputerName)
            Else
                _FileWriteLog("AD_McShield.log",$sComputerName&","&$sFQDN&","&"McShield Status:"&$McShieldStat&","&"McAfee Install status"&","&"Epo:"&$mcerror&","&"Framework:"&$frameerror&","&"Antivirus:"&$Viruserror&","&"McTray:"&$trayerror)
                Exit
              EndIf
        Next

        Endif
    EndIf


EndFunc

Func SearchForMcAfeeDirectories($strComputer)

            $wbemFlagReturnImmediately = 0x10
            $wbemFlagForwardOnly = 0x20
            $colItems = ""

            $OutputTitle = ""
            $Output = ""
            $OutputTitle &= "Computer: " & $strComputer  & @CRLF
            $OutputTitle &= "==========================================" & @CRLF
            $objWMIService = ObjGet("winmgmts:\\" & $strComputer & "\root\CIMV2")

            $mcafee = $objWMIService.ExecQuery("SELECT * FROM Win32_Directory Where Name = 'C:\\Program Files\\mcafee'")
            If @error Then $mcerror = 0
            $framework = $objWMIService.ExecQuery("SELECT * FROM Win32_Directory Where Name = 'c:\\program files\\mcafee\\common framework'")
            If @error Then $frameerror =0
            $virusscan = $objWMIService.ExecQuery("SELECT * FROM Win32_Directory Where Name = 'c:\\program files\\mcafee\\virusscan enterprise'")
            If @error Then $Viruserror =0
            $mctray = $objWMIService.ExecQuery("SELECT * FROM Win32_Directory Where Name = 'c:\\program files\\mcafee\\common framework\\mctray'")
            If @error Then $trayerror =0

            _FileWriteLog("AD_McShield.log",$sComputerName&","&$sFQDN&","&"McShield Status:"&$McShieldStat&","&"McAfee Install status"&","&"Epo:"&$mcerror&","&"Framework:"&$frameerror&","&"Antivirus:"&$Viruserror&","&"McTray:"&$trayerror)


EndFunc

Func WMIDateStringToDate($dtmDate)
    Return (StringMid($dtmDate, 5, 2) & "/" & _
    StringMid($dtmDate, 7, 2) & "/" & StringLeft($dtmDate, 4) _
    & " " & StringMid($dtmDate, 9, 2) & ":" & StringMid($dtmDate, 11, 2) & ":" & StringMid($dtmDate,13, 2))
EndFunc

Share this post


Link to post
Share on other sites



#2 ·  Posted (edited)

I have updated it to work more easlier in your environment the Main OU Admin part

#Region ;**** Directives created by AutoIt3Wrapper_GUI ****
#AutoIt3Wrapper_outfile=OUAdminWorkstation_r11032010.exe
#EndRegion ;**** Directives created by AutoIt3Wrapper_GUI ****
#include <Misc.au3>
#include <GUIConstants.au3>
#include <GUIConstantsEx.au3>
#Include <GuiTreeView.au3>
#include <TreeviewConstants.au3>
#include <WindowsConstants.au3>
#Include <WinAPI.au3>
#include <AD.au3>
#include <IE.au3>
#include <array.au3>
#include <StaticConstants.au3>
#Include <WinAPI.au3>
#Include <GuiMenu.au3>
#Include <GuiScrollBars.au3>
#include <GuiStatusBar.au3>
#include <GuiButton.au3>
#include <Date.au3>
#include <GUIListBox.au3>
#Include <File.au3>
#include <GUIConstants.au3>
#include <GUIConstantsEx.au3>
#include <EditConstants.au3>
#include <WindowsConstants.au3>
#Include <GuiStatusBar.au3>
#include <ProgressConstants.au3>

$ADDOMAIN = "DC=Yourcompany,Dc=com"; <-- The only line you should need to change

Global Enum $idMcShield = 1000, $idMcVTPS=2000,$idWorkstations=3000, $adWorkstations=4000,  $adMcShield=5000, $adMcVTPS=6000
Global  $iMemo, $SelectedTV, $msg, $TVtext,$TVhItem,  $tviewPI, $idReg,  $idAbout, $idWIM, $idExit, $hStatus, $hProgress, $hProgress2, $hGUI, $progress, $progress2, $iWksList,$ScanName, $fSize = False
Global $timer, $RandStart =0
;Global $vLvl1, $vLvl2, $vLvl3, $vLvl4, $SelectedValue
Main()
Func Main()
Local $mainform, $OUtasks, $WKtasks, $hHelp, $hMain
$mainform = GUICreate("OU Management Workstation", @DesktopWidth-10, @DesktopHeight-80,$WS_POPUP,$WS_EX_TOPMOST)
$tviewPI = _GuiCtrlTreeView_Create($mainform,3,3,(@DesktopWidth/2)-200,600, BitOR($TVS_HASBUTTONS, $TVS_HASLINES, $TVS_LINESATROOT, $TVS_DISABLEDRAGDROP, $TVS_SHOWSELALWAYS), $WS_EX_CLIENTEDGE)
$MainOU = _GUICtrlTreeView_Add($tviewPI,0,"Workstation Organizational Units")
$iWksList = GUICtrlCreateListView("Date|Scan Engine|Target|Results|Duration", (@DesktopWidth/2)-194,3,(@DesktopWidth/2)+183, 617,$ES_AUTOVSCROLL + $WS_VSCROLL)
;GUICtrlSetFont($iWksList, 9, 400, 0, "Courier New")

;GUISetBkColor(0x0000c0)
    $OUtasks = _GUICtrlMenu_CreateMenu ()
    _GUICtrlMenu_InsertMenuItem ($OUtasks, 0, "&Scan for McShield", $idMcShield)
    _GUICtrlMenu_InsertMenuItem ($OUtasks, 1, "&Scan for McVTPS", $idMcVTPS)
    _GUICtrlMenu_InsertMenuItem ($OUtasks, 2, "", 0)
    _GUICtrlMenu_InsertMenuItem ($OUtasks, 3, "E&xit", $idExit)

    ; Create WKS menu
    $WKtasks = _GUICtrlMenu_CreateMenu ()
    _GUICtrlMenu_InsertMenuItem ($WKtasks, 0, "&Scan for Active Workstations", $idWorkstations)

    ; Create AD menu
    $ADtasks = _GUICtrlMenu_CreateMenu ()
    _GUICtrlMenu_InsertMenuItem ($ADtasks, 0, "&Scan for Active Workstations in AD", $adWorkstations)
    _GUICtrlMenu_InsertMenuItem ($ADtasks, 1, "&Scan for McShield in AD", $adMcShield)
    _GUICtrlMenu_InsertMenuItem ($ADtasks, 2, "&Scan for McAfee VTPS in AD", $adMcVTPS)

    ; Create Help menu
    $hHelp = _GUICtrlMenu_CreateMenu ()
    _GUICtrlMenu_InsertMenuItem ($hHelp, 7, "&About", $idAbout)

    ; Create Main menu
    $hMain = _GUICtrlMenu_CreateMenu ()
    _GUICtrlMenu_InsertMenuItem ($hMain, 0, "&Organizational Unit ", 0, $OUtasks)
    _GUICtrlMenu_InsertMenuItem ($hMain, 1, "&Workstation Tasks", 0, $WKTasks)
    _GUICtrlMenu_InsertMenuItem ($hMain, 2, "&Active Directory", 0, $ADtasks)
    _GUICtrlMenu_InsertMenuItem ($hMain, 3, "&Help", 0, $hHelp)

    ; Set window menu
    _GUICtrlMenu_SetMenu ($mainform, $hMain)

Local $aParts[4] = [300, 600, @DesktopWidth-10, @DesktopHeight-80]
 Local $hInput, $input
    Local $aParts[4] = [200, 600, @DesktopWidth-10, -1]

    ; Create GUI
    ;$hGUI = GUICreate("StatusBar Embed Control", 400, 300)
    ;GUISetStyle(BitOR($WS_MINIMIZEBOX, $WS_MAXIMIZEBOX, $WS_SIZEBOX, $WS_CAPTION, $WS_POPUP, $WS_SYSMENU))

    $hStatus = _GUICtrlStatusBar_Create($mainform)
    _GUICtrlStatusBar_SetMinHeight($hStatus, 20)
    _GUICtrlStatusBar_SetParts($hStatus, $aParts)
    _GUICtrlStatusBar_SetText($hStatus, "Status:")
    _GUICtrlStatusBar_SetText($hStatus, "Workstation:", 1)

    ; Embed a progress bar
    $progress = GUICtrlCreateProgress(10, 10, 100, 15, $PBS_SMOOTH)
    $hProgress = GUICtrlGetHandle($progress)
    _GUICtrlStatusBar_EmbedControl($hStatus, 2, $hProgress)

;~  ; *** Warning *** Resizing the window with the following enabled will hard crash AutoIt.
    ;$progress2 = GUICtrlCreateProgress(0, 0, 100, 15, $PBS_SMOOTH)
    ;$hProgress2 = GUICtrlGetHandle($progress2)
    ;_GUICtrlStatusBar_EmbedControl($hStatus, 3, $hProgress2)
    ;_SendMessage($hProgress2, $PBM_SETMARQUEE, True, 10)

GUIRegisterMsg($WM_SIZE, "WM_SIZE")
GUIRegisterMsg($WM_COMMAND, "WM_COMMAND")
$Debug_TV = False ; Check ClassName being passed to functions, set to True and use a handle to another control to see it work

_AD_Open()
$aOUs = _AD_GetAllOUs($ADDOMAIN)
_ArraySort($aOUs,0,0,0,0)
;_ArrayDisplay($aOUs)
For $ou = 1 to UBound($aOUs) - 1  ;Level1 For
    $MultiOU = _ArrayFindAll($aOUs,$aOUs[$ou][1],0,0,0,1,1)

    If _ArrayMaxIndex($MultiOU) >=2 Then
        $ParentOU = _GUICtrlTreeView_AddChild($tviewPI, $MainOU,$aOUs[$MultiOU[0]][1])
            For $children = 1 to _ArrayMaxIndex($MultiOU)
                $MultiOU2 = _ArrayFindAll($aOUs,$aOUs[$MultiOU[$children]][1],0,0,0,1,1)
                If _ArrayMaxIndex($MultiOU2) >=2 Then
                    $ParentChild = _GUICtrlTreeView_AddChild($tviewPI, $ParentOU,$aOUs[$MultiOU2[0]][1])
                    $ou=$ou+1
                        For $children2 =1  to _ArrayMaxIndex($MultiOU2)
                        $Child = _GUICtrlTreeView_AddChild($tviewPI, $ParentChild,$aOUs[$MultiOU2[$children2]][1])
                        $children=$children+1
                        $ou=$ou+1
                        Next
                Else
                    _GUICtrlTreeView_AddChild($tviewPI, $ParentOU,$aOUs[$MultiOU2[0]][1])
                    $ou=$ou+1
                    $Child2ArraySize=0
                EndIf
            Next

    Else
        _GUICtrlTreeView_AddChild($tviewPI, $MainOU,$aOUs[$ou][1])
    EndIf
Next
GUICtrlSetColor(-1, 0x0000C0)
GUISetState(@SW_SHOW)
GUIRegisterMsg($WM_NOTIFY, "WM_NOTIFY")

GUISetState(@SW_SHOW)
Do
        Sleep(100)
        If $fSize Then
            _GUICtrlStatusBar_EmbedControl($hStatus, 2, $hProgress)
            _GUICtrlStatusBar_EmbedControl($hStatus, 3, $hProgress2)
            $fSize = False
        EndIf

Until GUIGetMsg() = $GUI_EVENT_CLOSE
ProcessClose("ScanMonitor1.exe")
ProcessClose("ScanMonitor2.exe")
ProcessClose("ScanMonitor3.exe")
ProcessClose("ScanMonitor4.exe")
EndFunc   ;==>_Main

Func WM_NOTIFY($hWnd, $iMsg, $iwParam, $ilParam)
    ;~ ConsoleWrite('@@ (' & @ScriptLineNumber & ') :(' & @MIN & ':' & @SEC & ') WM_NOTIFY()' & @CR) ;### Function Trace
    #forceref $hWnd, $iMsg, $iwParam
    Local $hWndFrom, $iIDFrom, $iCode, $tNMHDR, $hWndTreeView, $tInfo
    $hWndTreeView = $tviewPI
    If Not IsHWnd($tviewPI) Then $hWndTreeView = GUICtrlGetHandle($tviewPI)

    $tNMHDR = DllStructCreate($tagNMHDR, $ilParam)
    $hWndFrom = HWnd(DllStructGetData($tNMHDR, "hWndFrom"))
    $iIDFrom = DllStructGetData($tNMHDR, "IDFrom")
    $iCode = DllStructGetData($tNMHDR, "Code")
    Switch $hWndFrom
        Case $hWndTreeView
            Switch $iCode

            Case $NM_RCLICK
                    WM_CONTEXTMENU($hWnd, $iMsg, $iwParam, $ilParam)

            Case $NM_ClICK
                $tInfo = DllStructCreate($tagNMITEMACTIVATE, $ilParam)
                Local $tPoint, $tTVHEx, $TVhItem, $mX, $mY
                $tPoint = _WinAPI_GetMousePos(True, $tviewPI)
                $mX = DllStructGetData($tPoint, "X")
                $mY = DllStructGetData($tPoint, "Y")
                $TVhItem = _GUICtrlTreeView_HitTestItem($tviewPI, $mX, $mY)
                _GUICtrlTreeView_SetFocused($tviewPI, $TVhItem)
                $TVtext = _GUICtrlTreeView_GetText($tviewPI,$TVhItem)
                ;Global $SelectedTV = $TVtext
                ;ToolTip("HnWd"&" : "&$TVhItem&" "&"Text found"&" : "&$TVtext,0.0)
            Case $NM_DBLCLK
                Local $TVhItem
                _GUICtrlTreeView_DeleteChildren($tviewPI,$TVhItem)
                $tInfo = DllStructCreate($tagNMITEMACTIVATE, $ilParam)
                Local $tPoint, $tTVHEx, $TVhItem, $mX, $mY
                $tPoint = _WinAPI_GetMousePos(True, $tviewPI)
                $mX = DllStructGetData($tPoint, "X")
                $mY = DllStructGetData($tPoint, "Y")
                $TVhItem = _GUICtrlTreeView_HitTestItem($tviewPI, $mX, $mY)
                _GUICtrlTreeView_SetFocused($tviewPI, $TVhItem)
                $TVtext = _GUICtrlTreeView_GetText($tviewPI,$TVhItem)

                 If _GUICtrlTreeView_GetChildCount($tviewPI,$TVhItem) =-1 Then
                    $tstoumembers = _AD_GetObjectsInOU($TVtext, "(&(objectcategory=computer)(objectclass=computer))", 2, "name"); searches the OU PCs
                    For $i = 1 To UBound($tstoumembers,1) - 1
                    _GUICtrlTreeView_AddChild($tviewPI,$TVhItem,$tstoumembers[$i])
                    Next
                EndIf
            EndSwitch
        EndSwitch
    Return $GUI_RUNDEFMSG
EndFunc ;==>WM_NOTIFY
; Show at the given coordinates (x, y) the popup menu (hMenu) which belongs to a given GUI window (hWnd)

Func WM_CONTEXTMENU($hWnd, $iMsg, $iwParam, $ilParam)
                Local $TVhItem
                _GUICtrlTreeView_DeleteChildren($tviewPI,$TVhItem)
                $tInfo = DllStructCreate($tagNMITEMACTIVATE, $ilParam)
                Local $tPoint, $tTVHEx, $TVhItem, $mX, $mY
                $tPoint = _WinAPI_GetMousePos(True, $tviewPI)
                $mX = DllStructGetData($tPoint, "X")
                $mY = DllStructGetData($tPoint, "Y")
                $TVhItem = _GUICtrlTreeView_HitTestItem($tviewPI, $mX, $mY)
                _GUICtrlTreeView_SetFocused($tviewPI, $TVhItem)
                $sComputerName = _GUICtrlTreeView_GetText($tviewPI,$TVhItem)

                _AD_Open()
                $sFQDN = _AD_SamAccountNameToFQDN($sComputerName & "$")
                $wks = _AD_GetObjectProperties($sFQDN,"")
                ;_ArrayDisplay($wks)
                _AD_Close()


                _IEErrorHandlerRegister ()
                $oIE = _IECreate()
                ;$GUIActiveX = GUICtrlCreateObj($oIE, (@DesktopWidth/2)-194,3,(@DesktopWidth/2)+183,600)

                $sHTML = ""
                $sHTML &= "<HTML>" & @CR
                $sHTML &= "<HEAD>" & @CR
                $sHTML &= "<TITLE>Active Diectory Workstation Properties</TITLE>" & @CR
                $sHTML &= "</HEAD>" & @CR
                $sHTML &= "<FRAMESET rows='25,200'>" & @CR
                $sHTML &= " <FRAME NAME=Top SRC=about:blank>" & @CR
                $sHTML &= " <FRAMESET cols='100,500'>" & @CR
                $sHTML &= "   <FRAME NAME=Menu SRC=about:blank>" & @CR
                $sHTML &= "   <FRAME NAME=Main SRC=about:blank>" & @CR
                $sHTML &= " </FRAMESET>" & @CR
                $sHTML &= "</FRAMESET>" & @CR
                $sHTML &= "</HTML>"
                _IEDocWriteHTML ($oIE, $sHTML)
                _IEAction ($oIE, "refresh")
                Local $oFrameTop = _IEFrameGetObjByName ($oIE, "Top")
                Local $oFrameMenu = _IEFrameGetObjByName ($oIE, "Menu")
                Local $oFrameMain = _IEFrameGetObjByName ($oIE, "Main")
                _IEBodyWriteHTML ($oFrameTop, '<b>Workstation Properties for'&' '&$sComputerName&'<b/>')
                _IEBodyWriteHTML ($oFrameMenu, '<b>'&$sComputerName&'</b>')

                $dHTMLTitle = ""
                $dHTML= ""
                $dHTMLTitle &= '<tr bgcolor="yellow"><td>' & "Computer</td><td>&nbsp;" & $sComputerName  & "</td></tr>" & @CRLF
                $dHTML = $dHTML & @CR
                $dHTML = $dHTML & '<html><head></head><body> <style>table {font-size: 10pt; font-family: arial;} th {background-color: buttonface; font-decoration: bold;} </style><table BORDER="1"><tr><th> AD Attribute </th><th> Value </th></tr>'
                For $db = 1 to UBound($wks,1) -1
                $dHTML &= "<tr><td>"&$wks[$db][0]&"</td><td>&nbsp;"&$wks[$db][1]&"</td></tr>" & @CRLF
                Next
                TCPNameToIP($sComputerName)
                If @error Then
                $dHTML &= "<tr><td>"&$sComputerName&"</td><td>&nbsp;"&"Is not responding to DNS Lookup."&"</td></tr>" & @CRLF

                _IEDocWriteHTML ($oFrameMain, $dHTML)
                _IEAction ($oFrameMain, "refresh")
                Else
                $dHTML = $dHTML & '<html><style>table {font-size: 10pt; font-family: arial;} th {background-color: buttonface; font-decoration: bold;} </style><table BORDER="1"><tr><th> Process List </th><th> Value </th></tr>'

                $wbemFlagReturnImmediately = 0x10
                $wbemFlagForwardOnly = 0x20
                $colItems = ""

                $objWMIService = ObjGet("winmgmts:\\" & $sComputerName & "\root\CIMV2")
                $colItems = $objWMIService.ExecQuery("SELECT * FROM Win32_Process", "WQL", _
                                                          $wbemFlagReturnImmediately + $wbemFlagForwardOnly)

                If IsObj($colItems) then
                   Local $Object_Flag = 0
                   For $objItem In $colItems
                      $Object_Flag = 1
                  $dHTML = $dHTML & '<head>'&" "&'</head>' &@CRLF
                  $dHTML = $dHTML & '<head>'&" "&'</head>' &@CRLF

                  ;$dHTML = $dHTML & '<html><style>table {font-size: 10pt; font-family: arial;} th {background-color: buttonface; font-decoration: bold;} </style><table BORDER="1"><tr><th> Process List </th><th> Process ID </th></tr>'
                  $dHTML &= "<tr><td>"& $objItem.Caption &"</td><td>&nbsp;" & $objItem.ProcessId & "</td></tr>" & @CRLF
                  #cs
                  $dHTML &= "<tr><td>CommandLine</td><td>&nbsp;" & $objItem.CommandLine & "</td></tr>" & @CRLF
                  $dHTML &= "<tr><td>CreationClassName</td><td>&nbsp;" & $objItem.CreationClassName & "</td></tr>" & @CRLF
                  $dHTML &= "<tr><td>CreationDate</td><td>&nbsp;" & WMIDateStringToDate($objItem.CreationDate) & "</td></tr>" & @CRLF
                  $dHTML &= "<tr><td>CSCreationClassName</td><td>&nbsp;" & $objItem.CSCreationClassName & "</td></tr>" & @CRLF
                  $dHTML &= "<tr><td>CSName</td><td>&nbsp;" & $objItem.CSName & "</td></tr>" & @CRLF
                  $dHTML &= "<tr><td>Description</td><td>&nbsp;" & $objItem.Description & "</td></tr>" & @CRLF
                  $dHTML &= "<tr><td>ExecutablePath</td><td>&nbsp;" & $objItem.ExecutablePath & "</td></tr>" & @CRLF
                  $dHTML &= "<tr><td>ExecutionState</td><td>&nbsp;" & $objItem.ExecutionState & "</td></tr>" & @CRLF
                  $dHTML &= "<tr><td>Handle</td><td>&nbsp;" & $objItem.Handle & "</td></tr>" & @CRLF
                  $dHTML &= "<tr><td>HandleCount</td><td>&nbsp;" & $objItem.HandleCount & "</td></tr>" & @CRLF
                  $dHTML &= "<tr><td>InstallDate</td><td>&nbsp;" & WMIDateStringToDate($objItem.InstallDate) & "</td></tr>" & @CRLF
                  $dHTML &= "<tr><td>KernelModeTime</td><td>&nbsp;" & $objItem.KernelModeTime & "</td></tr>" & @CRLF
                  $dHTML &= "<tr><td>MaximumWorkingSetSize</td><td>&nbsp;" & $objItem.MaximumWorkingSetSize & "</td></tr>" & @CRLF
                  $dHTML &= "<tr><td>MinimumWorkingSetSize</td><td>&nbsp;" & $objItem.MinimumWorkingSetSize & "</td></tr>" & @CRLF
                  $dHTML &= "<tr><td>Name</td><td>&nbsp;" & $objItem.Name & "</td></tr>" & @CRLF
                  $dHTML &= "<tr><td>OSCreationClassName</td><td>&nbsp;" & $objItem.OSCreationClassName & "</td></tr>" & @CRLF
                  $dHTML &= "<tr><td>OSName</td><td>&nbsp;" & $objItem.OSName & "</td></tr>" & @CRLF
                  $dHTML &= "<tr><td>OtherOperationCount</td><td>&nbsp;" & $objItem.OtherOperationCount & "</td></tr>" & @CRLF
                  $dHTML &= "<tr><td>OtherTransferCount</td><td>&nbsp;" & $objItem.OtherTransferCount & "</td></tr>" & @CRLF
                  $dHTML &= "<tr><td>PageFaults</td><td>&nbsp;" & $objItem.PageFaults & "</td></tr>" & @CRLF
                  $dHTML &= "<tr><td>PageFileUsage</td><td>&nbsp;" & $objItem.PageFileUsage & "</td></tr>" & @CRLF
                  $dHTML &= "<tr><td>ParentProcessId</td><td>&nbsp;" & $objItem.ParentProcessId & "</td></tr>" & @CRLF
                  $dHTML &= "<tr><td>PeakPageFileUsage</td><td>&nbsp;" & $objItem.PeakPageFileUsage & "</td></tr>" & @CRLF
                  $dHTML &= "<tr><td>PeakVirtualSize</td><td>&nbsp;" & $objItem.PeakVirtualSize & "</td></tr>" & @CRLF
                  $dHTML &= "<tr><td>PeakWorkingSetSize</td><td>&nbsp;" & $objItem.PeakWorkingSetSize & "</td></tr>" & @CRLF
                  $dHTML &= "<tr><td>Priority</td><td>&nbsp;" & $objItem.Priority & "</td></tr>" & @CRLF
                  $dHTML &= "<tr><td>PrivatePageCount</td><td>&nbsp;" & $objItem.PrivatePageCount & "</td></tr>" & @CRLF
                  $dHTML &= "<tr><td>ProcessId</td><td>&nbsp;" & $objItem.ProcessId & "</td></tr>" & @CRLF
                  $dHTML &= "<tr><td>QuotaNonPagedPoolUsage</td><td>&nbsp;" & $objItem.QuotaNonPagedPoolUsage & "</td></tr>" & @CRLF
                  $dHTML &= "<tr><td>QuotaPagedPoolUsage</td><td>&nbsp;" & $objItem.QuotaPagedPoolUsage & "</td></tr>" & @CRLF
                  $dHTML &= "<tr><td>QuotaPeakNonPagedPoolUsage</td><td>&nbsp;" & $objItem.QuotaPeakNonPagedPoolUsage & "</td></tr>" & @CRLF
                  $dHTML &= "<tr><td>QuotaPeakPagedPoolUsage</td><td>&nbsp;" & $objItem.QuotaPeakPagedPoolUsage & "</td></tr>" & @CRLF
                  $dHTML &= "<tr><td>ReadOperationCount</td><td>&nbsp;" & $objItem.ReadOperationCount & "</td></tr>" & @CRLF
                  $dHTML &= "<tr><td>ReadTransferCount</td><td>&nbsp;" & $objItem.ReadTransferCount & "</td></tr>" & @CRLF
                  $dHTML &= "<tr><td>SessionId</td><td>&nbsp;" & $objItem.SessionId & "</td></tr>" & @CRLF
                  $dHTML &= "<tr><td>Status</td><td>&nbsp;" & $objItem.Status & "</td></tr>" & @CRLF
                  $dHTML &= "<tr><td>TerminationDate</td><td>&nbsp;" & WMIDateStringToDate($objItem.TerminationDate) & "</td></tr>" & @CRLF
                  $dHTML &= "<tr><td>ThreadCount</td><td>&nbsp;" & $objItem.ThreadCount & "</td></tr>" & @CRLF
                  $dHTML &= "<tr><td>UserModeTime</td><td>&nbsp;" & $objItem.UserModeTime & "</td></tr>" & @CRLF
                  $dHTML &= "<tr><td>VirtualSize</td><td>&nbsp;" & $objItem.VirtualSize & "</td></tr>" & @CRLF
                  $dHTML &= "<tr><td>WindowsVersion</td><td>&nbsp;" & $objItem.WindowsVersion & "</td></tr>" & @CRLF
                  $dHTML &= "<tr><td>WorkingSetSize</td><td>&nbsp;" & $objItem.WorkingSetSize & "</td></tr>" & @CRLF
                  $dHTML &= "<tr><td>WriteOperationCount</td><td>&nbsp;" & $objItem.WriteOperationCount & "</td></tr>" & @CRLF
                  $dHTML &= "<tr><td>WriteTransferCount</td><td>&nbsp;" & $objItem.WriteTransferCount & "</td></tr>" & @CRLF
                  #ce
              Next
                  $dHTML = $dHTML & '<html><style>table {font-size: 10pt; font-family: arial;} th {background-color: buttonface; font-decoration: bold;} </style><table BORDER="1"><tr><th> Registered Services </th><th> Running State </th></tr>'

                          $colItems = $objWMIService.ExecQuery("SELECT * FROM Win32_Service", "WQL", _
                                                      $wbemFlagReturnImmediately + $wbemFlagForwardOnly)

            If IsObj($colItems) then
               Local $Object_Flag = 0
               For $objItem In $colItems
                  $Object_Flag = 1
                  $dHTML = $dHTML & '<head>'&" "&'</head>' &@CRLF
                  $dHTML = $dHTML & '<head>'&" "&'</head>' &@CRLF
                  ;$dHTML = $dHTML & '<html><head></head><body> <style>table {font-size: 10pt; font-family: arial;} th {background-color: buttonface; font-decoration: bold;} </style><table BORDER="1"><tr><th> Service Attribute </th><th> Value </th></tr>'
                  ;$dHTML &= "<tr><td>AcceptPause</td><td>&nbsp;" & $objItem.AcceptPause & "</td></tr>" & @CRLF
                  ;$dHTML &= "<tr><td>AcceptStop</td><td>&nbsp;" & $objItem.AcceptStop & "</td></tr>" & @CRLF
                  $dHTML &= "<tr><td>"&$objItem.Caption&"</td><td>&nbsp;" & $objItem.State & "</td></tr>" & @CRLF
                  ;$dHTML &= "<tr><td>CheckPoint</td><td>&nbsp;" & $objItem.CheckPoint & "</td></tr>" & @CRLF
                  ;$dHTML &= "<tr><td>CreationClassName</td><td>&nbsp;" & $objItem.CreationClassName & "</td></tr>" & @CRLF
                  ;$dHTML &= "<tr><td>Description</td><td>&nbsp;" & $objItem.Description & "</td></tr>" & @CRLF
                  ;$dHTML &= "<tr><td>DesktopInteract</td><td>&nbsp;" & $objItem.DesktopInteract & "</td></tr>" & @CRLF
                  ;$dHTML &= "<tr><td>DisplayName</td><td>&nbsp;" & $objItem.DisplayName & "</td></tr>" & @CRLF
                  ;$dHTML &= "<tr><td>ErrorControl</td><td>&nbsp;" & $objItem.ErrorControl & "</td></tr>" & @CRLF
                  ;$dHTML &= "<tr><td>ExitCode</td><td>&nbsp;" & $objItem.ExitCode & "</td></tr>" & @CRLF
                  ;$dHTML &= "<tr><td>InstallDate</td><td>&nbsp;" & WMIDateStringToDate($objItem.InstallDate) & "</td></tr>" & @CRLF
                  ;$dHTML &= "<tr><td>Name</td><td>&nbsp;" & $objItem.Name & "</td></tr>" & @CRLF
                  ;$dHTML &= "<tr><td>PathName</td><td>&nbsp;" & $objItem.PathName & "</td></tr>" & @CRLF
                  ;$dHTML &= "<tr><td>ProcessId</td><td>&nbsp;" & $objItem.ProcessId & "</td></tr>" & @CRLF
                  ;$dHTML &= "<tr><td>ServiceSpecificExitCode</td><td>&nbsp;" & $objItem.ServiceSpecificExitCode & "</td></tr>" & @CRLF
                  ;$dHTML &= "<tr><td>ServiceType</td><td>&nbsp;" & $objItem.ServiceType & "</td></tr>" & @CRLF
                  ;$dHTML &= "<tr><td>Started</td><td>&nbsp;" & $objItem.Started & "</td></tr>" & @CRLF
                  ;$dHTML &= "<tr><td>StartMode</td><td>&nbsp;" & $objItem.StartMode & "</td></tr>" & @CRLF
                  ;$dHTML &= "<tr><td>StartName</td><td>&nbsp;" & $objItem.StartName & "</td></tr>" & @CRLF
                  ;$dHTML &= "<tr><td>State</td><td>&nbsp;" & $objItem.State & "</td></tr>" & @CRLF
                  ;$dHTML &= "<tr><td>Status</td><td>&nbsp;" & $objItem.Status & "</td></tr>" & @CRLF
                  ;$dHTML &= "<tr><td>SystemCreationClassName</td><td>&nbsp;" & $objItem.SystemCreationClassName & "</td></tr>" & @CRLF
                  ;$dHTML &= "<tr><td>SystemName</td><td>&nbsp;" & $objItem.SystemName & "</td></tr>" & @CRLF
                  ;$dHTML &= "<tr><td>TagId</td><td>&nbsp;" & $objItem.TagId & "</td></tr>" & @CRLF
                  ;$dHTML &= "<tr><td>WaitHint</td><td>&nbsp;" & $objItem.WaitHint & "</td></tr>" & @CRLF
               Next

              EndIf
                    $dHTML = $dHTML & '<html><style>table {font-size: 10pt; font-family: arial;} th {background-color: buttonface; font-decoration: bold;} </style><table BORDER="1"><tr><th> Computer Properties </th><th> Value </th></tr>'
                    $dHTMLTitle &= '<tr bgcolor="yellow"><td>' & "Computer</td><td>&nbsp;" & $sComputerName  & "</td></tr>" & @CRLF
                    ;$objWMIService = ObjGet("winmgmts:\\" & $sComputerName & "\root\CIMV2")
                    $colItems = $objWMIService.ExecQuery("SELECT * FROM Win32_OperatingSystem", "WQL", _
                                                              $wbemFlagReturnImmediately + $wbemFlagForwardOnly)

                    If IsObj($colItems) then
                       Local $Object_Flag = 0
                       For $objItem In $colItems
                          $Object_Flag = 1
                          $dHTML &= "<tr><td>BootDevice</td><td>&nbsp;" & $objItem.BootDevice & "</td></tr>" & @CRLF
                          $dHTML &= "<tr><td>BuildNumber</td><td>&nbsp;" & $objItem.BuildNumber & "</td></tr>" & @CRLF
                          $dHTML &= "<tr><td>BuildType</td><td>&nbsp;" & $objItem.BuildType & "</td></tr>" & @CRLF
                          $dHTML &= "<tr><td>Caption</td><td>&nbsp;" & $objItem.Caption & "</td></tr>" & @CRLF
                          $dHTML &= "<tr><td>CodeSet</td><td>&nbsp;" & $objItem.CodeSet & "</td></tr>" & @CRLF
                          $dHTML &= "<tr><td>CountryCode</td><td>&nbsp;" & $objItem.CountryCode & "</td></tr>" & @CRLF
                          $dHTML &= "<tr><td>CreationClassName</td><td>&nbsp;" & $objItem.CreationClassName & "</td></tr>" & @CRLF
                          $dHTML &= "<tr><td>CSCreationClassName</td><td>&nbsp;" & $objItem.CSCreationClassName & "</td></tr>" & @CRLF
                          $dHTML &= "<tr><td>CSDVersion</td><td>&nbsp;" & $objItem.CSDVersion & "</td></tr>" & @CRLF
                          $dHTML &= "<tr><td>CSName</td><td>&nbsp;" & $objItem.CSName & "</td></tr>" & @CRLF
                          $dHTML &= "<tr><td>CurrentTimeZone</td><td>&nbsp;" & $objItem.CurrentTimeZone & "</td></tr>" & @CRLF
                          $dHTML &= "<tr><td>DataExecutionPrevention_32BitApplications</td><td>&nbsp;" & $objItem.DataExecutionPrevention_32BitApplications & "</td></tr>" & @CRLF
                          $dHTML &= "<tr><td>DataExecutionPrevention_Available</td><td>&nbsp;" & $objItem.DataExecutionPrevention_Available & "</td></tr>" & @CRLF
                          $dHTML &= "<tr><td>DataExecutionPrevention_Drivers</td><td>&nbsp;" & $objItem.DataExecutionPrevention_Drivers & "</td></tr>" & @CRLF
                          $dHTML &= "<tr><td>DataExecutionPrevention_SupportPolicy</td><td>&nbsp;" & $objItem.DataExecutionPrevention_SupportPolicy & "</td></tr>" & @CRLF
                          $dHTML &= "<tr><td>Debug</td><td>&nbsp;" & $objItem.Debug & "</td></tr>" & @CRLF
                          $dHTML &= "<tr><td>Description</td><td>&nbsp;" & $objItem.Description & "</td></tr>" & @CRLF
                          $dHTML &= "<tr><td>Distributed</td><td>&nbsp;" & $objItem.Distributed & "</td></tr>" & @CRLF
                          $dHTML &= "<tr><td>EncryptionLevel</td><td>&nbsp;" & $objItem.EncryptionLevel & "</td></tr>" & @CRLF
                          $dHTML &= "<tr><td>ForegroundApplicationBoost</td><td>&nbsp;" & $objItem.ForegroundApplicationBoost & "</td></tr>" & @CRLF
                          $dHTML &= "<tr><td>FreePhysicalMemory</td><td>&nbsp;" & $objItem.FreePhysicalMemory & "</td></tr>" & @CRLF
                          $dHTML &= "<tr><td>FreeSpaceInPagingFiles</td><td>&nbsp;" & $objItem.FreeSpaceInPagingFiles & "</td></tr>" & @CRLF
                          $dHTML &= "<tr><td>FreeVirtualMemory</td><td>&nbsp;" & $objItem.FreeVirtualMemory & "</td></tr>" & @CRLF
                          $dHTML &= "<tr><td>InstallDate</td><td>&nbsp;" & WMIDateStringToDate($objItem.InstallDate) & "</td></tr>" & @CRLF
                          $dHTML &= "<tr><td>LargeSystemCache</td><td>&nbsp;" & $objItem.LargeSystemCache & "</td></tr>" & @CRLF
                          $dHTML &= "<tr><td>LastBootUpTime</td><td>&nbsp;" & WMIDateStringToDate($objItem.LastBootUpTime) & "</td></tr>" & @CRLF
                          $dHTML &= "<tr><td>LocalDateTime</td><td>&nbsp;" & WMIDateStringToDate($objItem.LocalDateTime) & "</td></tr>" & @CRLF
                          $dHTML &= "<tr><td>Locale</td><td>&nbsp;" & $objItem.Locale & "</td></tr>" & @CRLF
                          $dHTML &= "<tr><td>Manufacturer</td><td>&nbsp;" & $objItem.Manufacturer & "</td></tr>" & @CRLF
                          $dHTML &= "<tr><td>MaxNumberOfProcesses</td><td>&nbsp;" & $objItem.MaxNumberOfProcesses & "</td></tr>" & @CRLF
                          $dHTML &= "<tr><td>MaxProcessMemorySize</td><td>&nbsp;" & $objItem.MaxProcessMemorySize & "</td></tr>" & @CRLF
                          $dHTML &= "<tr><td>Name</td><td>&nbsp;" & $objItem.Name & "</td></tr>" & @CRLF
                          $dHTML &= "<tr><td>NumberOfLicensedUsers</td><td>&nbsp;" & $objItem.NumberOfLicensedUsers & "</td></tr>" & @CRLF
                          $dHTML &= "<tr><td>NumberOfProcesses</td><td>&nbsp;" & $objItem.NumberOfProcesses & "</td></tr>" & @CRLF
                          $dHTML &= "<tr><td>NumberOfUsers</td><td>&nbsp;" & $objItem.NumberOfUsers & "</td></tr>" & @CRLF
                          $dHTML &= "<tr><td>Organization</td><td>&nbsp;" & $objItem.Organization & "</td></tr>" & @CRLF
                          $dHTML &= "<tr><td>OSLanguage</td><td>&nbsp;" & $objItem.OSLanguage & "</td></tr>" & @CRLF
                          $dHTML &= "<tr><td>OSProductSuite</td><td>&nbsp;" & $objItem.OSProductSuite & "</td></tr>" & @CRLF
                          $dHTML &= "<tr><td>OSType</td><td>&nbsp;" & $objItem.OSType & "</td></tr>" & @CRLF
                          $dHTML &= "<tr><td>OtherTypeDescription</td><td>&nbsp;" & $objItem.OtherTypeDescription & "</td></tr>" & @CRLF
                          $dHTML &= "<tr><td>PlusProductID</td><td>&nbsp;" & $objItem.PlusProductID & "</td></tr>" & @CRLF
                          $dHTML &= "<tr><td>PlusVersionNumber</td><td>&nbsp;" & $objItem.PlusVersionNumber & "</td></tr>" & @CRLF
                          $dHTML &= "<tr><td>Primary</td><td>&nbsp;" & $objItem.Primary & "</td></tr>" & @CRLF
                          $dHTML &= "<tr><td>ProductType</td><td>&nbsp;" & $objItem.ProductType & "</td></tr>" & @CRLF
                          $dHTML &= "<tr><td>QuantumLength</td><td>&nbsp;" & $objItem.QuantumLength & "</td></tr>" & @CRLF
                          $dHTML &= "<tr><td>QuantumType</td><td>&nbsp;" & $objItem.QuantumType & "</td></tr>" & @CRLF
                          $dHTML &= "<tr><td>RegisteredUser</td><td>&nbsp;" & $objItem.RegisteredUser & "</td></tr>" & @CRLF
                          $dHTML &= "<tr><td>SerialNumber</td><td>&nbsp;" & $objItem.SerialNumber & "</td></tr>" & @CRLF
                          $dHTML &= "<tr><td>ServicePackMajorVersion</td><td>&nbsp;" & $objItem.ServicePackMajorVersion & "</td></tr>" & @CRLF
                          $dHTML &= "<tr><td>ServicePackMinorVersion</td><td>&nbsp;" & $objItem.ServicePackMinorVersion & "</td></tr>" & @CRLF
                          $dHTML &= "<tr><td>SizeStoredInPagingFiles</td><td>&nbsp;" & $objItem.SizeStoredInPagingFiles & "</td></tr>" & @CRLF
                          $dHTML &= "<tr><td>Status</td><td>&nbsp;" & $objItem.Status & "</td></tr>" & @CRLF
                          $dHTML &= "<tr><td>SuiteMask</td><td>&nbsp;" & $objItem.SuiteMask & "</td></tr>" & @CRLF
                          $dHTML &= "<tr><td>SystemDevice</td><td>&nbsp;" & $objItem.SystemDevice & "</td></tr>" & @CRLF
                          $dHTML &= "<tr><td>SystemDirectory</td><td>&nbsp;" & $objItem.SystemDirectory & "</td></tr>" & @CRLF
                          $dHTML &= "<tr><td>SystemDrive</td><td>&nbsp;" & $objItem.SystemDrive & "</td></tr>" & @CRLF
                          $dHTML &= "<tr><td>TotalSwapSpaceSize</td><td>&nbsp;" & $objItem.TotalSwapSpaceSize & "</td></tr>" & @CRLF
                          $dHTML &= "<tr><td>TotalVirtualMemorySize</td><td>&nbsp;" & $objItem.TotalVirtualMemorySize & "</td></tr>" & @CRLF
                          $dHTML &= "<tr><td>TotalVisibleMemorySize</td><td>&nbsp;" & $objItem.TotalVisibleMemorySize & "</td></tr>" & @CRLF
                          $dHTML &= "<tr><td>Version</td><td>&nbsp;" & $objItem.Version & "</td></tr>" & @CRLF
                          $dHTML &= "<tr><td>WindowsDirectory</td><td>&nbsp;" & $objItem.WindowsDirectory & "</td></tr>" & @CRLF
                      Next
                  EndIf
                        EndIf
                            _IEDocWriteHTML ($oFrameMain, $dHTML)
                            _IEAction ($oFrameMain, "refresh")
                        EndIf


EndFunc

Func WM_COMMAND($hWnd, $iMsg, $iwParam, $ilParam)
    Switch _WinAPI_LoWord ($iwParam)

        Case $idMcShield
            ;MsgBox(4096,"","Starting McShield Scan.",2)
            GetActiveProc($TVtext,"DTEScanProc.exe","McShield.exe")
            ;Exit

        Case $idWorkstations
            ;MsgBox(4096,"","Starting Workstation Scan.",2)
            GetActiveWorkstations($TVtext,"WorkstationScanner.exe","WorkstationScanner.log")
            ;Exit

        Case $idMcVTPS
            GetActiveMcVTPS()

        Case $idExit
            ProcessClose("ScanMonitor1.exe")
            ProcessClose("ScanMonitor2.exe")
            ProcessClose("ScanMonitor3.exe")
            ProcessClose("ScanMonitor4.exe")
            Exit

        Case $adWorkstations
            MsgBox(4096,"Process Warning","It will take a few minutes to load all the workstation objects. "&$iwParam)
            GetActiveWorkstationsAD("WorkstationScanner.exe","WorkstationScanner.log")
        Case $adMcShield
            MsgBox(4096,"Process Warning","It will take a few minutes to load all the workstation objects. "&$iwParam)
            GetActiveMcShieldfromAD()

        Case $adMcVTPS
            MsgBox(4096,"Process Warning","It will take a few minutes to load all the workstation objects. "&$iwParam)
            GetActiveMcVTPSFromAD()

        Case $idAbout
            MsgBox(4096,"","OU Admin Workstation 1.5.",2)

    EndSwitch
    Return $GUI_RUNDEFMSG
EndFunc   ;==>WM_COMMAND


Func GetActiveMcVTPSFromAD()
    $timer = TimerInit()
    If FileExists("MCVTPS_McShield.log") Then FileDelete("MCVTPS_McShield.log")
    _AD_Open()
    $oumembers = _AD_GetObjectsInOU("OU=THR Workstations,DC=txhealth,DC=org", "(&(objectcategory=computer)(objectclass=computer))", 2, "name"); searches the OU PCs
    ;$oumembers = _AD_GetObjectsInOU($TVtext, "(&(objectcategory=computer)(objectclass=computer))", 2, "name"); searches the OU PCs
    _AD_Close()

        For $i = 1 To UBound($oumembers) - 1
            MemoWrite("Scanning"&" : "&$oumembers[$i])
            Run("MCVTPS_McShieldScanner.exe"&" "&$oumembers[$i])
            Sleep(250)
        Next

        While 1
            If ProcessExists("MCVTPS_McShieldScanner.exe") = 0 Then
                MsgBox(4096,"","MCVTPS_McShield Scan was completed in: "&int(TimerDiff($timer))/60000&" Minutes.")

                ExitLoop
            Else
                Sleep(1000)
            EndIf
        WEnd
EndFunc

Func GetActiveMcShieldfromAD()
    _AD_Open()
    $wksobjects = _AD_GetObjectsInOU("OU=THR Workstations,DC=txhealth,DC=org", "(&(objectcategory=computer)(objectclass=computer))", 2, "name"); searches the OU PCs
    _AD_Close()

    For $i = 1 To UBound($wksobjects,1) + 1
        Run("AD_McShieldScanner.exe"&" "&$wksobjects[$i])
        Sleep(250)
    Next
    While 1
            If ProcessExists("AD_McShieldScanner.exe") = 0 Then
                MsgBox(4096,"","AD_McShield Scan was completed in: "&int(TimerDiff($timer))/60000&" Minutes.")

                ExitLoop
            Else
                Sleep(1000)
            EndIf
    WEnd
Exit
EndFunc

Func GetActiveProc($TVtext,$ScanName,$Proc = "")
                $timer = TimerInit()
                $RandStart = 1
                GUICtrlSetData ($iWksList, "")

                IF ProcessExists("ScanMonitor1.exe") = 0 Then
                Run("ScanMonitor1.exe"&" "&$ScanName)
                Run("ScanMonitor2.exe"&" "&$ScanName)
                Run("ScanMonitor3.exe"&" "&$ScanName)
                Run("ScanMonitor4.exe"&" "&$ScanName)
                EndIf
                $tstoumembers = _AD_GetObjectsInOU($TVtext, "(&(objectcategory=computer)(objectclass=computer))", 2, "name"); searches the OU PCs
                IF @error Then LogMsg("Failed to get OU Members.")
                _GUICtrlStatusBar_SetText($hStatus, "Scanning: For active "&$Proc&" on:")
                IF @error Then LogMsg("Failed to update status bar.")
                        For $i = 1 To UBound($tstoumembers,1) -1
                                    _GUICtrlStatusBar_SetText($hStatus, $tstoumembers[$i]&"  "&"Complete:"&$i&"/"&$tstoumembers[0], 1)
                                    GUICtrlSetData($progress,($i/$tstoumembers[0])*100)
                                    IF @error Then LogMsg("Failed to update progress bar in status bar.")
                                    RemoteExecutePsExec($ScanName,$tstoumembers[$i],$proc = "")
                        Next
                                    MsgBox(4096,"",$Proc&"Scan was completed in: "&int(TimerDiff($timer))/1000&" Seconds.")
                                    _GUICtrlStatusBar_SetText($hStatus, "Idle:")
                                    _GUICtrlStatusBar_SetText($hStatus, "None", 1)
                                    GUICtrlSetData($progress,0)
                                    GetProcLogFile($Proc = "")
EndFunc
Func GetActiveMcVTPS()
    $timer = TimerInit()
    If FileExists("MCVTPS_McShield.log") Then FileDelete("MCVTPS_McShield.log")
    _AD_Open()
    ;$oumembers = _AD_GetObjectsInOU("OU=THR Workstations,DC=txhealth,DC=org", "(&(objectcategory=computer)(objectclass=computer))", 2, "name"); searches the OU PCs
    $oumembers = _AD_GetObjectsInOU($TVtext, "(&(objectcategory=computer)(objectclass=computer))", 2, "name"); searches the OU PCs
    _AD_Close()

    For $i = 1 To UBound($oumembers) - 1
            MemoWrite("Scanning"&" : "&$oumembers[$i])
            Run("MCVTPS_McShieldScanner.exe"&" "&$oumembers[$i])
            Sleep(150)
        Next

        While 1
            If ProcessExists("MCVTPS_McShieldScanner.exe") = 0 Then
                MsgBox(4096,"","MCVTPS_McShield Scan was completed in: "&int(TimerDiff($timer))/60000&" Minutes.")

                ExitLoop
            Else
                Sleep(1000)
            EndIf
        WEnd
EndFunc
Func GetActiveWorkstations($TVtext,$ScanName,$Proc)
                $timer = TimerInit()
                $RandStart = 1

                IF ProcessExists("ScanMonitor1.exe") = 0 Then
                Run("ScanMonitor1.exe"&" "&$ScanName)
                Run("ScanMonitor2.exe"&" "&$ScanName)
                Run("ScanMonitor3.exe"&" "&$ScanName)
                Run("ScanMonitor4.exe"&" "&$ScanName)
                EndIf
                $tstoumembers = _AD_GetObjectsInOU($TVtext, "(&(objectcategory=computer)(objectclass=computer))", 2, "name"); searches the OU PCs
                IF @error Then LogMsg("Failed to get OU Members.")
                _GUICtrlStatusBar_SetText($hStatus, "Scanning: For active "&$Proc&" on:")
                IF @error Then LogMsg("Failed to update status bar.")
                        For $i = 1 To UBound($tstoumembers,1) -1
                                    _GUICtrlStatusBar_SetText($hStatus, $tstoumembers[$i]&"  "&"Complete:"&$i&"/"&$tstoumembers[0], 1)
                                    GUICtrlSetData($progress,($i/$tstoumembers[0])*100)
                                    IF @error Then LogMsg("Failed to update progress bar in status bar.")
                                    RemoteExecutePsExec($ScanName,$tstoumembers[$i])
                        Next
                                    MsgBox(4096,"",$ScanName&"Scan was completed in: "&int(TimerDiff($timer))/1000&" Seconds.")
                                    _GUICtrlStatusBar_SetText($hStatus, "Idle:")
                                    _GUICtrlStatusBar_SetText($hStatus, "None", 1)
                                    GUICtrlSetData($progress,0)
                                    ProcessClose("ScanMonitor1.exe")
                                    ProcessClose("ScanMonitor2.exe")
                                    ProcessClose("ScanMonitor3.exe")
                                    ProcessClose("ScanMonitor4.exe")
                                    GetProcLogFile($Proc)


EndFunc
Func GetActiveWorkstationsAD($ScanName,$Proc)
                $timer = TimerInit()
                $RandStart = 1

                IF ProcessExists("ScanMonitor1.exe") = 0 Then
                Run("ScanMonitor1.exe"&" "&$ScanName)
                Run("ScanMonitor2.exe"&" "&$ScanName)
                Run("ScanMonitor3.exe"&" "&$ScanName)
                Run("ScanMonitor4.exe"&" "&$ScanName)
                EndIf
                ;$tstoumembers = _AD_GetObjectsInOU($TVtext, "(&(objectcategory=computer)(objectclass=computer))", 2, "name"); searches the OU PCs
                $tstoumembers = _AD_GetObjectsInOU("OU=THR Workstations,DC=txhealth,DC=org", "(&(objectcategory=computer)(objectclass=computer))", 2, "name"); searches the OU PCs

                IF @error Then LogMsg("Failed to get OU Members.")
                _GUICtrlStatusBar_SetText($hStatus, "Scanning: For active "&$Proc&" on:")
                IF @error Then LogMsg("Failed to update status bar.")
                        For $i = 1 To UBound($tstoumembers,1) -1
                                    _GUICtrlStatusBar_SetText($hStatus, $tstoumembers[$i]&"  "&"Complete:"&$i&"/"&$tstoumembers[0], 1)
                                    GUICtrlSetData($progress,($i/$tstoumembers[0])*100)
                                    IF @error Then LogMsg("Failed to update progress bar in status bar.")
                                    RemoteExecutePsExec($ScanName,$tstoumembers[$i])
                        Next
                                    MsgBox(4096,"",$ScanName&"Scan was completed in: "&int(TimerDiff($timer))/1000&" Seconds.")
                                    _GUICtrlStatusBar_SetText($hStatus, "Idle:")
                                    _GUICtrlStatusBar_SetText($hStatus, "None", 1)
                                    GUICtrlSetData($progress,0)
                                    ProcessClose("ScanMonitor1.exe")
                                    ProcessClose("ScanMonitor2.exe")
                                    ProcessClose("ScanMonitor3.exe")
                                    ProcessClose("ScanMonitor4.exe")
                                    GetProcLogFile($Proc)


EndFunc

Func GetProcLogFile($Proc)
                    ;Sleep(2000)
                    While 1
                        If ProcessExists("PsExec.exe") Then
                            Sleep(1000)
                        Else
                            ExitLoop
                        EndIf
                    WEnd


                    If FileExists("\OUADMINLOG\"&StringTrimRight($Proc,4)&".log") Then FileDelete("\OUADMINLOG\"&StringTrimRight($Proc,4)&".log")
                    Dim $aRecord, $aRecord2, $aRecord3, $aRecord4
                     _FileReadToArray("\\dtescan01\dtescan\"&StringTrimRight($Proc,4)&".log",$aRecord)
                     _FileReadToArray("\\dtescan02\dtescan\"&StringTrimRight($Proc,4)&".log",$aRecord2)
                     _FileReadToArray("\\dtescan03\dtescan\"&StringTrimRight($Proc,4)&".log",$aRecord3)
                     _FileReadToArray("\\dtescan04\dtescan\"&StringTrimRight($Proc,4)&".log",$aRecord4)
                     _ArrayConcatenate($aRecord,$aRecord2,1)
                     _ArrayConcatenate($aRecord,$aRecord3,1)
                     _ArrayConcatenate($aRecord,$aRecord4,1)
                     ;_ArrayConcatenate($aRecord,$aRecord4,1)
                     ;_ArrayDelete($aRecord, 0)
                     _GUICtrlStatusBar_SetText($hStatus, "Processing:")
                     For $i = 1 To UBound($aRecord)- 1
                         GUICtrlCreateListViewItem($aRecord[$i],$iWksList)
                         _GUICtrlStatusBar_SetText($hStatus, $i&" "&"Records", 1)
                     Next
                     _FileWriteFromArray("C:\OUADMINLOGS\"&StringTrimRight($Proc,4)&".log", $aRecord)
                     If FileExists("\\dtescan01\dtescan\"&StringTrimRight($Proc,4)&".log") Then FileDelete("\\dtescan01\dtescan\"&StringTrimRight($Proc,4)&".log")
                     If FileExists("\\dtescan02\dtescan\"&StringTrimRight($Proc,4)&".log") Then FileDelete("\\dtescan02\dtescan\"&StringTrimRight($Proc,4)&".log")
                     If FileExists("\\dtescan03\dtescan\"&StringTrimRight($Proc,4)&".log") Then FileDelete("\\dtescan03\dtescan\"&StringTrimRight($Proc,4)&".log")
                     If FileExists("\\dtescan04\dtescan\"&StringTrimRight($Proc,4)&".log") Then FileDelete("\\dtescan04\dtescan\"&StringTrimRight($Proc,4)&".log")


EndFunc
Func GetWorkstationLogFile()
                GUICreate("Active Workstation Status",400,400,-1,-1,$WS_VSCROLL)
                GUISetState(@SW_SHOW)
                $Onlinelist = GUICtrlCreateListView("Actice Workstations", 10, 10, 190, 380)
                $Offlinelist = GUICtrlCreateListView("Nonactive Workstations", 200, 10, 190, 380)
                $file = FileOpen("WorkstationResponse.log", 1)
                $fLines = _FileCountLines("WorkstationResponse.log")
                For $i = 1 to $fLines
                    $line = FileReadLine("WorkstationResponse.log",$i)
                    $wksdata = StringTrimLeft ($line, 21)
                    If StringInStr($line,"WorkstationResponse.log") Then
                        GUICtrlCreateListViewItem($wksdata,$Onlinelist)
                    ElseIf StringInStr($line,"WorkstationResponse.log") Then
                        GUICtrlCreateListViewItem($wksdata,$Offlinelist)
                        FileClose($file)
                    EndIf
                Next
EndFunc
Func MemoWrite($sMessage)
    GUICtrlSetData($iMemo, $sMessage & @CRLF, 1)
EndFunc   ;==>MemoWrite

Func WM_SIZE($hWnd, $iMsg, $iwParam, $ilParam)
    _GUICtrlStatusBar_Resize($hStatus)
    $fSize = True
    GUICtrlSetPos($progress2, -100, -100) ; hide the marquee off the window until the status bar part is big enough to hold it.
    Return $GUI_RUNDEFMSG
EndFunc   ;==>WM_SIZE

;If $RandStart = 4 Then RemoteExecute($ScanName, "DTESCAN04",$tstoumembers[$i],"McShield.exe")

Func RemoteExecutePsExec($ScanName,$sComputerName,$proc = "")
                        Dim $ProcessArray
                        $RandStart = $RandStart + 1
                        IF $RandStart = 1 Then $strComputer = "dtescan01"
                        IF $RandStart = 2 Then $strComputer = "dtescan02"
                        IF $RandStart = 3 Then $strComputer = "dtescan03"
                        IF $RandStart = 4 Then
                        $strComputer = "dtescan04"
                        $RandStart = 0
                        EndIf
                        Sleep(150)
                        ShellExecute("c:\SysinternalsSuite\PsExec.exe","-d \\"&$strComputer&" "&"-u texas\fleminr -p Ranger*1 wmic /node:"&$strComputer&" "&"PROCESS CALL Create"&" "&"'"&"c:\DTESCAN\"&$ScanName&" "&$sComputerName&" "&$Proc&"'","","Open",@SW_HIDE)
                        While 1
                            $sPsexec = ProcessList("PsExec.exe")
                            If $sPsexec[0][0] >= 12 then
                                Sleep(100)
                            Else
                                ExitLoop
                            EndIf

                        WEnd
EndFunc

Func RemoteAlive($ScanName, $strComputer,$sComputerName,$proc = "")
                    Dim $objWMIService, $objProcess
                    Dim $strShell, $objProgram, $strExe, $strInput
                    $strExe = "c:\dtescan\LiveScan.exe"&" "&$sComputerName&" "&$Proc
                    $objWMIService = ObjGet("winmgmts:\\" & $strComputer & "\root\CIMV2")
                    $objProcess = $objWMIService.Get("Win32_Process")
                    $objProgram = $objProcess.Methods_("Create").InParameters.SpawnInstance_
                                                            $objProgram.CommandLine = $strExe

                    ;Execute the program now at the command line.
                    $strShell = $objWMIService.ExecMethod( "Win32_Process", "Create", $objProgram)


EndFunc
Func GetCpuUtil($strComputer)
                    $wbemFlagReturnImmediately = 0x10
                    $wbemFlagForwardOnly = 0x20
                    $colItems = ""
                    ;$OutputTitle = ""
                    $Output = ""
                    ;$OutputTitle &= "Computer: " & $strComputer  & @CRLF
                    ;$OutputTitle &= "==========================================" & @CRLF
                    $objWMIService = ObjGet("winmgmts:\\" & $strComputer & "\root\CIMV2")
                    $colItems = $objWMIService.ExecQuery("SELECT * FROM Win32_Processor", "WQL", _
                                                              $wbemFlagReturnImmediately + $wbemFlagForwardOnly)

                    If IsObj($colItems) then
                       Local $Object_Flag = 0
                       For $objItem In $colItems
                          $Object_Flag = 1
                          $Output &= "LoadPercentage: " & $objItem.LoadPercentage & @CRLF
                          $Output=""
                       Next
                      ;If $Object_Flag = 0 Then Msgbox(1,"WMI Output",$OutputTitle)
                    Else
                       Msgbox(0,"WMI Output","No WMI Objects Found for class: " & "Win32_Processor" )
                    Endif
                    Return $objItem.LoadPercentage
EndFunc

Func GetProcCount($strComputer,$ScanName)
    Local $s
    ;$sComputerName = "localhost"
    $count = 1
    Local $arTasks [1]
    $wbemFlagReturnImmediately = 0x10
    $wbemFlagForwardOnly = 0x20
    $objWMIService = ObjGet("winmgmts:\\" & $strComputer & "\root\CIMV2")
    If @error Then
    ;_FileWriteLog($LogFile,$sComputerName&" , "&"Remote system did not respond.")
    Else
    $colItems = $objWMIService.ExecQuery("SELECT * FROM Win32_Process", "WQL", _
                                          $wbemFlagReturnImmediately + $wbemFlagForwardOnly)

        If IsObj($colItems) then
        Local $Object_Flag = 0
        For $objItem In $colItems
            $Object_Flag = 1
            ReDim $arTasks [$count]
            $arTasks [$count - 1] = $objItem.Caption
            $count += 1

        Next
        _ArraySort ($artasks)
        ;_ArrayDisplay($artasks)
        $proc = _ArrayFindAll($artasks,$ScanName,0,0,0,1)
        $NumProc = _ArrayMaxIndex($proc)
        ;MsgBox(1,"",$proc,.1)
        If $proc = -1 Then
            ;IF ProcessExists("OUAdminWorkstation_r22.exe") Then
                $proc = 10
                Return $NumProc
            ;Else
                ;Exit
            ;EndIf
        Else
            Return $NumProc
        EndIf
    EndIf
EndIf
EndFunc
Func LogMsg($msg)
    _FileWriteLog("c:\dtescan\ProcessDebug.log",$msg)
EndFunc
Func WMIDateStringToDate($dtmDate)
    Return (StringMid($dtmDate, 5, 2) & "/" & _
    StringMid($dtmDate, 7, 2) & "/" & StringLeft($dtmDate, 4) _
    & " " & StringMid($dtmDate, 9, 2) & ":" & StringMid($dtmDate, 11, 2) & ":" & StringMid($dtmDate,13, 2))
EndFunc
Edited by RogFleming

Share this post


Link to post
Share on other sites

Any way to get this as a rar file?

Share this post


Link to post
Share on other sites

@RogFleming

Probably a nice tool but there is an include missing like DNS.AU3 to test it :graduated:

Whitout this you will not get many responses.

Rgds

ptrex

You are correct, Looking at the include many are dupes are no longer needed. The DNS.au3 is not used in the main program just in the scanners.

#include <Misc.au3>

#include <GUIConstants.au3>

#include <GUIConstantsEx.au3>

#Include <GuiTreeView.au3>

#include <TreeviewConstants.au3>

#include <WindowsConstants.au3>

#Include <WinAPI.au3>

#include <AD.au3>

#include <IE.au3>

#include <array.au3>

#include <StaticConstants.au3>

#Include <WinAPI.au3>

#Include <GuiMenu.au3>

#Include <GuiScrollBars.au3>

#include <GuiButton.au3>

#include <GUIListBox.au3>

#Include <File.au3>

#include <GUIConstantsEx.au3>

#include <EditConstants.au3>

#Include <GuiStatusBar.au3>

#include <ProgressConstants.au3>

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!


Register a new account

Sign in

Already have an account? Sign in here.


Sign In Now
Sign in to follow this  
Followers 0