1984
(Starting to like KiXtart)
2003-11-18 01:48 PM
Retrieve an user's IP in a lan/domain

Hi,

I'm new to KIX scripting and need some help/feedback. I need a KIX script to perform some actions and show the result in a GUI based interface using KIXForms.
Simply I want to get the IP address for a specific LAN user ID who is logged on into a Domain.
The only input to the script should be “User ID”.

Using NBTScan I could do a scanning on single IP, or IP rang/subnet, to retrieve logged on users IP address.
But I want to do the opposite way! I give a specific user ID and get the IP address for that specific user ID.

When using “net send” command you can send message to a “specific user ID”, so somehow “net send” must list the IP address for that specific user ID to send your message to target host client which the user are logged on to. I don’t know if “net send” will do a query on WINS server to get the necessary info such as IP address for the client which that specific user is logged on to.

How do I capture that info, which hopefully contains the IP for the client which the specific user ID is logged on to?

So my input is only single “User ID” and the output should be the IP address for that User ID.
The next step is to tell the script to do a remote scan on that client, which that specific user is logged on to.
The output of remote scanning should be collected information such as HW and SW inventory for target machine, presented in GUI based interface.

Any idea's ???

Greatfull Cyrus geminizer@hotmail.com
[list] [pollstop]


Howard Bullock
(KiX Supporter)
2003-11-18 02:14 PM
Re: Retrieve an user's IP in a lan/domain

In a Microsoft NT4 environment the only place user name exists relative to an IP is in the WINS database. I have not checked into seeing if the user appears in W2K DNS as an autoregistered record.

Kdyer
(KiX Supporter)
2003-11-18 02:59 PM
Re: Retrieve an user's IP in a lan/domain

Couple of approaches that have been used on this..
(1) Log the user, IP, and other info to a database, CSV, etc.
(2) Cisco has a tool for getting this or related info as well - UTLITE33.EXE (From Cisco)

You would then query either of these.

HTH,

Kent

Radimus
(KiX Supporter)
2003-11-18 03:06 PM
Re: Retrieve an user's IP in a lan/domain

you could also parse your domain controllers for event 673 and then read the details

Chris S.
(MM club member)
2003-11-18 03:10 PM
Re: Retrieve an user's IP in a lan/domain

Here's a KiXforms script that I use...

Code:
Break On



$nul=SetConsole("Hide")



$frmMain = CreateObject("Kixtart.Form")

$frmMain.Caption = "Locate"

$frmMain.Icon = "shell32.dll;52"

$frmMain.Size = 285,155



$txtUser = $frmMain.TextBox("",10,10,200,20)

$txtUser.OnChange = "$$btnFind.Enabled=1"



$txtIP = $frmMain.TextBox("",10,40,200,20)

;$txtIP.Enabled = 0



$txtHost = $frmMain.TextBox("",10,70,200,20)

;$txtHost.Enabled = 0



$btnFind = $frmMain.Button("Find",$txtUser.Right+10,$txtUser.Top,50,20)

$btnFind.Enabled = 0

$btnFind.OnClick = "fnFindUser($$txtUser.Value) If @@ERROR fnERROR() EndIf"



$btnIP = $frmMain.Button("Copy",$txtIP.Right+10,$txtIP.Top,50,20)

$btnIP.Enabled = 0

$btnIP.OnClick = "fnCopyIP()"



$btnHost = $frmMain.Button("Copy",$txtHost.Right+10,$txtHost.Top,50,20)

$btnHost.Enabled = 0

$btnHost.OnClick = "fnCopyHost()"



$prgStatus = $frmMain.ProgressBar()

$prgStatus.Left = 10

$prgStatus.Top = $txtHost.Bottom+10

$prgStatus.Width = $frmMain.ClientWidth - 20

$prgStatus.Height = 20

$prgStatus.BorderStyle = 5

$prgStatus.Style = 1

$prgStatus.Max=3



$frmMain.Center

$frmMain.Show

While $frmMain.Visible

	$nul=Execute($frmMain.DoEvents)

Loop



Exit 1



Function fnCopyIP()

    $txtIP.SelStart = 0

	$txtIP.SelLength = Len($txtIP.Text)

	$txtIP.SetFocus() $txtIP.Copy()

EndFunction



Function fnCopyHost()

	$txtHost.SelStart = 0

	$txtHost.SelLength = Len($txtHost.Text)

	$txtHost.SetFocus() $txtHost.Copy()

EndFunction



Function fnERROR()

	$nul=MessageBox("User not found","Error")

EndFunction



Function fnFindUser($sUser)

	$txtIP.Text = ""

	$txtHost.Text = ""

	$btnIP.Enabled = 0

	$btnHost.Enabled = 0

	$prgStatus.Value=0

	$nul=WshPipe('Net Send '+$sUser+' ""',1)

	If @ERROR Exit @ERROR EndIf

	$prgStatus.Value=$prgStatus.Value+1

	$aCon=WshPipe('nbtstat -c',1)

	If @ERROR Exit @ERROR EndIf

	$prgStatus.Value=$prgStatus.Value+1

	For Each $sCon in $aCon

		If Instr($sCon,$sUser)

			$aFnd=Split($sCon," ")

			For Each $sFnd in $aFnd

				If Instr($sFnd,".") $sIP=$sFnd EndIf

			Next

		EndIf

	Next

	$aHost=WshPipe('Ping -a -n 1 $sIP',1)

	$prgStatus.Value=$prgStatus.Value+1

	If @ERROR Exit @ERROR EndIf

	For Each $sHost in $aHost

		If Instr($sHost,$sIP) and Instr($sHost,"Pinging")

			$sCom=Split($sHost," ")[1]

		EndIf

	Next

	$txtIP.Text = $sIP

	$txtHost.Text = $sCom

	$btnIP.Enabled = 1

	$btnHost.Enabled = 1

	$prgStatus.Value=0

EndFunction



Function WshPipe($ShellCMD, OPTIONAL $NoEcho)

	Dim $oExec, $Output

	$oExec = CreateObject("WScript.Shell").Exec($ShellCMD)

	If Not VarType($oExec)=9 $WshPipe="WScript.Shell Exec Unsupported" Exit 10 EndIf

	$Output = $oExec.StdOut.ReadAll + $oExec.StdErr.ReadAll

	If Not $NoEcho $Output Endif

	$WshPipe=Split($Output,@CRLF)

	Exit($oExec.ExitCode)

EndFunction


Radimus
(KiX Supporter)
2003-11-18 03:20 PM
Re: Retrieve an user's IP in a lan/domain

I try to net send a nul and it chokes on it...

Quote:


C:\Documents and Settings\whsfrc>net send fsdshfm
Sending files is no longer supported.

More help is available by typing NET HELPMSG 3777.


C:\Documents and Settings\whesferc>nbtstat -c

LAN:
Node IpAddress: [164.51.34.88] Scope Id: []

No names in cache





if I send any single char it works and inserts into the cache

Chris S.
(MM club member)
2003-11-18 03:22 PM
Re: Retrieve an user's IP in a lan/domain

Try...

net send fsdshfm ""

Radimus
(KiX Supporter)
2003-11-18 03:50 PM
Re: Retrieve an user's IP in a lan/domain

ok... here is a basic script. I'll UDF this eventually


Code:

break on


gets $name ; or $name=''
if $name
	$nul  = wshpipe('net send '+$name+' ""',1)
	$str  = WshPipe('cmd /c nbtstat -c | find "'+ucase($name)+'"',1)
	if not @error
		for each $entry in $str
			$ip = trim(substr($entry,41,16))
			? $ip
			next
	else
		? $name+" not found"
		endif
	endif

Function WshPipe($ShellCMD, OPTIONAL $NoEcho)
	Dim $oExec, $Output
	$oExec = CreateObject("WScript.Shell").Exec($ShellCMD)
	If Not VarType($oExec)=9 $WshPipe="WScript.Shell Exec Unsupported" Exit 10 EndIf
	$Output = $oExec.StdOut.ReadAll + $oExec.StdErr.ReadAll
	If Not $NoEcho $Output Endif
	$WshPipe=Split($Output,@CRLF)
	Exit($oExec.ExitCode)
	EndFunction

Radimus
(KiX Supporter)
2003-11-18 04:44 PM
Re: Retrieve an user's IP in a lan/domain

Code:

? FindUserIP('JoeL')
? FindUserIP('SteveN')


Function FindUserIP($user)
	DIM $nul, $str, $entry
	$nul  = WshPipe('net send '+$user+' ""',1)
	$str  = WshPipe('%comspec% /c nbtstat -c | find "'+ucase($user)+'"',1)
	if @error 	exit @error	endif
	for each $entry in $str
		if instr($entry,$user)
			$FindUserIP = trim(substr($entry,41,16))
			endif
		next
	exit @error
	endfunction

Function WshPipe($ShellCMD, OPTIONAL $NoEcho)
	Dim $oExec, $Output
	$oExec = CreateObject("WScript.Shell").Exec($ShellCMD)
	If Not VarType($oExec)=9 $WshPipe="WScript.Shell Exec Unsupported" Exit 10 EndIf
	$Output = $oExec.StdOut.ReadAll + $oExec.StdErr.ReadAll
	If Not $NoEcho $Output Endif
	$WshPipe=Split($Output,@CRLF)
	Exit($oExec.ExitCode)
	EndFunction


1984
(Starting to like KiXtart)
2003-11-18 05:22 PM
Re: Retrieve an user's IP in a lan/domain

Wow! Many thanks for your feedbacks, but I’m still confused…

Remember the only known data/input to the script should be the specific single “User ID”.
The user running the script may not be domain or server admin.
Other info such as WINS and DNS servers, subnets and V-LAN may NOT been known.

?My Questions?

kdyer
Can I use Cisco tools on any LAN based environment or it only works with their equipments???

Chris S.
Could you please provide some short inputs how your script work and an example how to run it?

Radimus
Could you please provide some short inputs how your script work and an example how to run it?

/C [list]


Radimus
(KiX Supporter)
2003-11-18 05:33 PM
Re: Retrieve an user's IP in a lan/domain

take the last post I sent, copy all of it

change the names in the FindUserIP() statements to what ever names you are looking for

Chris S.
(MM club member)
2003-11-18 06:29 PM
Re: Retrieve an user's IP in a lan/domain

Sure, copy and paste my script and run it. Type a USERID in the top input field and hit the find button. Since you mentioned KiXforms in your initial post I assume that you have it installed.

1984
(Starting to like KiXtart)
2003-11-18 06:39 PM
Re: Retrieve an user's IP in a lan/domain

Radimus
Excellent! Your script is a beautiful piece of artwork.
Now to the secound part:
Having the IP add, the script should now perform a remote scan on target client. This to collect some HW & SW information for the target machine. HW info such as System Bios, Mem, CPU, and some SW info such as OS, SP level, installd apps are needed. This to be presented in GUI based interface.(KIXForms)

How do I make a KIX script to do an online remote scan?

U R D Best


1984
(Starting to like KiXtart)
2003-11-18 06:53 PM
Re: Retrieve an user's IP in a lan/domain

Chris S.
Wow! Another great pice of master work!.
Works perfectly
Now once i have the IP, I should be able to make an remote scan on the target client and collect some HW & SW infor for that client.

How do I do that?

\C



Radimus
(KiX Supporter)
2003-11-18 08:13 PM
Re: Retrieve an user's IP in a lan/domain

Go to my web site and DL Inquisitor.

I am actually working on version 2 now. The first one was my first kform project and my code is a bit (a lot) barbaric. The next version should be quite a bit better.

1984
(Starting to like KiXtart)
2003-11-20 05:53 PM
Re: Retrieve an user's IP in a lan/domain

Radimus
Many thanks for your feedback and your scripts.

Now when the IP/Host name for the target "User ID" is listed, Im trying to understand how to use this output to perform a RealTime query on the target machine.

Could you plz provide me some sample how to do a Realtime scan on a client???

Best regards \C

Radimus
(KiX Supporter)
2003-11-20 11:46 PM
Re: Retrieve an user's IP in a lan/domain

read the post on WMIQuery() UDF