Jump to content
TheAppleFreak

WMI "ASSOCIATORS OF" query ridiculously slower when running as Administrator than when running as a standard user

Recommended Posts

TheAppleFreak

Never experienced anything like this before, so to you I come for help...

I'm in the process of rewriting my fork of JSThePatriot's excellent Computer Information library, and my current project is rewriting the User profiling function. One of the new features I've added in is gathering the list of groups a particular user profile belongs to, which uses an existing WMI object to run an "ASSOCIATORS OF" query targeting the specified domain and username. 

When I run the function under my own user account from within ISN/ScITE or compile it and run it via Windows Explorer, my test script collects the information in a fraction of a second. When I compile the script and Right Click -> "Run As Administrator," the script takes almost three and a half minutes to complete. It's literally the exact same code, but running under Administrator has a computed 6320x slowdown. Examining the script running in Process Monitor showed no activity during what I assume are these queries, which boggles my mind. 

If someone could tell me what I'm doing wrong, that'd be super awesome. Below is the code used, and below that is a log file that I generated to root out what in particular was causing the massive slowdown. It's worth mentioning that I'm currently running Windows 8.1 on this machine, under a user account that is part of both the Administrators and Users groups. 

; From CompInfoObject.au3
; =========================

#include <File.au3>
#include <Array.au3>
#include <Security.au3>

#region Global Variables and Constants
If Not(IsDeclared("$cI_CompName")) Then
    Global $cI_CompName = @ComputerName
EndIf
Global Const $cI_VersionInfo        = "00.03.08"
Global Const $cI_aName              = 0, _
             $cI_aDesc              = 4
Global  $wbemFlagReturnImmediately  = 0x10, _   ;DO NOT CHANGE
$wbemFlagForwardOnly        = 0x20              ;DO NOT CHANGE
Global  $ERR_NO_INFO                = "Array contains no information", _
        $ERR_NOT_OBJ                = "$colItems isnt an object"

Global Const $VERSION_CIO = "2.1.0.0"
#endregion Global Variables and Constants

; Test script
; ==========================

Global Const $logPath = "D:\logFile.txt"

If IsAdmin() Then 
    FileWriteLine($logPath, "============= RUNNING AS ADMINISTRATOR ============")
Else 
    FileWriteLine($logPath, "================= RUNNING AS USER =================")
EndIf
FileWriteLine($logPath, "")


FileWriteLine($logPath, "Starting user profiling...")
FileWriteLine($logPath, "")
Local $runtime = TimerInit()
Local $test = _ComputerGetUsers()
FileWriteLine($logPath, "User profiling complete after " & (TimerDiff($runtime) / 1000) & " seconds")
FileWriteLine($logPath, "")

MsgBox(0, "", "complete", 10)

; From CompInfoObject.au3

Func _ComputerGetUsers()
    Local $localSIDs[1]
    Local $i = 0, $x = 1, $sid
    
    While 1
        $sid = RegEnumKey("HKLM\Software\Microsoft\Windows NT\CurrentVersion\ProfileList", $x)
        If @error Then ExitLoop
        
        If StringInStr($sid, "S-1-5-21-") Then 
            If IsArray(_Security__LookupAccountSid($sid)) Then
                ReDim $localSIDs[$i + 1]
                $localSIDs[$i] = $sid
                
                $i += 1
            EndIf 
        EndIf
        
        $x += 1
    Wend
    
    $i = 0
    _ArraySort($localSIDs)
    
    Local $colItems, $objWMIService, $objItem, $wqlQuery
    Local $groups, $userProfile, $userProfileLoaded, $regMountPoint, $runtime
    Local $users[1] = [ObjCreate("Scripting.Dictionary")]
    
    $wqlQuery = "SELECT * FROM Win32_UserAccount"

    $objWMIService = ObjGet("winmgmts:\\" & $cI_Compname & "\root\CIMV2")
    $colItems = $objWMIService.ExecQuery($wqlQuery, "WQL", $wbemFlagReturnImmediately + $wbemFlagForwardOnly)

    If IsObj($colItems) Then
        For $objItem In $colItems
            ; Restrict users to actual users on the computer
            If _ArrayBinarySearch($localSIDs, $objItem.SID) <> -1 Then 
                FileWriteLine($logPath, "Collecting basic information for " & $objItem.Name & "...")
                $runtime = TimerInit()
                
                $regMountPoint = Null 
                $userProfileLoaded = False
                
                ReDim $users[$i + 1]
                $users[$i] = ObjCreate("Scripting.Dictionary")
                $users[$i].Add("Name", StringStripWS($objItem.Name, 3))
                $users[$i].Add("Domain", StringStripWS($objItem.Domain, 3))
                $users[$i].Add("Status", StringStripWS($objItem.Status, 3))
                $users[$i].Add("FullName", StringStripWS($objItem.FullName, 3))
                $users[$i].Add("Description", StringStripWS($objItem.Description, 3))
                $users[$i].Add("SID", StringStripWS($objItem.SID, 3))
                $users[$i].Add("Disabled", $objItem.Disabled)
                $users[$i].Add("Lockout", $objItem.Lockout)
                $users[$i].Add("PasswordChangeable", $objItem.PasswordChangeable)
                $users[$i].Add("PasswordExpires", $objItem.PasswordExpires)
                $users[$i].Add("PasswordRequired", $objItem.PasswordRequired)
                
                FileWriteLine($logPath, "Finished collecting basic information for " & $users[$i].Item("Name") & " in " & (TimerDiff($runtime) / 1000) & " seconds")
                FileWriteLine($logPath, "")
                
                ; Get user group membership
                FileWriteLine($logPath, "Collecting group information for " & $users[$i].Item("Name") & "...")
                $runtime = TimerInit()
                
                $groups = $objWMIService.ExecQuery("ASSOCIATORS OF {Win32_UserAccount.Domain='" & $objItem.Domain & "',Name='" & $objItem.Name & "'} WHERE ResultClass=Win32_Group", "WQL", $wbemFlagReturnImmediately + $wbemFlagForwardOnly)
                
                If IsObj($groups) Then 
                    Local $temp[1]
                    $x = 0
                    
                    For $group in $groups
                        ReDim $temp[$x + 1]
                        $temp[$x] = ObjCreate("Scripting.Dictionary")
                        
                        $temp[$x].Add("Name", $group.Name)
                        $temp[$x].Add("Domain", $group.Domain)
                        $temp[$x].Add("SID", $group.SID)
                        
                        $x += 1
                    Next
                    
                    $users[$i].Add("Groups", $temp)
                EndIf
                
                FileWriteLine($logPath, "Finished collecting group information for " & $users[$i].Item("Name") & " in " & (TimerDiff($runtime) / 1000) & " seconds")
                FileWriteLine($logPath, "")
                
                #cs 
                ; First, we need to mount the registry before anything else, or get the registry path if it already is
                $userProfile = $objWMIService.ExecQuery("SELECT * FROM Win32_UserProfile WHERE SID=""" & $users[$i].Item("SID") & """", "WQL", $wbemFlagReturnImmediately + $wbemFlagForwardOnly)
                
                If IsObj($userProfile) Then                 
                    For $profile in $userProfile
                        $users[$i].Add("ProfilePath", StringStripWS($profile.LocalPath, 3))
                        
                        If $profile.Loaded Then 
                            $userProfileLoaded = True 
                            $regMountPoint = "HKEY_USERS\" & $users[$i].Item("SID") & "\"
                        EndIf
                        ExitLoop
                    Next
                    
                    ; Profile isn't loaded. Load it manually. 
                    If $regMountPoint == Null Then
                        If RunWait("reg load HKU\TEMP-&" & $users[$i].Item("SID") & " " & $users[$i].Item("ProfilePath") & "\NTUSER.dat") == 0 Then 
                            MsgBox(0, "", "Loaded registry hive for " & $users[$i].Item("Name") & @CRLF, 3)
                            $regMountPoint = "HKEY_USERS\TEMP-" & $users[$i].Item("SID") & "\"
                        Else 
                            MsgBox(0, "", "Failed to load registry hive for " & $users[$i].Item("Name") & @CRLF, 3)
                        EndIf
                    EndIf
                EndIf
                
                ; Get user's mapped file shares
                ; HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\
                ; Run regex "\#\#(.+?)\#(.+?)" to get path, then read key _LabelFromReg for any custom drive label applied
                

                ; Get user's mapped printers
                ; https://support.microsoft.com/en-us/kb/102966
                
                
                ; Unload profile if it wasn't previously loaded
                If Not $userProfileLoaded And $regMountPoint <> Null Then 
                    If RunWait("reg unload " & StringRegExp($regMountPoint, "^(.*)\\$", 1)[0]) Then 
                        MsgBox(0, "", "Unloaded registry hive at " & $regMountPoint & @CRLF, 3)
                    Else 
                        MsgBox(0, "", "Error: Could not unload registry hive at " & $regMountPoint & @CRLF, 3)
                    EndIf
                EndIf
                #ce 
                
                $i += 1
            EndIf
        Next
        If $users[Ubound($users) - 1].Count < 1 Then
            ReDim $users[Ubound($users) - 1]
        EndIf
        If Ubound($users) < 1 Then
            Return SetError(1, 1, 0)
        EndIf
    Else 
        Return SetError(1, 2, 0)
    EndIf
    
    Return $users 
EndFunc

And here's the log file:

================= RUNNING AS USER =================

Starting user profiling...

Collecting basic information for Administrator...
Finished collecting basic information for Administrator in 0.000332286438607835 seconds

Collecting group information for Administrator...
Finished collecting group information for Administrator in 0.0347993066888362 seconds

Collecting basic information for <redacted>...
Finished collecting basic information for <redacted> in 0.00030855169299299 seconds

Collecting group information for <redacted>...
Finished collecting group information for <redacted> in 0.0321612217877267 seconds

User profiling complete after 0.1464664737096 seconds

============= RUNNING AS ADMINISTRATOR ============

Starting user profiling...

Collecting basic information for Administrator...
Finished collecting basic information for Administrator in 0.000270383656125874 seconds

Collecting group information for Administrator...
Finished collecting group information for Administrator in 27.3050492143158 seconds

Collecting basic information for <redacted>...
Finished collecting basic information for <redacted> in 0.000575407211257197 seconds

Collecting group information for <redacted>...
Finished collecting group information for <redacted> in 203.270754752081 seconds

User profiling complete after 230.621668475639 seconds

 

Edited by TheAppleFreak

Share this post


Link to post
Share on other sites
TheAppleFreak

Many, many thanks for that link! While I can't see the link on its own being incredibly useful, it did remind me of the existence of Win32_GroupUser, which a quick Google search for yielded a wealth of information that looks to be incredibly useful. 

Once I get to my computer, I'll do some testing to see what performance is like; hopefully this should help significantly. 

Share this post


Link to post
Share on other sites
AdamUL

Your welcome.  Glad it help.  

 

Adam

Share this post


Link to post
Share on other sites
TheAppleFreak

As an update for those who might stumble across this later on:

I haven't figured out why the Associators query runs so slowly under an Administrator account, but I did rework my queries to accomplish roughly the same task. As a warning, this method will perform more queries than you'd use otherwise, and it's likely not the fastest way to do this, but it does works properly under both a standard user and an administrator account (tested on Windows 7 and Windows 8.1).

The Win32_GroupUser class is composed of two properties, GroupComponent and PartComponent. GroupComponent is a link to the specified group, and PartComponent is a link to the specified user. Since I'm not good enough yet with my WMI-fu to just get the object at the link directly, I'm instead constructing a WMI query to find any entries that match the user I specify (identified by domain and username). Using the Win32_UserAccount object for the user I'm looking up, my query looks something like this:

Local $objGroupMaps = $objWMIService.ExecQuery("SELECT GroupComponent FROM Win32_GroupUser WHERE PartComponent=""Win32_UserAccount.Domain='" & $objItem.Domain & "',Name='" & $objItem.Name & "'""", "WQL", $wbemFlagReturnImmediately + $wbemFlagForwardOnly)

It's worth noting you can reverse this (search by GroupComponent instead of PartComponent) so you can enumerate all users in a group.

Following that, I iterate through the list of return group mappings and run a regular expression on the GroupComponent property to extract the domain and name of the group from the map string. If all you're looking for is the domain and name of the group, you can stop here, but I want to get a little more information from the group, so I run another WMI query to get that. 

For $objGroupMap in $objGroupMaps
    $aParams = StringRegExp($groupMap.GroupComponent, "^.*?(?<=Win32_Group\.)(.*?),(.*?)$", 1)
    
    ; It should return only one entry, so the name $groups probably isn't the best choice, but I
    ; iterate through it like any other object collection.
    ; If anyone has a better idea what to call this, I'm all ears
    Local $groups = $objWMIService.ExecQuery("SELECT * FROM Win32_Group WHERE " & $aParams[0] & " AND " & $aParams[1], "WQL", $wbemFlagReturnImmediately + $wbemFlagForwardOnly)
    
    If IsObj($groups) Then 
        For $group in $groups
            ...
        Next
    EndIf
Next

It's obviously not as performant as running the "ASSOCIATORS OF" query under a standard user, but execution time remains very similar when running as an administrator, which is what I want. I will admit I also had an issue with this query where on my development machine it wasn't returning the local administrator's profile information, though I think that might be an unrelated issue. Yep, completely unrelated issue.

I hope this helps somebody!

Edited by TheAppleFreak

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now

  • Similar Content

    • colombeen
      By colombeen
      Hi guys,
      I'm trying to get some information using WMI, from the Win32_EncryptableVolume class.
      I exec my query, filter out the C-drive, but when I need more info using the objects methods, I only get 1 value back and I can't seem to retrieve the other out params that should be there.
      A very minimal version of what I'm trying to do (no error checking etc, very basic). You need to start SciTE as admin or you won't see any results in the console!
      #RequireAdmin $strComputer = @ComputerName $objWMIService = ObjGet("winmgmts:{impersonationLevel=impersonate}!\\" & $strComputer & "\root\CIMV2\Security\MicrosoftVolumeEncryption") $objWMIQuery = $objWMIService.ExecQuery("SELECT * FROM Win32_EncryptableVolume WHERE DriveLetter='C:'", "WQL", 0) For $objDrive In $objWMIQuery ConsoleWrite("> " & $objDrive.GetConversionStatus() & @CRLF) ConsoleWrite("> " & $objDrive.GetConversionStatus().ConversionStatus & @CRLF) ConsoleWrite("> " & $objDrive.GetConversionStatus().EncryptionPercentage & @CRLF) Next The result from the console is : 
      > 0 > > What I'm expecting to get back is : 
      > 0 > 0 > 0 When using powershell I get this (run as admin is required!!!) : 
      PS C:\WINDOWS\system32> (Get-WmiObject -namespace "Root\cimv2\security\MicrosoftVolumeEncryption" -ClassName "Win32_Encryptablevolume" -Filter "DriveLetter='C:'").GetConversionStatus() ... ConversionStatus : 0 EncryptionFlags : 0 EncryptionPercentage : 0 ReturnValue : 0 ... All I seem to be getting is the ReturnValue when I use the method.
      I've tried this on multiple methods, always ending up with the same result
      Anyone here who has experience with this type of thing?
       
      Greetz
      colombeen
    • FrancescoDiMuro
      By FrancescoDiMuro
      Good evening everyone
      I'm working on a little project of mines, and I was trying to use WMI Object.
      The question which I don't find an answer is: 
      Once I do the query with WMI Object, something like "SELECT * FROM Win32_LogonSession", instead of specify the field of the collection returned, ( i.e. $colItems.Caption ), can I loop though each property and each value of the property, writing so one row of code only?
      Hope my question was clear enough.
      Thanks in advance.

      Best Regards.
    • ahmet
      By ahmet
      Hello,
      I am trying to make a program that will uninstall some software, provided by some form of a list. I have this
      ; Generated by AutoIt Scriptomatic June 08, 2010 ;#RequireAdmin $sPartialName="java" $wbemFlagReturnImmediately = 0x10 $wbemFlagForwardOnly = 0x20 $colItems = "" $strComputer = "localhost" ;$objWMIService = ObjGet("winmgmts:\\" & $strComputer & "\root\CIMV2") ;$objWMIService=ObjGet("winmgmts:{impersonationLevel=impersonate}!\\" & @ComputerName & "\root\cimv2") $objWMIService=ObjGet("winmgmts:{impersonationLevel=impersonate}!\\" & @ComputerName & "\root\cimv2") $colItems = $objWMIService.ExecQuery("SELECT * FROM Win32_Product", "WQL", $wbemFlagReturnImmediately + $wbemFlagForwardOnly) If IsObj($colItems) then For $objItem In $colItems If StringInStr($objItem.Name,$sPartialName)=1 Then ConsoleWrite("Full name:" & $objItem.Name & @CRLF) RunAs("USERNAME",@ComputerName,"PASSWORD",0,@ComSpec & " /c" & ' wmic product where name="Java 9.0.4 (64-bit)" call uninstall /nointeractive',"C:\WINDOWS\system32\wbem",@SW_MAXIMIZE) ;Run('wmic product where name="Java 9.0.4 (64-bit)" call uninstall /nointeractive',"",@SW_MAXIMIZE) ExitLoop EndIf Next Else Msgbox(0,"WMI Output","No WMI Objects Found for class: " & "Win32_Product" ) Endif The script above fails uninstalling software despite providing username and password for admin account. If I run script with admin rights then the software gets uninstalled.
      At the following link there is a script by JLogan3o13 but it does not either uninstall software, unless run as admin..
      Is there some way to uninstall software using wim or wimc by providing user name and password?
       
    • Bilgus
      By Bilgus
      #include <Array.Au3> ;WMI EXAMPLE Local $strComputer = "localhost" Local $sClass = "" Local $objClass Local $objWMIService = ObjGet("winmgmts:\\" & $strComputer & "\root\cimv2") ; Display all available Classes in this object _ArrayDisplay(Get_Classes($objWMIService), "AVAILABLE WMI CLASSES", "", 0, Default, "NAME") ;Split string at \n(@LF) place each into an array $sClass = "Win32_BIOS" ;<-The Class I've choosen ;Lets Try out one of the classes Local $objClass = ObjGet("winmgmts:\\" & $strComputer & "\root\cimv2:" & $sClass) ConsoleWrite($sClass & @CRLF & "------------------------------------------" & @CRLF) _ArrayDisplay(Split_Properties(Get_Properties($objClass)), $sClass & " Properties", "", 0, Default, "NAME|VALUE") ;No methods available for this one but... ConsoleWrite("Methods:" & @CRLF & @CRLF) Get_Methods($objClass) ;Lets Do it again for the network adapter Class $sProperties = "" $sClass = "Win32_NetworkAdapterConfiguration" ;<-The Class I've choosen ;Lets Try out one of the classes $objClass = ObjGet("winmgmts:\\" & $strComputer & "\root\cimv2:" & $sClass) ConsoleWrite($sClass & @CRLF & "------------------------------------------" & @CRLF) _ArrayDisplay(Split_Properties(Get_Properties($objClass)), $sClass & " Properties", "", 0, Default, "NAME|VALUE") ConsoleWrite("Methods:" & @CRLF & @CRLF) Get_Methods($objClass) Func Get_Classes($obj) ; Display all available Classes in this object If IsObj($obj) Then Local $sClasses = "" For $objClass In $obj.SubclassesOf() ;<--WMI Method $sClasses &= ($objClass.Path_.Class) & @LF ;Build a string seperated by \n(@LF) Next EndIf Return StringSplit($sClasses, @LF) EndFunc ;==>Get_Classes Func Get_Methods($objClass) Local $sResults = "" If IsObj($objClass) Then For $objMethods In $objClass.Methods_ ConsoleWrite(@TAB & $objMethods.Name & @CRLF) $sResults &= $objMethods.Name & @LF Next EndIf Return $sResults EndFunc ;==>Get_Methods Func Get_Properties($objClass) Local $sProperties = "" If IsObj($objClass) Then For $objClassProp In $objClass.Properties_() ;<-Another WMI Method For $obj In $objWMIService.ExecQuery("Select * from " & $sClass) ;<-Another WMI Method $sProperties &= $objClassProp.Name & @CR $sProperties &= Parse_Value($obj.Properties_($objClassProp.Name).Value) ;Use the Properties_ Method to call our desired property Next Next EndIf Return $sProperties EndFunc ;==>Get_Properties Func Parse_Value($vValue) Local $sRet = "" Switch StringLower(VarGetType($vValue)) Case "keyword" ; Not really sure what this one is probably NULL $sRet = Number($vValue) = 0 ? "" : Number($vValue) Case "array" $sRet = _ArrayToString($vValue, ", ") Case "string", "bool", "int32", "int64", "double", "binary" $sRet = $vValue Case "pointer" $sRet = "[PTR]:" & $vValue Case Else $sRet = "[" & VarGetType($vValue) & "]: " & $vValue EndSwitch $sRet &= @LF Return $sRet EndFunc ;==>Parse_Value Func Split_Properties($sProperties) Local $aDisp = StringSplit($sProperties, @LF) ;Split string at \n(@LF) place each into an array Local $aTmp If IsArray($aDisp) Then _ArrayColInsert($aDisp, 1) For $i = 1 To $aDisp[0][0] ; String Split stores Count in the first element by default $aTmp = StringSplit($aDisp[$i][0], @CR) ;Split string at \r(@CR) place each into an array If IsArray($aTmp) Then $aDisp[$i][0] = $aTmp[0] > 0 ? $aTmp[1] : "?" ;Check if this element exists if not make it "?" $aDisp[$i][1] = $aTmp[0] > 1 ? $aTmp[2] : " " ;Check if this element exists if not make it " " EndIf Next EndIf Return $aDisp EndFunc ;==>Split_Properties  
    • t0nZ
      By t0nZ
      This time I want to share this utility I developed to speed-up the helpdesk activity in our windows domain, used every day by my collegues.
      Our windows machines have no simple to remember name, and when a user calls it's good to quick find a set of informations about the user, the machine, the account and so on.
      In our domain every user and machine has a well made description, and many fields are completed.
      So, based on the fantastic UDF AD.au3 for active directory, I have this script that can:
      search both on user name - machine description, retrieving account name, name/surname, phone number , and for the machine the machine name, the description, the operating system.
      You can check if an account is locked, the domain group membership of an user, the expiration date of the password, you can connect via VNC (tightvnc 64bit please), you can even call the user (but this is based on a particular setup in our environment, we have another script to send commands to the desktop IPphone).
      The code:
      #Region ;**** Directives created by AutoIt3Wrapper_GUI **** #AutoIt3Wrapper_Icon=Icone\glaze\kcontrol.ico #EndRegion ;**** Directives created by AutoIt3Wrapper_GUI **** ;UMD User.Machine.Domain ; (c) NSC 2017-2018 ; V.0.3 december 2017 ; V.0.4 english translated and phone fiel added ; V.0.6 autodeploy and update ; V.0.61 support for old vnc 32bit ; V.0.65 search on machine name with radio button ; V.0.66 search on machine name added to default search, removed radio buttons ; V.0.67 radio buttons restored ; V.0.70 VNC connect with no checkbox if only 1 machine found, VNC called with vnconf file, added call functionality via DTdial key combo, user password info ; V.0.71 bugfix ; V.0.75 added ip retrieval, ping if online, reverse host lookup, added tips on every command. ; V.0.76 code cleaned ;#RequireAdmin #include <WinAPISys.au3> #include <GUIConstantsEx.au3> #include <GuiEdit.au3> #include <EditConstants.au3> #include <GUIConstantsEx.au3> #include <WindowsConstants.au3> #include <MsgBoxConstants.au3> #include "GUIListViewEx.au3" #include <Array.au3> #include <File.au3> #include <AD.au3> #include <_zip.au3> #include <Inet.au3> #Cs ------- notes ------------------ https://social.technet.microsoft.com/wiki/contents/articles/12037.active-directory-get-aduser-default-and-extended-properties.aspx https://social.technet.microsoft.com/wiki/contents/articles/12056.active-directory-get-adcomputer-default-and-extended-properties.aspx #CE Global $idListview, $id2Listview, $Icercato, $search1, $search2, $List_lines_Index, $List2_lines_Index, $trovati1, $trovatiPHONE1, $trovati2, $umdver = "V.0.76" Global $gollogcount = 0, $lastlog = "sicrlf", $cachelog = "", $guititle = "UMD - Users-Machines-Domain " & $umdver & " NSC 2017-2018", $Gollogedit, $logfile = @ScriptDir & "\UMD_", $months2NOTzip = 1 Global $geleft = 590, $getop = 15, $gewidth = 400, $geheight = 550 Global $prgname = "umd.exe", $umddir = "c:\autoit\UMD\", $sourceexepath = "\\yourpath", $toping = ("your ip to ping") ; environment related: $sourceexepath is for autodeploy/autoupdate, these operations depend on pinging $toping Global $OU1 = "OU=Users,OU=IT,DC=??,DC=???,DC=local", $OU2 = "OU=Clients,OU=IT,DC=??,DC=???,DC=local" ;domain related, the first is the domain OU (organizational unit) where to search for users, the second the OU for machines Global $only1machine = 0, $lastmachinefound = "", $only1user = 0, $lastphonefound = "" Global $idchkbox1, $idchkbox2, $idchkbox3 GuiGO() Func GuiGO() Local $guiheight = 620 ; gui height GUICreate($guititle, 1000, $guiheight, 100, 200, -1, $WS_EX_ACCEPTFILES) GUISetBkColor(0x6FA8DC) GUICtrlCreateLabel("Search on Users", 5, 1, 150, 15) CLVW() GUICtrlCreateLabel("Search on Machines", 5, 286, 150, 15) $idradio1 = GUICtrlCreateRadio("on user name / machine description", 180, 286, 200, 15) GUICtrlSetState(-1, $gui_checked) GUICtrlSetTip(-1, "search in both user name - machine description, populate both lists") $idradio2 = GUICtrlCreateRadio("only on machine name", 400, 286, 150, 15) GUICtrlSetState(-1, $gui_unchecked) GUICtrlSetTip(-1, "search only in the machine name field, populates only the list below") CLVW2() $Bcerca = GUICtrlCreateButton("Search (or enter)", 5, 570, 90, 30) GUICtrlSetTip(-1, "search the string in the yellow input box") $Block = GUICtrlCreateButton("User locked? ", 95, 570, 90, 30) GUICtrlSetTip(-1, "check if selected user account is locked, only an admin can unlock it") $Busergroups = GUICtrlCreateButton("User Groups", 185, 570, 90, 30) GUICtrlSetTip(-1, "list the domain groups for the selected user") $Buserpsw = GUICtrlCreateButton("User Password", 275, 570, 90, 30) GUICtrlSetTip(-1, "retrieve password expiration") $idchkbox2 = GUICtrlCreateCheckbox("psw extra info", 275, 600, 150, 15) GUICtrlSetFont(-1, 8, 400, 0, "consolas") GUICtrlSetState(-1, $gui_unchecked) GUICtrlSetTip(-1, "all the domain info about password") $Bcall = GUICtrlCreateButton("CALL", 495, 570, 40, 30) GUICtrlSetTip(-1, "phone CALL number") $Bvnc = GUICtrlCreateButton("VNC", 535, 570, 40, 30) GUICtrlSetFont(-1, 12, 800, 0, "consolas") GUICtrlSetTip(-1, "launch VNC, if one machine no need to check it") $idchkbox1 = GUICtrlCreateCheckbox("VNC readOnly", 495, 600, 90, 15) GUICtrlSetFont(-1, 8, 400, 0, "consolas") GUICtrlSetState(-1, $gui_unchecked) GUICtrlSetTip(-1, "launch VNC in read only mode") $Icercato = GUICtrlCreateInput("", 590, 570, 400, 30, BitOR($GUI_SS_DEFAULT_INPUT, $WS_BORDER)) GUICtrlSetBkColor(-1, 0xffff4d) GUICtrlSetFont(-1, 12, 800, 0, "consolas") GUICtrlSetColor(-1, 0x000099) GUICtrlSetTip(-1, "insert here a string to search...") $idchkbox3 = GUICtrlCreateCheckbox("ip check / nslookup", 590, 600, 150, 15) GUICtrlSetFont(-1, 8, 400, 0, "consolas") GUICtrlSetState(-1, $gui_unchecked) GUICtrlSetTip(-1, "retrieve IP, check online and performs a reverse check 'nslookup', warning can slow down operations !") GUICtrlCreateLabel("Operation LOG", 590, 1) $Gollogedit = GUICtrlCreateEdit("", $geleft, $getop, $gewidth, $geheight, BitOR($ES_AUTOVSCROLL, $ES_AUTOHSCROLL, $ES_WANTRETURN, $WS_BORDER, $WS_VSCROLL)) GUICtrlSetBkColor(-1, 0x3333ff) GUICtrlSetData(-1, "" & @CRLF) GUICtrlSetFont(-1, 9, 800, 0, "consolas") GUICtrlSetColor(-1, 0xffff4d) GUISetState(@SW_SHOW) GOLLOG("UMD " & $umdver & " STARTED") autodeploy() While 1 $nMsg = GUIGetMsg() Switch $nMsg Case $GUI_EVENT_CLOSE GOLLOG("<<<< STOP <<<<") Exit Case $Bcerca If BitAND(GUICtrlRead($idradio1), $GUI_CHECKED) = $GUI_CHECKED Then Multisearch("username-machinedescription") If BitAND(GUICtrlRead($idradio2), $GUI_CHECKED) = $GUI_CHECKED Then Multisearch("machinename-username") Case $Block lock() Case $Busergroups usergroups() Case $Buserpsw userpsw() Case $Bcall DTdialCALL() Case $Bvnc VNC() Case $Icercato If BitAND(GUICtrlRead($idradio1), $GUI_CHECKED) = $GUI_CHECKED Then Multisearch("username-machinedescription") If BitAND(GUICtrlRead($idradio2), $GUI_CHECKED) = $GUI_CHECKED Then Multisearch("machinename-username") EndSwitch WEnd EndFunc ;==>GuiGO Func userpsw() _AD_Open() Local $checked_List = _GUIListViewEx_ReturnArray($List_lines_Index, 1) If Not @error Then For $i = 0 To UBound($checked_List) - 1 If $checked_List[$i] = "true" Then GOLLOG("PSW info for " & $trovati1[$i + 1]) Local $arrayuserpsw = _AD_GetPasswordInfo($trovati1[$i + 1]) If BitAND(GUICtrlRead($idchkbox2), $GUI_CHECKED) = $GUI_CHECKED Then Local $arraydesk[13] = [" ", "max psw age:", "min psw age:", "n° enforced psw:", "min lenght:", "lock duration:", "lock attempts:", "lock reset", "psw last changed:", "psw expires on:", "UTC last changed:", "UTC expires on:", "psw properties:"] For $i = 1 To UBound($arrayuserpsw) - 1 GOLLOG($arraydesk[$i] & " " & $arrayuserpsw[$i]) Next Else GOLLOG("Password expires on: " & $arrayuserpsw[9]) EndIf EndIf Next Else MsgBox(0, "nothing selected", "Empty Check Array") EndIf _AD_Close() EndFunc ;==>userpsw Func usergroups() _AD_Open() Local $checked_List = _GUIListViewEx_ReturnArray($List_lines_Index, 1) If Not @error Then For $i = 0 To UBound($checked_List) - 1 If $checked_List[$i] = "true" Then GOLLOG("Query groups of " & $trovati1[$i + 1]) Local $arrayusergroups = _AD_GetUserGroups($trovati1[$i + 1], False) _ArrayDisplay($arrayusergroups) EndIf Next Else MsgBox(0, "nothing selected", "Empty Check Array") EndIf _AD_Close() EndFunc ;==>usergroups Func VNCcall($machine) IniWrite("C:\autoit\UMD\vncconf.vnc", "connection", "host", $machine) If BitAND(GUICtrlRead($idchkbox1), $GUI_CHECKED) = $GUI_CHECKED Then IniWrite("C:\autoit\UMD\vncconf.vnc", "options", "viewonly", "1") Else IniWrite("C:\autoit\UMD\vncconf.vnc", "options", "viewonly", "0") EndIf Run("c:\program files\tightvnc\tvnviewer.exe -optionsfile=C:\autoit\UMD\vncconf.vnc -password=apollo") EndFunc ;==>VNCcall Func VNC() If $only1machine = 1 Then GOLLOG("VNC to :" & $lastmachinefound) VNCcall($lastmachinefound) Else Local $checked_List = _GUIListViewEx_ReturnArray($List2_lines_Index, 1) If Not @error Then For $i = 0 To UBound($checked_List) - 1 If $checked_List[$i] = "true" Then GOLLOG("connecting to :" & $trovati2[$i + 1]) VNCcall($trovati2[$i + 1]) EndIf Next Else MsgBox(0, "multiple machines and nothing selected", "Empty Check Array") EndIf EndIf EndFunc ;==>VNC Func CALLnow($number2call) ; Create a subGUI Local $callGUI = GUICreate("calling", 200, 40) Local $callinput = GUICtrlCreateInput($number2call, 10, 5, 180, 20) GUISetState(@SW_SHOW, $callGUI) GUICtrlSetState($callinput, $GUI_FOCUS) Sleep(500) Send("+{END}") Sleep(200) If @OSVersion = "WIN_8" Or @OSVersion = "WIN_81" Or @OSVersion = "WIN_10" Then Send("{LWINdown}<") Else Send("{LWINdown}z") EndIf Sleep(100) Send("{LWINup}") Sleep(1000) ; Delete the previous subGUI GUIDelete($callGUI) EndFunc ;==>CALLnow Func DTdialCALL() If ProcessExists("dtdial.exe") Then If $only1user = 1 Then GOLLOG("to call :" & $lastphonefound) Local $number2call = InputBox("UMD calling", "modify the number", $lastphonefound) CALLnow($number2call) Else Local $checked_List = _GUIListViewEx_ReturnArray($List_lines_Index, 1) If Not @error Then For $i = 0 To UBound($checked_List) - 1 If $checked_List[$i] = "true" Then GOLLOG("call selected :" & $trovatiPHONE1[$i + 1]) Local $number2call = InputBox("UMD calling", "modify the number", $trovatiPHONE1[$i + 1]) If $number2call = "" Then GOLLOG("nothing to call") Else CALLnow($number2call) EndIf EndIf Next Else MsgBox(0, "multiple machines and nothing selected", "Empty Check Array") EndIf EndIf Else GOLLOG("*** call function") GOLLOG("*** not available") GOLLOG("*** outside DT phone system") EndIf EndFunc ;==>DTdialCALL Func lock() _AD_Open() Local $checked_List = _GUIListViewEx_ReturnArray($List_lines_Index, 1) If Not @error Then For $i = 0 To UBound($checked_List) - 1 If $checked_List[$i] = "true" Then If _AD_IsObjectLocked($trovati1[$i + 1]) = 1 Then GOLLOG($trovati1[$i + 1]) GOLLOG("account is LOCKED !") If MsgBox(36, "Unlock ?", "Do you want to unlock account " & $trovati1[$i + 1] & " ?") = $idyes Then If _AD_UnlockObject($trovati1[$i + 1]) = 0 Then GOLLOG("error " & @error) Else GOLLOG("Unlock DONE !") EndIf Else GOLLOG("not unlocked...") EndIf Else GOLLOG($trovati1[$i + 1]) GOLLOG("account is UNlocked.") EndIf EndIf Next Else MsgBox(0, "nothing selected", "Empty Check Array") EndIf _AD_Close() EndFunc ;==>lock Func Multisearch($searchtype) GOLLOG("_____Load domain data_____") renewlistview() Local $cercato = GUICtrlRead($Icercato) Local $List_lines = '', $List2_lines = '', $string2search = '' $trovatiPHONE1 = 0 Dim $trovati1[1] = ["zero"] Dim $trovatiPHONE1[1] Dim $trovati2[1] = ["zero"] _AD_Open() GOLLOG("Searched for " & $cercato) If $searchtype = "username-machinedescription" Then $search1 = _AD_GetObjectsInOu($OU1, "", 2, "SamAccountName,name,ipphone,telephonenumber") If @error = 0 Then Local $conta1 = 0 Local $conta1trovati = 0 $string2search = '' While $search1[0][0] > $conta1 $conta1 += 1 If StringInStr($search1[$conta1][0], $cercato) <> 0 Then $List_lines = $search1[$conta1][0] & "|" & $search1[$conta1][1] & "|" & $search1[$conta1][2] & " " & $search1[$conta1][3] $lastphonefound = $search1[$conta1][2] & " " & $search1[$conta1][3] ; to save last machine found GUICtrlCreateListViewItem($List_lines, $idListview) _ArrayAdd($trovati1, $search1[$conta1][0]) _ArrayAdd($trovatiPHONE1, $search1[$conta1][2] & " " & $search1[$conta1][3]) $conta1trovati += 1 EndIf WEnd ; Initiate LVEx - use filling array - no count parameter - default insert mark colour (black) - drag image - sortable + not select all text + editable headers $List_lines_Index = _GUIListViewEx_Init($idListview, $List_lines, 0, 0, True, 1 + 2 + 8) GOLLOG("checked n° " & $conta1 & " users") GOLLOG("Found n° " & $conta1trovati & " users") If $conta1trovati = 1 Then $only1user = 1 Else $only1user = 0 EndIf Else GOLLOG("error in user search " & @error) EndIf $search2 = _AD_GetObjectsInOu($OU2, "", 2, "name,description,operatingSystem") ;search in machines If @error = 0 Then Local $conta2 = 0 Local $conta2trovati = 0 $string2search = '' While $search2[0][0] > $conta2 $conta2 += 1 If StringInStr($search2[$conta2][1], $cercato) <> 0 Or StringInStr($search2[$conta2][0], $cercato) <> 0 Then $List2_lines = $search2[$conta2][0] & "|" & $search2[$conta2][1] & "|" & $search2[$conta2][2] $lastmachinefound = $search2[$conta2][0] ; to save last machine found GUICtrlCreateListViewItem($List2_lines, $id2Listview) If BitAND(GUICtrlRead($idchkbox3), $GUI_CHECKED) = $GUI_CHECKED Then ; V.0.75 IPrelated($search2[$conta2][0]) EndIf _ArrayAdd($trovati2, $search2[$conta2][0]) $conta2trovati += 1 EndIf WEnd ; Initiate LVEx - use filling array - no count parameter - default insert mark colour (black) - drag image - sortable + not select all text + editable headers $List2_lines_Index = _GUIListViewEx_Init($id2Listview, $List2_lines, 0, 0, True, 1 + 2 + 8) GOLLOG("Checked n° " & $conta2 & " machines") GOLLOG("Found n° " & $conta2trovati & " machines") If $conta2trovati = 1 Then $only1machine = 1 Else $only1machine = 0 EndIf Else GOLLOG("error in machines search " & @error) EndIf EndIf ; second searchtype----------------------------------------------------------------------_-_--------------------------- If $searchtype = "machinename-username" Then $search2 = _AD_GetObjectsInOu($OU2, "", 2, "name,description,operatingSystem") ;search in machines If @error = 0 Then Local $conta2 = 0 Local $conta2trovati = 0 $string2search = '' While $search2[0][0] > $conta2 $conta2 += 1 If StringInStr($search2[$conta2][0], $cercato) <> 0 Then $List2_lines = $search2[$conta2][0] & "|" & $search2[$conta2][1] & "|" & $search2[$conta2][2] GUICtrlCreateListViewItem($List2_lines, $id2Listview) If BitAND(GUICtrlRead($idchkbox3), $GUI_CHECKED) = $GUI_CHECKED Then ; V.0.75 IPrelated($search2[$conta2][0]) EndIf _ArrayAdd($trovati2, $search2[$conta2][0]) $conta2trovati += 1 EndIf WEnd ; Initiate LVEx - use filling array - no count parameter - default insert mark colour (black) - drag image - sortable + not select all text + editable headers $List2_lines_Index = _GUIListViewEx_Init($id2Listview, $List2_lines, 0, 0, True, 1 + 2 + 8) GOLLOG("Checked n° " & $conta2 & " machines") GOLLOG("Found n° " & $conta2trovati & " machines") Else GOLLOG("error in machines search " & @error) EndIf EndIf _AD_Close() EndFunc ;==>Multisearch Func IPrelated($pinghost) Local $sIPAddress = "" Local $shostname = "" Local $pcping = Ping($pinghost) If $pcping = 0 Then Select Case @error = 1 Local $errorping = "host is offline" Case @error = 2 Local $errorping = "host is unreachable" Case @error = 3 Local $errorping = "bad destination" Case @error = 4 Local $errorping = "not found for other errors" EndSelect GOLLOG($pinghost & " " & $errorping) Else GOLLOG($pinghost & " ping in " & $pcping & " ms") ; Start the TCP service. TCPStartup() $sIPAddress = TCPNameToIP($pinghost) $shostname = _TCPIpToName($sIPAddress, 0) TCPShutdown() ; Close the TCP service. GOLLOG("IP address is: " & $sIPAddress) GOLLOG("reverse lookup:" & $shostname) EndIf EndFunc ;==>IPrelated Func autodeploy() ; pensato per la prima installazione e update Local $TipDT = Ping($toping) Local $ntest = 1 While $TipDT = 0 And $ntest < 3 Sleep(200) $TipDT = Ping($toping) $ntest += 1 WEnd If $TipDT = 0 Then GOLLOG("unable to check updates") Else If Not FileExists($umddir) Then GOLLOG("Procedo con Autodeploy") If DirCreate($umddir) Then GOLLOG("-> creata cartella " & $umddir) Else GOLLOG("-> problema ! non creata cartella " & $umddir) EndIf GOLLOG("posiziono eseguibile in " & $umddir) FileCopy(@ScriptDir & "\umd.exe", $umddir & "umd.exe", 1) If Not FileExists(@DesktopDir & "\umd.lnk") Then GOLLOG("desktop link creation...") FileCreateShortcut($umddir & "\" & $prgname, @DesktopDir & "\umd.lnk") EndIf GOLLOG("posiziono VNConf in " & $umddir) FileCopy($sourceexepath & "\vncconf.vnc", $umddir & "\" & "vncconf.vnc", 1) GOLLOG("AutoDeploy completato") ; ora devo spegnere e riavviare quello in \cpa_da Local $sCmdFile ; phoenix modificata NON è quella standard di autoupdate FileDelete(@TempDir & "\phoenix.bat") $sCmdFile = 'ping 127.0.0.1 -n 2 > NUL' & @CRLF _ & ':loop' & @CRLF _ & 'if exist "' & @ScriptFullPath & '" goto loop' & @CRLF _ & 'start c:\autoit\umd\umd.exe' & @CRLF _ & 'del %0' FileWrite(@TempDir & "\phoenix.bat", $sCmdFile) GOLLOG("program is closing, see ya in deployed version...") Sleep(1000) Run(@TempDir & "\phoenix.bat", @TempDir, @SW_HIDE) Exit ; exit and real update EndIf Local $currtime = FileGetTime(@ScriptDir & "\" & $prgname, $FT_MODIFIED, 1) Local $newtime = FileGetTime($sourceexepath & "\" & $prgname, $FT_MODIFIED, 1) If $newtime > $currtime Then GOLLOG("update available!") If Not FileExists(@DesktopDir & "\umd.lnk") Then GOLLOG("desktop link creation...") FileCreateShortcut($umddir & "\" & $prgname, @DesktopDir & "\umd.lnk") EndIf Local $sCmdFile GOLLOG("posiziono VNConf in " & $umddir) FileCopy($sourceexepath & "\vncconf.vnc", $umddir & "\" & "vncconf.vnc", 1) FileDelete(@TempDir & "\phoenix.bat") $sCmdFile = 'ping 127.0.0.1 -n 2 > NUL' & @CRLF _ & ':loop' & @CRLF _ & 'del "' & @ScriptFullPath & '"' & @CRLF _ & 'if exist "' & @ScriptFullPath & '" goto loop' & @CRLF _ & 'copy "' & $sourceexepath & '"\"' & $prgname & '" "' & @ScriptFullPath & @CRLF _ & 'start ' & @ScriptFullPath & @CRLF _ & 'del %0' FileWrite(@TempDir & "\phoenix.bat", $sCmdFile) GOLLOG("program is closing, see ya in next version..") Sleep(1000) Run(@TempDir & "\phoenix.bat", @TempDir, @SW_HIDE) Exit ; exit and real update Else GOLLOG("UMD already updated") EndIf EndIf EndFunc ;==>autodeploy Func renewlistview() ; cancella e ricrea GUICtrlDelete($idListview) GUICtrlDelete($id2Listview) CLVW() CLVW2() EndFunc ;==>renewlistview Func CLVW() ;crea listview utenti $idListview = GUICtrlCreateListView("SamAccountName|Name|phone", 5, 15, 570, 265, $LVS_SHOWSELALWAYS) _GUICtrlListView_SetExtendedListViewStyle($idListview, BitOR($LVS_EX_FULLROWSELECT, $LVS_EX_CHECKBOXES)) _GUICtrlListView_SetColumnWidth($idListview, 0, 175) _GUICtrlListView_SetColumnWidth($idListview, 1, 175) _GUICtrlListView_SetColumnWidth($idListview, 2, 150) GUICtrlSetFont(-1, 9, 800, 0, "consolas") EndFunc ;==>CLVW Func CLVW2() ;crea listview macchine $id2Listview = GUICtrlCreateListView("Name|Description|Operating System", 5, 300, 570, 265, $LVS_SHOWSELALWAYS) _GUICtrlListView_SetExtendedListViewStyle($id2Listview, BitOR($LVS_EX_FULLROWSELECT, $LVS_EX_CHECKBOXES)) _GUICtrlListView_SetColumnWidth($id2Listview, 0, 120) _GUICtrlListView_SetColumnWidth($id2Listview, 1, 180) _GUICtrlListView_SetColumnWidth($id2Listview, 2, 230) GUICtrlSetFont(-1, 9, 800, 0, "consolas") EndFunc ;==>CLVW2 Func GOLLOG($logtext) ; Gollog V.2.3 gestione CRLF si o no ; gestione a capo automatico oltre i xx caratteri; gestione pulitura ogni totmila char Perla pearl ; basta aggiungere |nocrlf50 a fine stringa, dove 50 sono gli xx caratteri, conta la prima riga dove si supera quel limite. ; to declare $gollogcount = 0,$lastlog="sicrlf",$cachelog="",$guititle = "nomegui",$Gollogedit,$logfile = @ScriptDir & "\GOLLOG_LOG_", $months2NOTzip = 3 ; e anche le misure dell'edit: $geleft = 32, $getop = 32, $gewidth = 553, $geheight = 377 ; #include <File.au3> #include <GuiEdit.au3> #include <_zip.au3> ; to insert FUNCs: GOLLOG CLEANEDIT GOLzipZIP $gollogcount += StringLen($logtext) Local $logfiletimerange = @YEAR & @MON Local $linelimit = StringRight($logtext, 2) If StringRight($logtext, 9) = "|nocrlf" & $linelimit Then $logtext = StringTrimRight($logtext, 9) Local $acapo = "no" Else Local $acapo = "si" $gollogcount += 4 If $gollogcount > 13000 Then Sleep(3000) cleanedit() $gollogcount = 0 EndIf EndIf If $acapo = "no" And (StringLen($cachelog) <= $linelimit) Then ;pearl perla non a capo se If $lastlog = "nocrlf" Then If WinExists($guititle) Then ; per non scrivere in gui se questa non esiste _GUICtrlEdit_AppendText($Gollogedit, $logtext) EndIf Else If WinExists($guititle) Then ; per non scrivere in gui se questa non esiste _GUICtrlEdit_AppendText($Gollogedit, @MDAY & "/" & @MON & "_" & @HOUR & ":" & @MIN & " " & $logtext) EndIf EndIf $cachelog = $cachelog & $logtext $lastlog = "nocrlf" Else If $lastlog = "nocrlf" Then If WinExists($guititle) Then ; per non scrivere in gui se questa non esiste _GUICtrlEdit_AppendText($Gollogedit, $logtext & @CRLF) EndIf $cachelog = $cachelog & $logtext _FileWriteLog($logfile & $logfiletimerange & ".txt", $cachelog) $cachelog = "" Else If WinExists($guititle) Then ; per non scrivere in gui se questa non esiste _GUICtrlEdit_AppendText($Gollogedit, @MDAY & "/" & @MON & "_" & @HOUR & ":" & @MIN & " " & $logtext & @CRLF) EndIf _FileWriteLog($logfile & $logfiletimerange & ".txt", $logtext) EndIf $lastlog = "sicrlf" EndIf EndFunc ;==>GOLLOG Func cleanedit() ; cleaning of edit every n° lines (in program put if $nlines > xlines then this function) GUICtrlDelete($Gollogedit) $Gollogedit = GUICtrlCreateEdit("", $geleft, $getop, $gewidth, $geheight) ;, BitOR($ES_AUTOVSCROLL, $ES_AUTOHSCROLL, $ES_WANTRETURN, $WS_BORDER)) GUICtrlSetData(-1, "" & @CRLF) GUICtrlSetFont(-1, 9, 800, 0, "consolas") GUICtrlSetColor(-1, 0xffff4d) GUICtrlSetBkColor(-1, 0x3333ff) GUICtrlSetCursor(-1, 3) EndFunc ;==>cleanedit Func GOLzipLOG($months2NOTzip) ; zipping old log leaving unzipped only n months GOLLOG("Starting old logs zipping..") ; path extraction zone Local $logfiletimerange = @YEAR & @MON Local $sDrive = "", $sDir = "", $sFileName = "", $sExtension = "" Local $arraylogpath = _PathSplit($logfile & $logfiletimerange & ".txt", $sDrive, $sDir, $sFileName, $sExtension) Local $logpath = $arraylogpath[1] & $arraylogpath[2] Local $hSearch = FileFindFirstFile($logfile & "*.txt") ; searching for logs Local $logconta = 0 While 1 ; single file processing cycle Local $sFileName = FileFindNextFile($hSearch) ; If there is no more file matching the search. If @error Then ExitLoop Local $stringtime = StringTrimRight(StringRight($sFileName, 10), 4) ;obtaining year-month like 201609 If $logfiletimerange - $stringtime > $months2NOTzip Then ;zipping If Not FileExists($logfile & ".zip") Then If Not _Zip_Create($logfile & ".zip", 1) Then GOLLOG("Error " & @error & " creating " & $logfile & ".zip") Else GOLLOG("Created new log archive: " & $logfile & ".zip") EndIf Else GOLLOG("adding to archive: " & $logfile & ".zip") EndIf If Not _zip_additem($logfile & ".zip", $logpath & $sFileName) Then GOLLOG("Error " & @error & " zipping: " & $logpath & $sFileName) Else GOLLOG("Added: " & $logpath & $sFileName) $logconta += 1 If Not FileDelete($logpath & $sFileName) Then GOLLOG("ERROR - Unable to DELETE log file " & $logpath & $sFileName) EndIf EndIf EndIf WEnd GOLLOG("Finished = " & $logconta & " log files zipped") EndFunc ;==>GOLzipLOG The minimum for make it work in your domain  (no admin rights required, no writing on domain performed) is to modify these globals:
      Global $prgname = "umd.exe", $umddir = "c:\autoit\UMD\", $sourceexepath = "\\the .exe path for autodeploy", $toping = ("ip to ping") ; environment related: $sourceexepath is for autodeploy/autoupdate, these operations depend on pinging $toping
      Global $OU1 = "OU=Users,OU=IT,DC=??,DC=???,DC=local", $OU2 = "OU=Clients,OU=IT,DC=??,DC=???,DC=local" ;domain related, the first is the domain OU (organizational unit) where to search for users, the second the OU for machines.
      You have to recompile modifying at minimum $toping with a NON pingable IP (to disable auto deploy - update) and certainly the domain OU for your users and machines.
      The vncconf.vnc is to be modified with the standard (I hope for you..) VNC password in your company, OR you can remove the line and VNC will request the psw every time.
      After, Just copy the executable and the other file (vncconf.vnc) in a folder in your PC and try it.
      The autodeploy/update feature work in this way: if the script can ping $toping value, then pick the executable from $sourceexepath, and perform
      "installation" (link and copying .exe, no win register involved) or updating.
      Let me know your experience..

      vncconf.vnc
      UMD.au3
×