1984
|
(Starting to like KiXtart)
|
2003-11-18 01:48 PM
|
|
|
|
|
Retrieve an user's IP in a lan/domain
|
|
Hi,
I'm new to KIX scripting and need some help/feedback. I need a KIX script to perform some actions and show the result in a GUI based interface using KIXForms.
Simply I want to get the IP address for a specific LAN user ID who is logged on into a Domain.
The only input to the script should be “User ID”.
Using NBTScan I could do a scanning on single IP, or IP rang/subnet, to retrieve logged on users IP address.
But I want to do the opposite way! I give a specific user ID and get the IP address for that specific user ID.
When using “net send” command you can send message to a “specific user ID”, so somehow “net send” must list the IP address for that specific user ID to send your message to target host client which the user are logged on to. I don’t know if “net send” will do a query on WINS server to get the necessary info such as IP address for the client which that specific user is logged on to.
How do I capture that info, which hopefully contains the IP for the client which the specific user ID is logged on to?
So my input is only single “User ID” and the output should be the IP address for that User ID.
The next step is to tell the script to do a remote scan on that client, which that specific user is logged on to.
The output of remote scanning should be collected information such as HW and SW inventory for target machine, presented in GUI based interface.
Any idea's ???
Greatfull Cyrus geminizer@hotmail.com
[list] [pollstop]
|
|
Re: Retrieve an user's IP in a lan/domain
|
|
In a Microsoft NT4 environment the only place user name exists relative to an IP is in the WINS database. I have not checked into seeing if the user appears in W2K DNS as an autoregistered record.
|
Kdyer
|
(KiX Supporter)
|
2003-11-18 02:59 PM
|
|
|
|
|
Re: Retrieve an user's IP in a lan/domain
|
|
Couple of approaches that have been used on this.. (1) Log the user, IP, and other info to a database, CSV, etc. (2) Cisco has a tool for getting this or related info as well - UTLITE33.EXE (From Cisco)
You would then query either of these.
HTH,
Kent
|
Radimus
|
(KiX Supporter)
|
2003-11-18 03:06 PM
|
|
|
|
|
Re: Retrieve an user's IP in a lan/domain
|
|
you could also parse your domain controllers for event 673 and then read the details
|
Chris S.
|
(MM club member)
|
2003-11-18 03:10 PM
|
|
|
|
|
Re: Retrieve an user's IP in a lan/domain
|
|
Here's a KiXforms script that I use...
Code:
Break On
$nul=SetConsole("Hide")
$frmMain = CreateObject("Kixtart.Form")
$frmMain.Caption = "Locate"
$frmMain.Icon = "shell32.dll;52"
$frmMain.Size = 285,155
$txtUser = $frmMain.TextBox("",10,10,200,20)
$txtUser.OnChange = "$$btnFind.Enabled=1"
$txtIP = $frmMain.TextBox("",10,40,200,20)
;$txtIP.Enabled = 0
$txtHost = $frmMain.TextBox("",10,70,200,20)
;$txtHost.Enabled = 0
$btnFind = $frmMain.Button("Find",$txtUser.Right+10,$txtUser.Top,50,20)
$btnFind.Enabled = 0
$btnFind.OnClick = "fnFindUser($$txtUser.Value) If @@ERROR fnERROR() EndIf"
$btnIP = $frmMain.Button("Copy",$txtIP.Right+10,$txtIP.Top,50,20)
$btnIP.Enabled = 0
$btnIP.OnClick = "fnCopyIP()"
$btnHost = $frmMain.Button("Copy",$txtHost.Right+10,$txtHost.Top,50,20)
$btnHost.Enabled = 0
$btnHost.OnClick = "fnCopyHost()"
$prgStatus = $frmMain.ProgressBar()
$prgStatus.Left = 10
$prgStatus.Top = $txtHost.Bottom+10
$prgStatus.Width = $frmMain.ClientWidth - 20
$prgStatus.Height = 20
$prgStatus.BorderStyle = 5
$prgStatus.Style = 1
$prgStatus.Max=3
$frmMain.Center
$frmMain.Show
While $frmMain.Visible
$nul=Execute($frmMain.DoEvents)
Loop
Exit 1
Function fnCopyIP()
$txtIP.SelStart = 0
$txtIP.SelLength = Len($txtIP.Text)
$txtIP.SetFocus() $txtIP.Copy()
EndFunction
Function fnCopyHost()
$txtHost.SelStart = 0
$txtHost.SelLength = Len($txtHost.Text)
$txtHost.SetFocus() $txtHost.Copy()
EndFunction
Function fnERROR()
$nul=MessageBox("User not found","Error")
EndFunction
Function fnFindUser($sUser)
$txtIP.Text = ""
$txtHost.Text = ""
$btnIP.Enabled = 0
$btnHost.Enabled = 0
$prgStatus.Value=0
$nul=WshPipe('Net Send '+$sUser+' ""',1)
If @ERROR Exit @ERROR EndIf
$prgStatus.Value=$prgStatus.Value+1
$aCon=WshPipe('nbtstat -c',1)
If @ERROR Exit @ERROR EndIf
$prgStatus.Value=$prgStatus.Value+1
For Each $sCon in $aCon
If Instr($sCon,$sUser)
$aFnd=Split($sCon," ")
For Each $sFnd in $aFnd
If Instr($sFnd,".") $sIP=$sFnd EndIf
Next
EndIf
Next
$aHost=WshPipe('Ping -a -n 1 $sIP',1)
$prgStatus.Value=$prgStatus.Value+1
If @ERROR Exit @ERROR EndIf
For Each $sHost in $aHost
If Instr($sHost,$sIP) and Instr($sHost,"Pinging")
$sCom=Split($sHost," ")[1]
EndIf
Next
$txtIP.Text = $sIP
$txtHost.Text = $sCom
$btnIP.Enabled = 1
$btnHost.Enabled = 1
$prgStatus.Value=0
EndFunction
Function WshPipe($ShellCMD, OPTIONAL $NoEcho)
Dim $oExec, $Output
$oExec = CreateObject("WScript.Shell").Exec($ShellCMD)
If Not VarType($oExec)=9 $WshPipe="WScript.Shell Exec Unsupported" Exit 10 EndIf
$Output = $oExec.StdOut.ReadAll + $oExec.StdErr.ReadAll
If Not $NoEcho $Output Endif
$WshPipe=Split($Output,@CRLF)
Exit($oExec.ExitCode)
EndFunction
|
Radimus
|
(KiX Supporter)
|
2003-11-18 03:20 PM
|
|
|
|
|
Re: Retrieve an user's IP in a lan/domain
|
|
I try to net send a nul and it chokes on it...
Quote:
C:\Documents and Settings\whsfrc>net send fsdshfm Sending files is no longer supported.
More help is available by typing NET HELPMSG 3777.
C:\Documents and Settings\whesferc>nbtstat -c
LAN: Node IpAddress: [164.51.34.88] Scope Id: []
No names in cache
if I send any single char it works and inserts into the cache
|
Chris S.
|
(MM club member)
|
2003-11-18 03:22 PM
|
|
|
|
|
Re: Retrieve an user's IP in a lan/domain
|
|
Try...
net send fsdshfm ""
|
Radimus
|
(KiX Supporter)
|
2003-11-18 03:50 PM
|
|
|
|
|
Re: Retrieve an user's IP in a lan/domain
|
|
ok... here is a basic script. I'll UDF this eventually
Code:
break on
gets $name ; or $name='' if $name $nul = wshpipe('net send '+$name+' ""',1) $str = WshPipe('cmd /c nbtstat -c | find "'+ucase($name)+'"',1) if not @error for each $entry in $str $ip = trim(substr($entry,41,16)) ? $ip next else ? $name+" not found" endif endif
Function WshPipe($ShellCMD, OPTIONAL $NoEcho) Dim $oExec, $Output $oExec = CreateObject("WScript.Shell").Exec($ShellCMD) If Not VarType($oExec)=9 $WshPipe="WScript.Shell Exec Unsupported" Exit 10 EndIf $Output = $oExec.StdOut.ReadAll + $oExec.StdErr.ReadAll If Not $NoEcho $Output Endif $WshPipe=Split($Output,@CRLF) Exit($oExec.ExitCode) EndFunction
|
Radimus
|
(KiX Supporter)
|
2003-11-18 04:44 PM
|
|
|
|
|
Re: Retrieve an user's IP in a lan/domain
|
|
Code:
? FindUserIP('JoeL') ? FindUserIP('SteveN')
Function FindUserIP($user) DIM $nul, $str, $entry $nul = WshPipe('net send '+$user+' ""',1) $str = WshPipe('%comspec% /c nbtstat -c | find "'+ucase($user)+'"',1) if @error exit @error endif for each $entry in $str if instr($entry,$user) $FindUserIP = trim(substr($entry,41,16)) endif next exit @error endfunction
Function WshPipe($ShellCMD, OPTIONAL $NoEcho) Dim $oExec, $Output $oExec = CreateObject("WScript.Shell").Exec($ShellCMD) If Not VarType($oExec)=9 $WshPipe="WScript.Shell Exec Unsupported" Exit 10 EndIf $Output = $oExec.StdOut.ReadAll + $oExec.StdErr.ReadAll If Not $NoEcho $Output Endif $WshPipe=Split($Output,@CRLF) Exit($oExec.ExitCode) EndFunction
|
1984
|
(Starting to like KiXtart)
|
2003-11-18 05:22 PM
|
|
|
|
|
Re: Retrieve an user's IP in a lan/domain
|
|
Wow! Many thanks for your feedbacks, but I’m still confused…
Remember the only known data/input to the script should be the specific single “User ID”. The user running the script may not be domain or server admin. Other info such as WINS and DNS servers, subnets and V-LAN may NOT been known.
?My Questions?
kdyer Can I use Cisco tools on any LAN based environment or it only works with their equipments???
Chris S. Could you please provide some short inputs how your script work and an example how to run it?
Radimus Could you please provide some short inputs how your script work and an example how to run it?
/C [list]
|
Radimus
|
(KiX Supporter)
|
2003-11-18 05:33 PM
|
|
|
|
|
Re: Retrieve an user's IP in a lan/domain
|
|
take the last post I sent, copy all of it
change the names in the FindUserIP() statements to what ever names you are looking for
|
Chris S.
|
(MM club member)
|
2003-11-18 06:29 PM
|
|
|
|
|
Re: Retrieve an user's IP in a lan/domain
|
|
Sure, copy and paste my script and run it. Type a USERID in the top input field and hit the find button. Since you mentioned KiXforms in your initial post I assume that you have it installed.
|
1984
|
(Starting to like KiXtart)
|
2003-11-18 06:39 PM
|
|
|
|
|
Re: Retrieve an user's IP in a lan/domain
|
|
Radimus Excellent! Your script is a beautiful piece of artwork. Now to the secound part: Having the IP add, the script should now perform a remote scan on target client. This to collect some HW & SW information for the target machine. HW info such as System Bios, Mem, CPU, and some SW info such as OS, SP level, installd apps are needed. This to be presented in GUI based interface.(KIXForms)
How do I make a KIX script to do an online remote scan?
U R D Best
|
1984
|
(Starting to like KiXtart)
|
2003-11-18 06:53 PM
|
|
|
|
|
Re: Retrieve an user's IP in a lan/domain
|
|
Chris S. Wow! Another great pice of master work!. Works perfectly Now once i have the IP, I should be able to make an remote scan on the target client and collect some HW & SW infor for that client.
How do I do that?
\C
|
Radimus
|
(KiX Supporter)
|
2003-11-18 08:13 PM
|
|
|
|
|
Re: Retrieve an user's IP in a lan/domain
|
|
Go to my web site and DL Inquisitor.
I am actually working on version 2 now. The first one was my first kform project and my code is a bit (a lot) barbaric. The next version should be quite a bit better.
|
1984
|
(Starting to like KiXtart)
|
2003-11-20 05:53 PM
|
|
|
|
|
Re: Retrieve an user's IP in a lan/domain
|
|
Radimus Many thanks for your feedback and your scripts.
Now when the IP/Host name for the target "User ID" is listed, Im trying to understand how to use this output to perform a RealTime query on the target machine.
Could you plz provide me some sample how to do a Realtime scan on a client???
Best regards \C
|
Radimus
|
(KiX Supporter)
|
2003-11-20 11:46 PM
|
|
|
|
|
Re: Retrieve an user's IP in a lan/domain
|
|
read the post on WMIQuery() UDF
|