Sign in to follow this  
Followers 0
title1admin

WhereRu? - Find Users VBS Active Directory Script Help

3 posts in this topic

This cool VBA script will give you the current users logged into a computer and the time they logged into the computer......

Can specify a single computer or an entire domain (runs in a few minutes...) I am having trouble converting it to AutoIT..

The VBS script works as advertized but in the conversion to AUTOIT the functions need a re-write in syntax which I have no clue...)

My goal is to create a standalone exe based on the script which will poll active directory on a regular scheduled interval populate the results sorted by IP range to a status web page. (I may even include the autoit webserver in the exe later)

I need some advice on function conversion and to get this auto it script working as advertised....

WhereRU.vbs

'Have this script I found on the net...
'Script by MJP 2006
'Reports which users are logged into a computer
'or
'Reports which users are logged into all domain computers
'Run it from command line like such:-
'cscript WhereRU.vbs PC001 >UsersLoggedIn.csv
'or
'cscript WhereRU.vbs >UsersLoggedIn.csv

'Check if a "Computer Name" cmd line variable was passed to script
On Error Resume next
strComputer=WScript.Arguments.Item(0)
On Error Goto 0
If strComputer="" Then 
' No specific computer was specified, proceed to query all computers in domain
Else
strPingStatus = PingStatus(strComputer)
If strPingStatus = "Success" Then
 QPO 'Run Query Process Owner function
 Else
 WScript.Echo strComputer & ",Failed ping with: " & strPingStatus
End If
WScript.quit    
End If

' Enumerate All Computer Accounts in Active Directory
Const ADS_SCOPE_SUBTREE = 2
Set objConnection = CreateObject("ADODB.Connection")
Set objCommand =   CreateObject("ADODB.Command")
objConnection.Provider = "ADsDSOObject"
objConnection.Open "Active Directory Provider"
Set objCOmmand.ActiveConnection = objConnection
objCommand.CommandText = _
   "Select Name, Location from 'LDAP://DC=somedomain,DC=com' " _
       & "Where objectClass='computer'"  
objCommand.Properties("Page Size") = 1000
objCommand.Properties("Searchscope") = ADS_SCOPE_SUBTREE 
Set objRecordSet = objCommand.Execute
objRecordSet.MoveFirst
Do Until objRecordSet.EOF
   strComputer = objRecordSet.Fields("Name").Value
   objRecordSet.MoveNext

 'Check if computer account is obsolite
If obsoliteness(strComputer) =0 Then

'check computer is on and echo "logged in user" or "ping failure status"
strPingStatus = PingStatus(strComputer)
If strPingStatus = "Success" Then
    QPO 'Run Query Process Owner function
Else
    WScript.Echo strComputer & ",Failed ping with: " & strPingStatus &","&time
End If

Else
WScript.Echo strComputer & ",Identified as an obsolite machine account,"&time
End If
Loop
WScript.Quit

'---------------------------------------
'My obsoliteness function
function obsoliteness(var)
Set myRegExp = New RegExp
myRegExp.IgnoreCase = True
myRegExp.Pattern = "(^XC00)|(^RC00)|(^QC00)|(^PC00)|(^OC00)|(^JC00)|(^HC00)|(^FC00)|(^EC00)|(^DC00)|(^CC)|(^C00)"
obsoliteness = myRegExp.test(var)
end function
'---------------------------------------
'Query Process Owner function
Function QPO 
On Error Resume next   
Set objWMIService = GetObject("winmgmts:" _
   & "{impersonationLevel=impersonate}!\\" _
   & strComputer & "\root\cimv2")
Set colProcessList = objWMIService.ExecQuery _
   ("Select * from Win32_Process Where Name = 'explorer.exe'")
For Each objProcess in colProcessList
   objProcess.GetOwner strUserName, strUserDomain 
   Wscript.Echo strComputer &",Is logged into by "&strUserDomain & "\" & strUserName &","&time
Next
End Function
'---------------------------------------
'Ping Status function
Function PingStatus(strComputer)
   On Error Resume Next
   strWorkstation = "."
   Set objWMIService = GetObject("winmgmts:" _
     & "{impersonationLevel=impersonate}!\\" & strWorkstation & "\root\cimv2")
   Set colPings = objWMIService.ExecQuery _
     ("SELECT * FROM Win32_PingStatus WHERE Address = '" & strComputer & "'")
   For Each objPing in colPings
       Select Case objPing.StatusCode
           Case 0 PingStatus = "Success"
           Case 11001 PingStatus = "Status code 11001 - Buffer Too Small"
           Case 11002 PingStatus = "Status code 11002 - Destination Net Unreachable"
           Case 11003 PingStatus = "Status code 11003 - Destination Host Unreachable"
           Case 11004 PingStatus = _
             "Status code 11004 - Destination Protocol Unreachable"
           Case 11005 PingStatus = "Status code 11005 - Destination Port Unreachable"
           Case 11006 PingStatus = "Status code 11006 - No Resources"
           Case 11007 PingStatus = "Status code 11007 - Bad Option"
           Case 11008 PingStatus = "Status code 11008 - Hardware Error"
           Case 11009 PingStatus = "Status code 11009 - Packet Too Big"
           Case 11010 PingStatus = "Status code 11010 - Request Timed Out"
           Case 11011 PingStatus = "Status code 11011 - Bad Request"
           Case 11012 PingStatus = "Status code 11012 - Bad Route"
           Case 11013 PingStatus = "Status code 11013 - TimeToLive Expired Transit"
           Case 11014 PingStatus = _
             "Status code 11014 - TimeToLive Expired Reassembly"
           Case 11015 PingStatus = "Status code 11015 - Parameter Problem"
           Case 11016 PingStatus = "Status code 11016 - Source Quench"
           Case 11017 PingStatus = "Status code 11017 - Option Too Big"
           Case 11018 PingStatus = "Status code 11018 - Bad Destination"
           Case 11032 PingStatus = "Status code 11032 - Negotiating IPSEC"
           Case 11050 PingStatus = "Status code 11050 - General Failure"
           Case Else PingStatus = "Status code " & objPing.StatusCode & _
              " - Unable to determine cause of failure."
       End Select
   Next
on error goto 0
End Function

CONVERTED SCRIPT

$strComputer =''
$strPingStatus =''
$objConnection =''
$objCommand =''
$objRecordSet =''

#include <bk-logfile.au3>

;Check if a "Computer Name" cmd line variable was passed to script
;VA On Error Resume next
$strComputer=$CmdLine.Item(0)
;VA On Error Goto 0
If $strComputer="" Then 
; No specific computer was specified, proceed to query all computers in domain
Else
$strPingStatus = PingStatus($strComputer)
If $strPingStatus = "Success" Then
 QPO ();Run Query Process Owner function
 Else
 _WriteLog ($strComputer & ",Failed ping with: " & $strPingStatus)
EndIf
;VA WScript.quit    
EndIf

; Enumerate All Computer Accounts in Active Directory
Const $ADS_SCOPE_SUBTREE = 2
 $objConnection = ObjCreate("ADODB.Connection")
 $objCommand =   ObjCreate("ADODB.Command")
$objConnection.Provider = "ADsDSOObject"
$objConnection.Open ("Active Directory Provider")
 $objCommand.ActiveConnection = $objConnection
$objCommand.CommandText = _
   "Select Name, Location from 'LDAP://DC=somedomain,DC=com' " _
       & "Where objectClass='computer'"  
$objCommand.Properties("Page Size") = 1000
$objCommand.Properties("Searchscope") = $ADS_SCOPE_SUBTREE 
 $objRecordSet = $objCommand.Execute
$objRecordSet.MoveFirst()

Do
$strComputer = $objRecordSet.Fields("Name").Value
   $objRecordSet.MoveNext()
Until $objRecordSet.EOF()
   
;Check if computer account is obsolite
If obsoliteness($strComputer) =0 Then

;check computer is on and echo "logged in user" or "ping failure status"
$strPingStatus = PingStatus($strComputer)
If $strPingStatus = "Success" Then
    QPO ();Run Query Process Owner function
Else
    _WriteLog ($strComputer & ",Failed ping with: " & $strPingStatus &","&time)
EndIf

Else
_WriteLog ($strComputer & ",Identified as an obsolite machine account,"&time)
EndIf
Loop
;VA WScript.Quit

;---------------------------------------
;My obsoliteness function()
Func obsoliteness($var)
    Local $Return
 $myRegExp = $New $RegExp
$myRegExp.IgnoreCase = 1
$myRegExp.Pattern = "(^XC00)|(^RC00)|(^QC00)|(^PC00)|(^OC00)|(^JC00)|(^HC00)|(^FC00)|(^EC00)|(^DC00)|(^CC)|(^C00)"
$Return = $myRegExp.test($var)
    Return $Return
EndFunc
;---------------------------------------
;Query Process Owner function
Func QPO()
;VA On Error Resume next   
 $objWMIService = ObjGet("winmgmts:" _
   & "{impersonationLevel=impersonate}!\\" _
   & $strComputer & "\root\cimv2")
 $colProcessList = $objWMIService.ExecQuery _
   ("Select * from Win32_Process Where Name = 'explorer.exe'")
For $objProcess in $colProcessList
   $objProcess.GetOwner ($strUserName, $strUserDomain )
   _WriteLog ($strComputer &",Is logged into by "&strUserDomain & "\" & $strUserName &","&time)
Next
EndFunc
;---------------------------------------
;Ping Status function
Func PingStatus($strComputer)
    Local $Return
;VA On Error Resume Next
   $strWorkstation = "."
    $objWMIService = ObjGet("winmgmts:" _
     & "{impersonationLevel=impersonate}!\\" & $strWorkstation & "\root\cimv2")
    $colPings = $objWMIService.ExecQuery _
     ("SELECT * FROM Win32_PingStatus WHERE Address = '" & $strComputer & "'")
   For $objPing in $colPings
       Select 
           Case $objPing.StatusCode()=0 $Return = "Success"
           Case $objPing.StatusCode()=11001 $Return = "Status code 11001 - Buffer Too Small"
           Case $objPing.StatusCode()=11002 $Return = "Status code 11002 - Destination Net Unreachable"
           Case $objPing.StatusCode()=11003 $Return = "Status code 11003 - Destination Host Unreachable"
           Case $objPing.StatusCode()=11004 $Return = _
             "Status code 11004 - Destination Protocol Unreachable"
           Case $objPing.StatusCode()=11005 $Return = "Status code 11005 - Destination Port Unreachable"
           Case $objPing.StatusCode()=11006 $Return = "Status code 11006 - No Resources"
           Case $objPing.StatusCode()=11007 $Return = "Status code 11007 - Bad Option"
           Case $objPing.StatusCode()=11008 $Return = "Status code 11008 - Hardware Error"
           Case $objPing.StatusCode()=11009 $Return = "Status code 11009 - Packet Too Big"
           Case $objPing.StatusCode()=11010 $Return = "Status code 11010 - Request Timed Out"
           Case $objPing.StatusCode()=11011 $Return = "Status code 11011 - Bad Request"
           Case $objPing.StatusCode()=11012 $Return = "Status code 11012 - Bad Route"
           Case $objPing.StatusCode()=11013 $Return = "Status code 11013 - TimeToLive Expired Transit"
           Case $objPing.StatusCode()=11014 $Return = _
             "Status code 11014 - TimeToLive Expired Reassembly"
           Case $objPing.StatusCode()=11015 $Return = "Status code 11015 - Parameter Problem"
           Case $objPing.StatusCode()=11016 $Return = "Status code 11016 - Source Quench"
           Case $objPing.StatusCode()=11017 $Return = "Status code 11017 - Option Too Big"
           Case $objPing.StatusCode()=11018 $Return = "Status code 11018 - Bad Destination"
           Case $objPing.StatusCode()=11032 $Return = "Status code 11032 - Negotiating IPSEC"
           Case $objPing.StatusCode()=11050 $Return = "Status code 11050 - General Failure"
           Case Else $Return = "Status code " & $objPing.StatusCode & _
              " - Unable to determine cause of failure."
       EndSelect
   Next
;VA on error goto 0
    Return $Return
EndFunc

Share this post


Link to post
Share on other sites



What errors are you getting? Are you using an automated converter, or are you doing this by hand?

Thanks,

Jarvis


AutoIt Links

File-String Hash Plugin Updated! 04-02-2008 Plugins have been discontinued. I just found out.

ComputerGetInfo UDF's Updated! 11-23-2006

External Links

Vortex Revolutions Engineer / Inventor (Web, Desktop, and Mobile Applications, Hardware Gizmos, Consulting, and more)

Share this post


Link to post
Share on other sites

#3 ·  Posted (edited)

You didn't say what the problem is, does it work?

1. $strComputer=$CmdLine.Item(0)

Should probably be $strComputer = $CmdLine[1]

2.

Select

Case $objPing.StatusCode()=0 $Return = "Success"

Case $objPing.StatusCode()=11001 $Return = "Status code 11001 - Buffer Too Small"

Case $objPing.StatusCode()=11002 $Return = "Status code 11002 - Destination Net Unreachable"

etc...

Should be:

Switch $objPing.StatusCode()

Case 0

Case 11001

Case 11002

etc...

EndSwitch

Edited by weaponx

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!


Register a new account

Sign in

Already have an account? Sign in here.


Sign In Now
Sign in to follow this  
Followers 0