|
|
|||||||
For about two seconds I was posting this under the UDF forum but I thought better of it and figured this question would be better posted here. I have read everything I could about EnumProcess but am a bit stumped. I have a group of useres who run a particular app all day. At the end of the day I have to run a backup of that program but it will not allow me to do so unless they are out of it. I need to be able to run an admin script that will tell me who in this user group is running this particular program. This is all I have so far and I am 100% sure that it is all wrong: Code: If InGroup("Administration") Any help will be greatly appreciated! Thanks. |
||||||||
|
|
|||||||
$arraycomputers='computer1','computer2','computer3' for each $computer in $ArrayComputers if EnumProcess($exe, , $Computer) ? $computer endif next will display the computer that is running the process Place a value in the second parameter and it will end the task |
||||||||
|
|
|||||||
2 things: 1) So this will, in fact, display the results? 2) The syntax of this seems to be going over my head. Where should I be placing that $arraycomputers string? |
||||||||
|
|
|||||||
1) that is the "? $computer" statement 2) anywhere before the "for each" statement |
||||||||
|
|
|||||||
Okay, I tried that out and I do seem to get some progress but it's hard to measure as there is no visual output. So to be clear, to run this I do need local admin credentials to the computers in question, correct? Edit: Let me correct that. This is the only output: Quote: I guess where I'm lost mainly is how the stings $computer and $arraycomputers are related. Shouldn't I need to add something (what I'm not sure yet) to associate the strings together? |
||||||||
|
|
|||||||
yes, you need admin on the remote PCs $arraycomputers='computer1','computer2','computer3' for each (element of array) in (array of elements) |
||||||||
|
|
|||||||
Okay, I'm gonna list the script as is. Please tell me where I'm going wrong. Code: $exe='program.exe' Now if I change one of the elements in that array to @wksta the script works properly for my system only. I tried running this script with admin privs and still no dice for the other remote machines. |
||||||||
|
|
|||||||
You seem to be missing a "NEXT" to close your loop. |
||||||||
|
|
|||||||
Sure was, thanks. But that didn't solve the problem. In my mind, it's definitely something to do with my syntax in the array. Let's say I had computers named kiXn00b and a domain called domain.tld. Would the proper syntax be?: Code: $arraycomputers='kiXn00b1','kiXn00b2','kiXn00b3' or Code: "...'kiXn00b1.domain.tld',..." Or would I include the domain.tld? |
||||||||
|
|
|||||||
$arraycomputers='kiXn00b1','kiXn00b2','kiXn00b3' is correct And of course, enumProcess is somewhere in your script and the target machines are NT sp4 or better and there are no firewalls blocking the connection and you have admin on each box |
||||||||
|
|
|||||||
EnumProcess is in the script. Otherwise, it wouldn't have worked for @wksta, right? Target machines are XP. No firewalls. I have Domain Admin privs and DA's have full local admin privs. |
||||||||
|
|
|||||||
I think I figured out my problem. The particular program runs under different processes depending upon the module used. I didn't realize that. Therefore, could I just use OR statements for as many processes as I need? (BTW, if so it doesn't work. Shocker...) Thanks!! |
||||||||
|
|
|||||||
$arraycomputers='computer1','computer2','computer3' $processes='a.exe','b.exe','c.exe' for each $computer in $ArrayComputers for each $proc in $processes if EnumProcess($proc, , $Computer) ? $computer endif next next |
||||||||
|
|
|||||||
Thanks, Radimus. It is beginning to show signs of working. It only seems to be working for the first couple of listed processes but I'll keep tweaking on it until it does what I need it to. I did find a command-line tool that can do the same function. It's called PSTools. But I wanted a way to do this with KiXtart. Now, on the same note, could someone give me a push in the right direction to do this: I would like to parse the data from the above script into a messagebox that told me which $computer is running which $proc. Seems like it should be simple enough to do... |
||||||||
|
|
|||||||
change ? $computer into $=sendmessage(@wksta,$computer +' is running '+ $proc) |
||||||||
|
|
|||||||
Awesome!! It pops up that box for every instance of a $proc that's found. Mission fully accomplished. Here's the code in it's final form: Code: $arraycomputers='@wksta','COMP1','COMP2','COMP3' Thanks a ton to everyone who helped me, especially Radimus. I think I'm beginning to understand KiX a bit better after all of that. |
||||||||
|
|
|||||||
Ok, I think after a few days of "beta" testing this in a production environment there is a hang up. The script works great only if the particular $computer's are reachable, hence, on. If it is not on then the script seems to hang or just takes an inordinate amount of time to complete. Unfortunately, I run this script manually at the end of the day and need it to be as quick as possible. I realize, just by the nature of what this script is doing, it can take some time. However, it simply takes too long. Would running a ping script to check that "the system is down, yo" be a good option or would there be a better way of doing it? Thanks again! |
||||||||
|
|
|||||||
Running a ping is an EXCELLENT idea. I would suggest you make the ping part of your main script, instead of a seperate script. This is what I (we) do: Code:
-Shawn |
||||||||
|
|
|||||||
There is a ping UDF in the UDF forum. Sending a ping would be the way to go IMHO. [edit] Shwan is fast today [/edit] |
||||||||
|
|
|||||||
I don't even bother to pipe to find. Code:
|
||||||||
|
|
|||||||
Okay, good to hear that I'm heading down the right track. Only thing is, since I am using an array of computers how would I set it up to ping each individually and then based on result go on to the next $comp in the array? Would I use a "For Each" statement? Just kinda lost within my growing list of If/Else statements that are in my current test script. |
||||||||
|
|
|||||||
Ja, a simple IF Ping($PC) inside your FOR loop. |
||||||||
|
|
|||||||
Good! Does this look right? Code: $arraycomputers='@wksta','other computers' ^After running, there's definitely something hosed with this code!! |
||||||||
|
|
|||||||
This is not correct If Ping($Computer,0,1) You would need to either have a UDF named PING or create one that gave you those results to check against. |
||||||||
|
|
|||||||
I am using the ping UDF. |
||||||||
|
|
|||||||
Obviously then, not my Ping() UDF I posted in this thread since it takes only one parm. |
||||||||
|
|
|||||||
Nope. Sorry, I'll try that now. |
||||||||
|
|
|||||||
Les, Need to remove this line in the UDF example Dim $PC That name is being supplied as a parameter. |
||||||||
|
|
|||||||
Code: Dim $Status |
||||||||
|
|
|||||||
Sorry...not following that last one. Could you explain it a bit? |
||||||||
|
|
|||||||
Here, not tested at all, but put together the code you have already how I think it should run. Quite possible something is not correct and I don't have the enum UDF listed here either which you will need in your script or a call to it. Code: $ArrayComputers=@wksta,'other computers' |
||||||||
|
|
|||||||
Unfortunately, it seems that it sends the "$computer +' is running '+ $proc" message regardless of whether the proc is actually running or not. Instead it sends it if it gets a ping from that $computer. It informed me that each computer that it pinged was running every one of the processes listed and that is an impossibility. These procs can't run simultaneously. Any thoughts? |
||||||||
|
|
|||||||
Yes, please post your actual code you are currently using and I'll review and test it for you. Using quasi coding apparently is not working for you |
||||||||
|
|
|||||||
Haha...here it is: Code: $arraycomputers='computers' I did not include the UDF's in this but I assure you they are there. |
||||||||
|
|
|||||||
Please supply the real values for this just so I'm sure we're talking about the same things. $processes='processes' |
||||||||
|
|
|||||||
Sure: Code: $arraycomputers='@wksta','OFF-JHUFF','OFF-RLOCKWOOD','OFF-SGONZALEZ','OFF-HOYT','OFF-SBERGER','OFF-TSINGERY','OFF-FRONTDESK' Just so as we're clear, the script works great with the exception of when the ping function is added. So I'm sure that the string values are working correctly. |
||||||||
|
|
|||||||
Okay, here is script that should be run from the DOS console which should allow you to see what is returned. Then depending on what you see or get returned you can decide if you want to place that into a NET SEND message or not. The EnumProcess UDF shown here is a modified version to fully support the NoVarInStrings option. Code: Break On |
||||||||
|
|
|||||||
OMG!!! Thanks for doing all of that. I appreciate all the work. Since I am completely green when it comes to scripting I don't understand that first section (Break On, etc.), but I am doing my best. This is what is returned: Code: ERROR : unknown command [The]! This is line 84 in the script since I prefer UDF's at the top: Code: ?'The computer ' + $sComputer + ' responds to ping' (Not surprisingly...)I am at a loss for why it would be giving that error. |
||||||||
|
|
|||||||
There's an extra quote (') at the end of this line, just remove it and the error should go away. $Processes = 'School.exe','SMinder.exe','SMAdmin.exe','SMReport.exe','SMBill.exe','Admission.exe'' |
||||||||
|
|
|||||||
Bah! I must be blind! {EDIT} Alrighty, here's the output from the script, as is: Code:
Soooooo, more or less, we're getting there. It may be that a great deal of the left out info would be displayed if I added some NET SEND messages. What do you guys think? |
||||||||
|
|
|||||||
It appears that WMI is not functioning correctly on a couple of the systems. I would look at testing them individually and repairing WMI if needed. I'm not sure what you're trying to accomplish by sending a NET SEND to the computer for. What would that mean to the user? Most users would either ignore it, or call the Helpdesk to complain about some message that keeps showing up on their computer. |
||||||||
|
|
|||||||
Two things. 1) Once tested and I know where the WMI problem lies, how would I go about repairing it? I'd be more than happy to read up on doing such if someone could tell me where to find that info. 2) The whole idea behind the NET SEND was discussed earlier in the thread. The original code had a line: Code: $=SendMessage(@wksta,$computer +' is running '+ $proc) I was looking to put together some pseudo-front end to the script that would just put the info I was after into a message box plainly with no more than a couple of lines. As it stands, what I'd like to see, is a messagebox that states that either, Yes, the $computer was pinged and that this $process was found to be running....or, No, this $computer was not pinged, we're moving on to the next $computer. That's the general idea. Now, as much as I appreciate the enormous amount of help that I've received, (honestly, I have never seen so many people be so generous with their help!) I always intended on putting this thing together myself. Just saying that to make it clear that it's not like I'm expecting anyone else to do my dirty work. Thank you, everyone! |
||||||||
|
|
|||||||
Reinstalling WMI If you experience behavior when using WMI, such as application errors or scripts that used to work are no longer working, you may have a corrupted WMI repository. To fix a corrupted WMI repository, you have to reinstall WMI. Windows Management Instrumentation - Repair As for the NET SEND I'm still not sure why you would send that to a user. What purpose does it serve either to you or the user? It is not logged, when the user clicks okay the message is now gone, etc.. We can setup a MessageBox command that would alert YOU as the Administrator about a system if you want which I'm guessing is more of what you're really wanting. |
||||||||
|
|
|||||||
Well, two more things: 1) You were dead on about the WMI. I restarted WMI on two machines that were giving me problems and they're running great now. I didn't need to delete the directories. Thanks a ton for the help there. 2) If you notice that's where the SendMessage went to, @WKSTA and I will only be running this script locally so that should never be a problem. However, I am looking at tweaking on how this script displays. A console window is ok but I'd like a nice front end eventually for this. Thanks yet again! |
||||||||
|
|
|||||||
Couple of things to ponder.. Does the following directory exist? %windir%\system32\wbem or.. Code:
HTH, Kent |
||||||||
|
|
|||||||
Good thought, kdyer. I'll consider adding that. Here's the final code with the MessageBox implemented: Code: Break On Kind of nasty with the goto statement but it gets the job done. |
||||||||
|
|
|||||||
Well if you really want a GOOD LOOKING GUI then take a look at implementing this with KiXforms written by our very own Admin/Moderator Shawn Tassie. KiXforms Home Page |
||||||||
|
|
|||||||
I just bought ASE. I thought I saw something about KiXforms when I installed. Maybe it comes with it now. |
||||||||
|
|
|||||||
KiXforms is completely FREE to use. Not sure if it was included as part of the ASE install, but I think you're correct that it does install it. Just need to visit the KiXforms site and start learning how to use it. |
||||||||
|
|
|||||||
Someone say Kixforms ? |
||||||||
|
|
|||||||
You would want ot go with the latest dev build anyway and not the latest gold. |
||||||||
|
|
|||||||
Why's that, Les? |
||||||||
|
|
|||||||
Cuz the latest Gold is buggy but Shawn refused to pull it, and since then he added soo much good stuff since but he can't decide when to cutoff dev and release it as Gold. |
||||||||
|
|
|||||||
OK. I'm working on that front-end as we speak. However, I think I may be in over my head. I'm not a coder by trade (as if it doesn't show) and I'm at a complete loss. I suppose I'll just post on the KiXforms board and try to get some help there. Thanks everyone. |
||||||||
|
|
|||||||
Here, there, doesn't matter - we're all one big happy Kixtart community. |
||||||||
|
|
|||||||
They are a snooty bunch over there... always getting their knickers in a twist. The ones that really matter hang here as well. |
||||||||
|
|
|||||||
Would it be ok then to repost what I posted there, here? |
||||||||
|
|
|||||||
No, I think once you pick your venue, you should stick to it. Some people get annoyed if you cross post between boards. You could post a link though in this thread to help guide people to your topic there. |
||||||||
|
|
|||||||
As a board moderator elsewhere, I fully understand. Wish I'd asked before I posted. Would've made more sense to keep the conversation rolling on this thread. Oh well, here's the link. |
||||||||
|
|
|||||||
Here is some thoughts ... might want to use the ListBox instead of Textboxes - idk - its your call, here is some code based on Listboxes though ... Code:
|
||||||||
|
|
|||||||
The only problem is that what I need to be able to do here is allow the user to enter any computer name in $UI_COMPNAMES and then move them to $UI_COMPLIST to be used in the same old script. I also need them to be able to choose from any of the processes or all of them. Here's link to explain what I'm working on. Just as a side question, on a scale of 1 to 10, how complicated do you think this script will have to be? |
||||||||
|
|
|||||||
What do you want to do with the process or with the computer if you do find it running a given process? |
||||||||
|
|
|||||||
Here's the end goals that I've been given: The option to Kill process, Send message to computer running process to close the program, or just inform @wksta which procs are running where. Sorry, am I not being clear enough? |
||||||||
|
|
|||||||
Okay that should be enough information. If you don't get it figured out, or if no one else steps in, I'll try to take a look at it within the next couple of days and see if I can help you get it completed. |
||||||||
|
|
|||||||
Me want to help too, me want to help to. Just have a question though - not really understanding the requirement to be able to type-in server names (multiple names) into a multiline textbox, then move the individually selected ones into a listbox. Not really following the "why" of this. Wouldn't you want to user to just simply type in a hostname, then move it into the listbox - and if they didn't want it in the listbox, they wouldn't type it anyways ? -Shawn |
||||||||
|
|
|||||||
Thanks! I'll post what I have so far by tomorrow morning. |
||||||||
|
|
|||||||
Shawn, you make a good point. I can see how that would be....stupid. I guess what I'm thinking is coming up with a way that once a user entered a computer name then that can be saved somehow (.ini file?) for future use. But something just struck me. I'll just have a "Search for computers" button. That'll be easier than having someone type a computer name in. Granted, I won't have it search the entire subnet for computers running these procs. I'll just have it list available computers. Since this is an admin thing anyway, odds are that whoever uses this will know which computers might be running these processes. Whadd'ya think? |
||||||||
|
|
|||||||
How many computers you talking about? Are they all well connected? Are they all in one site or OU? You could query ADODB with the LDAP path and then simply check all of them for the running process and return them in the list. I do queries like that all the time. |
||||||||
|
|
|||||||
Well, I would like to leave this open-ended when it comes to amount of computers but I'll limit it in regards to either a subnet or a single domain. (A domain would probably suffice in most circumstances.) |
||||||||
|
|
|||||||
do a search for McAfeeManager2 or Remote Execution Manager find my code and pick it apart :-) |
||||||||
|
|
|||||||
Radimus: I'm looking through it now... On a side note, if in the future, once I'm the demi-KiX-god-gurus that y'all are, what, if any, are the restrictions to selling KiX code to a company? Do you guys know? [That's way off topic and I shall take the ensuing flogging for such an action. ] |
||||||||
|
|
|||||||
Well one would more so be selling their services not the actual code which would be difficult at best to copyright. If you sold someone a solution for $5,000 or $10,000 and it included KiXtart coding, well to me you're selling your knowledge of putting that code together to complete the task, not the actual code. |
||||||||
|
|
|||||||
Yeah, that's what I kept running into about the whole selling the code thing. How can you say that no one else could use already commonly used code? But as a solution to a problem, as in like a new module to an already existing software, I would see that as a feasible thing. I just wanted to make sure there were no GNU-ish restrictions. I'm obviously a very long way from being able to do something remotely like that. Just thought I'd ask...thanks. Back to the task at hand... |
||||||||
|
|
|||||||
OK, I think I'm making some progress towards my goals but I'm stuck again...how would you query for computer names if the network in question does not have a LDAP server or AD? |
||||||||
|
|
|||||||
From a DOS console NET VIEW >SYSTEMS.TXT Then place the correct syntax into KiX code to do similar. |
||||||||
|
|
|||||||
or use one of the UDFs |
||||||||
|
|
|||||||
Duh! Thanks. So based on that I could have it do a query where it checks to see if a LDAP server is available and if one is not available it can search using the other NET VIEW/UDF method? Did that question make sense? |
||||||||
|
|
|||||||
Yes you can do either or both methods if required. |
||||||||
|
|
|||||||
Ok, after a couple of days of playing with this I'm about halfway there. I'm using the NetView2 UDF but I can't figure out how I get the results to display in my ListBox so users can choose which computer(s) they want to search for the running processes. I searched the board and came up with no hints on how to do this. If you know of a previous post that would point me in the right direction please let me know. |