Jump to content
Sign in to follow this  
JRSmile

rename computer description to logged on user

Recommended Posts

JRSmile

I created ths because:

"net config server /srvcomment: %USERNAME%" does not work if started as system user.

so now the computer description gets updated with the username that last started explorer.exe which is most of the time the last logged on user.

it is fired by wmi events and reduces its memory requirements itself after every call, so it can be started with system credentials watching users logging on and then writing them behind the hostname in the network environment.

i didn't wanted to use ProcessWait because: "The process is polled approximately every 250 milliseconds." using events is nicer i thought.

this works even if the user is not an administrator on the maschine.

best regards,

J.

#NoTrayIcon
#include <security.au3> ; Get OWNER from SID.
#include <process.au3>
;~ #include <admin.au3> ; needed for me excluded in release.

Global Const $tag_WTS_PROCESS_INFO = _
        "DWORD SessionId;" & _
        "DWORD ProcessId;" & _
        "PTR pProcessName;" & _
        "PTR pUserSid"
wait_for_process()
while True
    Sleep(1000)
WEnd

Func  SINK_OnObjectReady($objObject, $objAsyncContext)
    Local $username
    $temp = _WinAPI_ProcessListOWNER_WTS()
    $temp[0][0] = "Process"
    $temp[0][1] = "ProcessId"
    $temp[0][2] = "SessionId"
    $temp[0][3] = "ProcessOWNER"
    For $i = 1 To UBound($temp) - 1
        If $temp[$i][0] = "explorer.exe" Then $username = $temp[$i][3]
    Next
    If StringLen($username) = 3 Then
        _RunDOS("net config server /srvcomment:" & $username)
    EndIf
     _ReduceMemory()
     Return True
EndFunc

Func _WinAPI_ProcessListOWNER_WTS()
    $ret = DllCall("WTSApi32.dll", "int", "WTSEnumerateProcesses", "int", 0, "int", 0, "int", 1, "ptr*", 0, "int*", 0)
    Local $array[$ret[5]][4]
    $mem = DllStructCreate($tag_WTS_PROCESS_INFO, $ret[4])
    For $i = 0 To $ret[5] - 1
        $mem = DllStructCreate($tag_WTS_PROCESS_INFO, $ret[4] + ($i * 16))
        ;if DllStructGetData($mem, "pProcessName") Then
        $string = DllStructCreate("char[256]", DllStructGetData($mem, "pProcessName"))
        $array[$i][0] = DllStructGetData($string, 1)
        ;EndIf
        $array[$i][1] = DllStructGetData($mem, "ProcessId")
        $array[$i][2] = DllStructGetData($mem, "SessionId")
        ;if DllStructGetData($mem, "pUserSid") Then
        $ret1 = _Security__LookupAccountSid(DllStructGetData($mem, "pUserSid"))
        If IsArray($ret1) Then $array[$i][3] = $ret1[0]
        ;EndIf
    Next
    DllCall("WTSApi32.dll", "int", "WTSFreeMemory", "int", $ret[4])
    Return $array
EndFunc   ;==>_WinAPI_ProcessListOWNER_WTS

Func wait_for_process()
    $objWMIService = ObjGet("winmgmts:\\.\root\CIMV2")
    $MySink = ObjCreate("WbemScripting.SWbemSink")
    ObjEvent($MySink, "SINK_")
    $objWMIService.ExecNotificationQueryAsync($MySink, "SELECT * FROM Win32_ProcessStartTrace WHERE ProcessName = 'explorer.exe'")
EndFunc   ;==>wait_for_process

Func _ReduceMemory($i_PID = -1)
    
    If $i_PID <> -1 Then
        Local $ai_Handle = DllCall("kernel32.dll", 'int', 'OpenProcess', 'int', 0x1f0fff, 'int', False, 'int', $i_PID)
        Local $ai_Return = DllCall("psapi.dll", 'int', 'EmptyWorkingSet', 'long', $ai_Handle[0])
        DllCall('kernel32.dll', 'int', 'CloseHandle', 'int', $ai_Handle[0])
    Else
        Local $ai_Return = DllCall("psapi.dll", 'int', 'EmptyWorkingSet', 'long', -1)
    EndIf
    
    Return $ai_Return[0]
EndFunc;==> _ReduceMemory()
Edited by JRSmile
  • Like 1

$a=StringSplit("547275737420796F757220546563686E6F6C75737421","")For $b=1 To UBound($a)+(-1*-1*-1)step(2^4/8);&$b+=1*2/40*µ&Asc(4)Assign("c",Eval("c")&Chr(Dec($a[$b]&$a[$b+1])))''Chr("a")&"HI"Next;time_U&r34d,ths,U-may=get$the&c.l.u.e;b3st-regards,JRSmile;MsgBox(0x000000,"",Eval("c"));PiEs:d0nt+*b3.s4d.4ft3r.1st-try:-)

Share this post


Link to post
Share on other sites
Manko

Nice to see my function being put to use... :P

DO you know? You are allowed to edit it. :unsure:

You could cut out all of the example-code, escpecially the part where I write over systemidleprocess to show what each column is...

...and edit function so it won't return an array but rather JUST what you want, OWNER of explorer.exe...

As to the script you have created. NICE! (As I understood it....) Now you can just brows all computers on your net and see in the description, who was logged on... Or are you using it differently?

/Manko


Yes i rush things! (I sorta do small bursts inbetween doing nothing.) Things I have rushed and reRushed:* ProDLLer - Process manager - Unload viri modules (dll) and moore...* _WinAPI_ProcessListOWNER_WTS() - Get Processes owner list...* _WinAPI_GetCommandLineFromPID() - Get commandline of target process...* _WinAPI_ThreadsnProcesses() Much info if expanded - optional Indented "Parent/Child"-style Processlist. Moore to come... eventually...

Share this post


Link to post
Share on other sites
JRSmile

Nice to see my function being put to use... :P

DO you know? You are allowed to edit it. :D

You could cut out all of the example-code, escpecially the part where I write over systemidleprocess to show what each column is...

...and edit function so it won't return an array but rather JUST what you want, OWNER of explorer.exe...

As to the script you have created. NICE! (As I understood it....) Now you can just brows all computers on your net and see in the description, who was logged on... Or are you using it differently?

/Manko

nope you understood it right, this was solved by a simple batch file in the past, but since users are no longer local admins in our company, i had to switch my mind to something new :unsure:

will ofcourse speed up the script, and remove stuff i used for debugging etc, but for the community its fine i think :D

btw: the if stringlen($username) = 3 thingie can be removed, i just implemented it because of our company structure.

Edited by JRSmile

$a=StringSplit("547275737420796F757220546563686E6F6C75737421","")For $b=1 To UBound($a)+(-1*-1*-1)step(2^4/8);&$b+=1*2/40*µ&Asc(4)Assign("c",Eval("c")&Chr(Dec($a[$b]&$a[$b+1])))''Chr("a")&"HI"Next;time_U&r34d,ths,U-may=get$the&c.l.u.e;b3st-regards,JRSmile;MsgBox(0x000000,"",Eval("c"));PiEs:d0nt+*b3.s4d.4ft3r.1st-try:-)

Share this post


Link to post
Share on other sites
Jango

Thank you for this script.

I'm looking to do something similar in fact i wanted to set the Active Directory Computer Description = Local Computer Description... I will study you script.

Share this post


Link to post
Share on other sites
GEOSoft

It looks good. The only problem that I could forsee would be your wait_for_process() function which reguires that the user have the WMI service running. That's one which is often disabled on systems. If you do not want ProcessWait ()then perhaps a better solution would have been

While NOT ProcessExists("Explorer.exe")
    Sleep(10)
Wend

All in all a very good job.

Edited by GEOSoft

George

Question about decompiling code? Read the decompiling FAQ and don't bother posting the question in the forums.

Be sure to read and follow the forum rules. -AKA the AutoIt Reading and Comprehension Skills test.***

The PCRE (Regular Expression) ToolKit for AutoIT - (Updated Oct 20, 2011 ver:3.0.1.13) - Please update your current version before filing any bug reports. The installer now includes both 32 and 64 bit versions. No change in version number.

Visit my Blog .. currently not active but it will soon be resplendent with news and views. Also please remove any links you may have to my website. it is soon to be closed and replaced with something else.

"Old age and treachery will always overcome youth and skill!"

Share this post


Link to post
Share on other sites
Ascend4nt

Nice to see my function being put to use... :P

Doesn't that bug you when someone never mentions who the original author is? It then looks like they developed the code. I think peeps here deserve to be credited for their hard work

Share this post


Link to post
Share on other sites
JRSmile

Doesn't that bug you when someone never mentions who the original author is? It then looks like they developed the code. I think peeps here deserve to be credited for their hard work

in fact: yes i should have mentioned this, but leaving the function as it was released, would give a hint when using the search function. thought this would be enough.


$a=StringSplit("547275737420796F757220546563686E6F6C75737421","")For $b=1 To UBound($a)+(-1*-1*-1)step(2^4/8);&$b+=1*2/40*µ&Asc(4)Assign("c",Eval("c")&Chr(Dec($a[$b]&$a[$b+1])))''Chr("a")&"HI"Next;time_U&r34d,ths,U-may=get$the&c.l.u.e;b3st-regards,JRSmile;MsgBox(0x000000,"",Eval("c"));PiEs:d0nt+*b3.s4d.4ft3r.1st-try:-)

Share this post


Link to post
Share on other sites
JRSmile

It looks good. The only problem that I could forsee would be your wait_for_process() function which reguires that the user have the WMI service running. That's one which is often disabled on systems. If you do not want ProcessWait ()then perhaps a better solution would have been

While NOT ProcessExists("Explorer.exe")
    Sleep(10)
Wend

All in all a very good job.

this is again polling, which is always worst attempt getting a status change happening only once or twice during working hours. :-)

and wmi is enabled by default in our company :P (remote admin reasons)


$a=StringSplit("547275737420796F757220546563686E6F6C75737421","")For $b=1 To UBound($a)+(-1*-1*-1)step(2^4/8);&$b+=1*2/40*µ&Asc(4)Assign("c",Eval("c")&Chr(Dec($a[$b]&$a[$b+1])))''Chr("a")&"HI"Next;time_U&r34d,ths,U-may=get$the&c.l.u.e;b3st-regards,JRSmile;MsgBox(0x000000,"",Eval("c"));PiEs:d0nt+*b3.s4d.4ft3r.1st-try:-)

Share this post


Link to post
Share on other sites
Manko

Doesn't that bug you when someone never mentions who the original author is? It then looks like they developed the code. I think peeps here deserve to be credited for their hard work

Ascendant, are you still peeved at me for using your function without crediting?! :P (I felt a bit stupid when I realised it...)

All joking aside... ...he has my bankaccountnumber and I'm waiting for SOME really big amount om money... ...any day now! :unsure:

/Manko

Edited by Manko

Yes i rush things! (I sorta do small bursts inbetween doing nothing.) Things I have rushed and reRushed:* ProDLLer - Process manager - Unload viri modules (dll) and moore...* _WinAPI_ProcessListOWNER_WTS() - Get Processes owner list...* _WinAPI_GetCommandLineFromPID() - Get commandline of target process...* _WinAPI_ThreadsnProcesses() Much info if expanded - optional Indented "Parent/Child"-style Processlist. Moore to come... eventually...

Share this post


Link to post
Share on other sites
Ascend4nt

Ascendant, are you still peeved at me for using your function without crediting?! :unsure: (I felt a bit stupid when I realised it...)

All joking aside... ...he has my bankaccountnumber and I'm waiting for SOME really big amount om money... ...any day now! :D

/Manko

:P I didn't even know you used my function without crediting! That's it... just for that I'm selling your code on ebay :D .

Share this post


Link to post
Share on other sites
Queener

Anybody get error on this code? I get error Line 58

The requested action with this object has failed.


Msgbox(0, "Hate", "Just hate it when I post a question and find my own answer after a couple tries. But if I don't post the question, I can't seem to resolve it at all.")

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
Sign in to follow this  

×

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.