WhereRu? - Find Users VBS Active Directory Script Help

[title1admin]

This cool VBA script will give you the current users logged into a computer and the time they logged into the computer......

Can specify a single computer or an entire domain (runs in a few minutes...) I am having trouble converting it to AutoIT..

The VBS script works as advertized but in the conversion to AUTOIT the functions need a re-write in syntax which I have no clue...)

My goal is to create a standalone exe based on the script which will poll active directory on a regular scheduled interval populate the results sorted by IP range to a status web page. (I may even include the autoit webserver in the exe later)

I need some advice on function conversion and to get this auto it script working as advertised....

WhereRU.vbs

expandcollapse popup

'Have this script I found on the net...
'Script by MJP 2006
'Reports which users are logged into a computer
'or
'Reports which users are logged into all domain computers
'Run it from command line like such:-
'cscript WhereRU.vbs PC001 >UsersLoggedIn.csv
'or
'cscript WhereRU.vbs >UsersLoggedIn.csv

'Check if a "Computer Name" cmd line variable was passed to script
On Error Resume next
strComputer=WScript.Arguments.Item(0)
On Error Goto 0
If strComputer="" Then 
' No specific computer was specified, proceed to query all computers in domain
Else
strPingStatus = PingStatus(strComputer)
If strPingStatus = "Success" Then
 QPO 'Run Query Process Owner function
 Else
 WScript.Echo strComputer & ",Failed ping with: " & strPingStatus
End If
WScript.quit    
End If

' Enumerate All Computer Accounts in Active Directory
Const ADS_SCOPE_SUBTREE = 2
Set objConnection = CreateObject("ADODB.Connection")
Set objCommand =   CreateObject("ADODB.Command")
objConnection.Provider = "ADsDSOObject"
objConnection.Open "Active Directory Provider"
Set objCOmmand.ActiveConnection = objConnection
objCommand.CommandText = _
   "Select Name, Location from 'LDAP://DC=somedomain,DC=com' " _
       & "Where objectClass='computer'"  
objCommand.Properties("Page Size") = 1000
objCommand.Properties("Searchscope") = ADS_SCOPE_SUBTREE 
Set objRecordSet = objCommand.Execute
objRecordSet.MoveFirst
Do Until objRecordSet.EOF
   strComputer = objRecordSet.Fields("Name").Value
   objRecordSet.MoveNext

 'Check if computer account is obsolite
If obsoliteness(strComputer) =0 Then

'check computer is on and echo "logged in user" or "ping failure status"
strPingStatus = PingStatus(strComputer)
If strPingStatus = "Success" Then
    QPO 'Run Query Process Owner function
Else
    WScript.Echo strComputer & ",Failed ping with: " & strPingStatus &","&time
End If

Else
WScript.Echo strComputer & ",Identified as an obsolite machine account,"&time
End If
Loop
WScript.Quit

'---------------------------------------
'My obsoliteness function
function obsoliteness(var)
Set myRegExp = New RegExp
myRegExp.IgnoreCase = True
myRegExp.Pattern = "(^XC00)|(^RC00)|(^QC00)|(^PC00)|(^OC00)|(^JC00)|(^HC00)|(^FC00)|(^EC00)|(^DC00)|(^CC)|(^C00)"
obsoliteness = myRegExp.test(var)
end function
'---------------------------------------
'Query Process Owner function
Function QPO 
On Error Resume next   
Set objWMIService = GetObject("winmgmts:" _
   & "{impersonationLevel=impersonate}!\\" _
   & strComputer & "\root\cimv2")
Set colProcessList = objWMIService.ExecQuery _
   ("Select * from Win32_Process Where Name = 'explorer.exe'")
For Each objProcess in colProcessList
   objProcess.GetOwner strUserName, strUserDomain 
   Wscript.Echo strComputer &",Is logged into by "&strUserDomain & "\" & strUserName &","&time
Next
End Function
'---------------------------------------
'Ping Status function
Function PingStatus(strComputer)
   On Error Resume Next
   strWorkstation = "."
   Set objWMIService = GetObject("winmgmts:" _
     & "{impersonationLevel=impersonate}!\\" & strWorkstation & "\root\cimv2")
   Set colPings = objWMIService.ExecQuery _
     ("SELECT * FROM Win32_PingStatus WHERE Address = '" & strComputer & "'")
   For Each objPing in colPings
       Select Case objPing.StatusCode
           Case 0 PingStatus = "Success"
           Case 11001 PingStatus = "Status code 11001 - Buffer Too Small"
           Case 11002 PingStatus = "Status code 11002 - Destination Net Unreachable"
           Case 11003 PingStatus = "Status code 11003 - Destination Host Unreachable"
           Case 11004 PingStatus = _
             "Status code 11004 - Destination Protocol Unreachable"
           Case 11005 PingStatus = "Status code 11005 - Destination Port Unreachable"
           Case 11006 PingStatus = "Status code 11006 - No Resources"
           Case 11007 PingStatus = "Status code 11007 - Bad Option"
           Case 11008 PingStatus = "Status code 11008 - Hardware Error"
           Case 11009 PingStatus = "Status code 11009 - Packet Too Big"
           Case 11010 PingStatus = "Status code 11010 - Request Timed Out"
           Case 11011 PingStatus = "Status code 11011 - Bad Request"
           Case 11012 PingStatus = "Status code 11012 - Bad Route"
           Case 11013 PingStatus = "Status code 11013 - TimeToLive Expired Transit"
           Case 11014 PingStatus = _
             "Status code 11014 - TimeToLive Expired Reassembly"
           Case 11015 PingStatus = "Status code 11015 - Parameter Problem"
           Case 11016 PingStatus = "Status code 11016 - Source Quench"
           Case 11017 PingStatus = "Status code 11017 - Option Too Big"
           Case 11018 PingStatus = "Status code 11018 - Bad Destination"
           Case 11032 PingStatus = "Status code 11032 - Negotiating IPSEC"
           Case 11050 PingStatus = "Status code 11050 - General Failure"
           Case Else PingStatus = "Status code " & objPing.StatusCode & _
              " - Unable to determine cause of failure."
       End Select
   Next
on error goto 0
End Function

CONVERTED SCRIPT

expandcollapse popup

$strComputer =''
$strPingStatus =''
$objConnection =''
$objCommand =''
$objRecordSet =''

#include <bk-logfile.au3>

;Check if a "Computer Name" cmd line variable was passed to script
;VA On Error Resume next
$strComputer=$CmdLine.Item(0)
;VA On Error Goto 0
If $strComputer="" Then 
; No specific computer was specified, proceed to query all computers in domain
Else
$strPingStatus = PingStatus($strComputer)
If $strPingStatus = "Success" Then
 QPO ();Run Query Process Owner function
 Else
 _WriteLog ($strComputer & ",Failed ping with: " & $strPingStatus)
EndIf
;VA WScript.quit    
EndIf

; Enumerate All Computer Accounts in Active Directory
Const $ADS_SCOPE_SUBTREE = 2
 $objConnection = ObjCreate("ADODB.Connection")
 $objCommand =   ObjCreate("ADODB.Command")
$objConnection.Provider = "ADsDSOObject"
$objConnection.Open ("Active Directory Provider")
 $objCommand.ActiveConnection = $objConnection
$objCommand.CommandText = _
   "Select Name, Location from 'LDAP://DC=somedomain,DC=com' " _
       & "Where objectClass='computer'"  
$objCommand.Properties("Page Size") = 1000
$objCommand.Properties("Searchscope") = $ADS_SCOPE_SUBTREE 
 $objRecordSet = $objCommand.Execute
$objRecordSet.MoveFirst()

Do
$strComputer = $objRecordSet.Fields("Name").Value
   $objRecordSet.MoveNext()
Until $objRecordSet.EOF()
   
;Check if computer account is obsolite
If obsoliteness($strComputer) =0 Then

;check computer is on and echo "logged in user" or "ping failure status"
$strPingStatus = PingStatus($strComputer)
If $strPingStatus = "Success" Then
    QPO ();Run Query Process Owner function
Else
    _WriteLog ($strComputer & ",Failed ping with: " & $strPingStatus &","&time)
EndIf

Else
_WriteLog ($strComputer & ",Identified as an obsolite machine account,"&time)
EndIf
Loop
;VA WScript.Quit

;---------------------------------------
;My obsoliteness function()
Func obsoliteness($var)
    Local $Return
 $myRegExp = $New $RegExp
$myRegExp.IgnoreCase = 1
$myRegExp.Pattern = "(^XC00)|(^RC00)|(^QC00)|(^PC00)|(^OC00)|(^JC00)|(^HC00)|(^FC00)|(^EC00)|(^DC00)|(^CC)|(^C00)"
$Return = $myRegExp.test($var)
    Return $Return
EndFunc
;---------------------------------------
;Query Process Owner function
Func QPO()
;VA On Error Resume next   
 $objWMIService = ObjGet("winmgmts:" _
   & "{impersonationLevel=impersonate}!\\" _
   & $strComputer & "\root\cimv2")
 $colProcessList = $objWMIService.ExecQuery _
   ("Select * from Win32_Process Where Name = 'explorer.exe'")
For $objProcess in $colProcessList
   $objProcess.GetOwner ($strUserName, $strUserDomain )
   _WriteLog ($strComputer &",Is logged into by "&strUserDomain & "\" & $strUserName &","&time)
Next
EndFunc
;---------------------------------------
;Ping Status function
Func PingStatus($strComputer)
    Local $Return
;VA On Error Resume Next
   $strWorkstation = "."
    $objWMIService = ObjGet("winmgmts:" _
     & "{impersonationLevel=impersonate}!\\" & $strWorkstation & "\root\cimv2")
    $colPings = $objWMIService.ExecQuery _
     ("SELECT * FROM Win32_PingStatus WHERE Address = '" & $strComputer & "'")
   For $objPing in $colPings
       Select 
           Case $objPing.StatusCode()=0 $Return = "Success"
           Case $objPing.StatusCode()=11001 $Return = "Status code 11001 - Buffer Too Small"
           Case $objPing.StatusCode()=11002 $Return = "Status code 11002 - Destination Net Unreachable"
           Case $objPing.StatusCode()=11003 $Return = "Status code 11003 - Destination Host Unreachable"
           Case $objPing.StatusCode()=11004 $Return = _
             "Status code 11004 - Destination Protocol Unreachable"
           Case $objPing.StatusCode()=11005 $Return = "Status code 11005 - Destination Port Unreachable"
           Case $objPing.StatusCode()=11006 $Return = "Status code 11006 - No Resources"
           Case $objPing.StatusCode()=11007 $Return = "Status code 11007 - Bad Option"
           Case $objPing.StatusCode()=11008 $Return = "Status code 11008 - Hardware Error"
           Case $objPing.StatusCode()=11009 $Return = "Status code 11009 - Packet Too Big"
           Case $objPing.StatusCode()=11010 $Return = "Status code 11010 - Request Timed Out"
           Case $objPing.StatusCode()=11011 $Return = "Status code 11011 - Bad Request"
           Case $objPing.StatusCode()=11012 $Return = "Status code 11012 - Bad Route"
           Case $objPing.StatusCode()=11013 $Return = "Status code 11013 - TimeToLive Expired Transit"
           Case $objPing.StatusCode()=11014 $Return = _
             "Status code 11014 - TimeToLive Expired Reassembly"
           Case $objPing.StatusCode()=11015 $Return = "Status code 11015 - Parameter Problem"
           Case $objPing.StatusCode()=11016 $Return = "Status code 11016 - Source Quench"
           Case $objPing.StatusCode()=11017 $Return = "Status code 11017 - Option Too Big"
           Case $objPing.StatusCode()=11018 $Return = "Status code 11018 - Bad Destination"
           Case $objPing.StatusCode()=11032 $Return = "Status code 11032 - Negotiating IPSEC"
           Case $objPing.StatusCode()=11050 $Return = "Status code 11050 - General Failure"
           Case Else $Return = "Status code " & $objPing.StatusCode & _
              " - Unable to determine cause of failure."
       EndSelect
   Next
;VA on error goto 0
    Return $Return
EndFunc

[JSThePatriot]

What errors are you getting? Are you using an automated converter, or are you doing this by hand?

Thanks,

Jarvis

[weaponx]

You didn't say what the problem is, does it work?

1. $strComputer=$CmdLine.Item(0)

Should probably be $strComputer = $CmdLine[1]

2.

Select

Case $objPing.StatusCode()=0 $Return = "Success"

Case $objPing.StatusCode()=11001 $Return = "Status code 11001 - Buffer Too Small"

Case $objPing.StatusCode()=11002 $Return = "Status code 11002 - Destination Net Unreachable"

etc...

Should be:

Switch $objPing.StatusCode()

Case 0

Case 11001

Case 11002

etc...

EndSwitch

Edited December 9, 2008 by weaponx