| ChristopheM |
| (Hey THIS is FUN) |
| 2012-10-19 01:21 PM |
enum user session with WMI
|
Hi,
i have a script that scans all XP workstations (SP3) on the network (about 4200) to get users locally connected and uptime. i use psloggedon from sysinternals to get user informations (redirect output in a file and analyze text file).
now, instead of launching psloggedon more than 4200 times, i would like to use WMI with remote request. I found a vb script that i converted to Kix and this is working fine locally. The problem is that the script doesn't give the same results when run locally or remotely.
1) i am connected on a workstation A with a domain admin account.
2) from this workstation, i launch mstsc to open a session on workstation B with the same account.
3) i copy the script on workstation B
4) i execute the script on workstation A with workstation B as parameter to get information remotely. I get a set of result 1
5) i execute the script locally on workstation B. I get a set of result 2
set 1 and set 2 are differents
in fact, when executed to get remote informations, it seems that resolution from logonID to user name is not done.
Has somebody experimented this problem ?
Can somebody test the script and tell if he gets same results ?
Thanks
| Radimus |
| (KiX Supporter) |
| 2012-10-19 09:55 PM |
|
Re: enum user session with WMI
|
What I go is have code in my logonscript to update a table in SQL DB with that info.
Code:
$cn = CreateObject("ADODB.Connection") $cmd = CreateObject("ADODB.Command") $rs = CreateObject("ADODB.RecordSet")
$cn.connectionstring = "DRIVER={SQL Server};SERVER=sqlserver;UID=UserName;PWD=password;DATABASE=invDB"
$cn.open $cmd.activeconnection = $cn $rs.cursortype = 3 $rs.locktype = 3
$rs.activecommand = $cmd
$cmdtxt = "select * from dbo._tbl_Main where SerialNumber = '$serNo'"
$cmd.commandtext = $cmdtxt
$rs.open($cmd)
If $rs.eof = -1 $rs.addnew EndIf
$rs.fields.item("UserName").value = @userid
$rs.update
Logfile(tab(3) + 'Updating User logon in SQL Inventory ' + @serror)
$rs.close
$cn.close
| ChristopheM |
| (Hey THIS is FUN) |
| 2012-10-19 10:43 PM |
|
Re: enum user session with WMI
|
thanks for your answer.
This a good way to save user connection but i need to know who is connected at the moment of the scan. With your solution, multiples cases are not treated :
- domain user who has closed the session,
- domain user who has not logon script
- local user created on workstation
- domain user who has opened a session on a laptop not connected the network (logon script not run) and then reconnect the laptop on the network
I just want to understand if there is a bug in my script or if this is a problem with WMI on XP workstations.
Glenn Barnas
|
| (KiX Supporter) |
| 2012-10-20 03:11 AM |
|
|
Re: enum user session with WMI
|
This is how I do it in my helpdesk app:
Code:
; get the currently logged-on user, if any
If $SECURE $WMIOBJPTR = WMIAuthentication($txtHost.Text, $USERID , $USERPW) EndIf
$RC = ''
$ACTIVEUSERID = WMIQuery('UserName', 'Win32_ComputerSystem', $txtHost.Text, , , , $WMIOBJPTR)[0]
If InStr($ACTIVEUSERID, '\') $RC = Split($ACTIVEUSERID, '\')[1] Else $RC = $ACTIVEUSERID EndIf$WMIOBJPTR can be null/eliminated unless you need a specific account to authenticate against the remote machine. WMIAuthentication() simply provides a standard function to get an authenticated WMI object rather than building it into every WMI function.
Glenn
| ChristopheM |
| (Hey THIS is FUN) |
| 2012-10-20 03:57 PM |
|
Re: enum user session with WMI
|
thanks glenn
this is an other way but not really a question to my current problem.
and i see another problem with this solution.
according to MSDN site, the username property of win32_computersystem is set only for a console session not for a session with terminal service so sometime, i could have no information even if there is a user connected !!!
i had a look to your functions. your WMIAuthentication function is very near from my WMIConnectEx
Except parameters, globally i just see one difference :
your code :
Code:
$objWBEM=GetObject('winmgmts:{impersonationLevel=impersonate}!\\'+$sComputerName+'\'+$sNameSpace) Code:
$objWMIService=GetObject('winmgmts:{'+$SecuritySettings+'}!\\'+$strcomputer+'\'+$namespace)I use an optional parameter SecuritySettings where you have hardcoded "impersonationLevel=impersonate".
A word also about the WMIQuery function.
No need to evaluate $sComputer and $root when $pAuth is defined because theses variables aren't used after (and evaluation has already be done by the call to WMIAuthentication).
your code:
Code:
$sComputer = Trim(Join(Split($sComputer,'\'),''))
If Not $sComputer Or $sComputer = @WKSTA
$sComputer = '.'
EndIf
If Not $root
$root = '\root\cimv2'
Endif
If $pAuth
$SystemSet = $pAuth
Else
$SystemSet = GetObject('winmgmts:{impersonationLevel=impersonate}!\\' + $sComputer + $root)
If @ERROR Or Not $SystemSet
Exit Val('&' + Right(DecToHex(@ERROR), 4))
EndIf
EndIf Code:
If $pAuth
$SystemSet = $pAuth
Else
$sComputer = Trim(Join(Split($sComputer,'\'),''))
If Not $sComputer Or $sComputer = @WKSTA
$sComputer = '.'
EndIf
If Not $root
$root = '\root\cimv2'
Endif
$SystemSet = GetObject('winmgmts:{impersonationLevel=impersonate}!\\' + $sComputer + $root)
If @ERROR Or Not $SystemSet
Exit Val('&' + Right(DecToHex(@ERROR), 4))
EndIf
EndIfit is compatible with existing code and will execute a little faster when $pAuth is initialized.
|
Lonkero
|
| (KiX Master Guru) |
| 2012-10-20 09:53 PM |
|
Re: enum user session with WMI
|
you guys doing this the hard way.
be interested in kix only solution maybe?
|
Lonkero
|
| (KiX Master Guru) |
| 2012-10-20 09:59 PM |
|
Re: enum user session with WMI
|
well, I will give it to you anyways:
http://www.kixtart.org/forums/ubbthreads.php?ubb=showflat&Number=82988
why go with something slow when there is superior way of doing it right within kix?
| Radimus |
| (KiX Supporter) |
| 2012-10-22 09:04 PM |
|
|
|
Re: enum user session with WMI
|
If the code is on the machine and is called via All Users startup, or in the local logon policy, the only ones not captured are machine the are logged into, but not connected to LAN at the time.