Page 1 of 1 1
Topic Options
#108191 - 2003-11-18 01:48 PM Retrieve an user's IP in a lan/domain
1984 Offline
Starting to like KiXtart

Registered: 2003-08-14
Posts: 150
Hi,

I'm new to KIX scripting and need some help/feedback. I need a KIX script to perform some actions and show the result in a GUI based interface using KIXForms.
Simply I want to get the IP address for a specific LAN user ID who is logged on into a Domain.
The only input to the script should be “User ID”.

Using NBTScan I could do a scanning on single IP, or IP rang/subnet, to retrieve logged on users IP address.
But I want to do the opposite way! I give a specific user ID and get the IP address for that specific user ID.

When using “net send” command you can send message to a “specific user ID”, so somehow “net send” must list the IP address for that specific user ID to send your message to target host client which the user are logged on to. I don’t know if “net send” will do a query on WINS server to get the necessary info such as IP address for the client which that specific user is logged on to.

How do I capture that info, which hopefully contains the IP for the client which the specific user ID is logged on to?

So my input is only single “User ID” and the output should be the IP address for that User ID.
The next step is to tell the script to do a remote scan on that client, which that specific user is logged on to.
The output of remote scanning should be collected information such as HW and SW inventory for target machine, presented in GUI based interface.

Any idea's ???

Greatfull Cyrus geminizer@hotmail.com
[list] [pollstop]
_________________________
"... Great minds talk about idea' s, average minds talk about events and samll minds talks about people...!"

Top
#108192 - 2003-11-18 02:14 PM Re: Retrieve an user's IP in a lan/domain
Howard Bullock Offline
KiX Supporter
*****

Registered: 2000-09-15
Posts: 5809
Loc: Harrisburg, PA USA
In a Microsoft NT4 environment the only place user name exists relative to an IP is in the WINS database. I have not checked into seeing if the user appears in W2K DNS as an autoregistered record.
_________________________
Home page: http://www.kixhelp.com/hb/

Top
#108193 - 2003-11-18 02:59 PM Re: Retrieve an user's IP in a lan/domain
Kdyer Offline
KiX Supporter
*****

Registered: 2001-01-03
Posts: 6241
Loc: Tigard, OR
Couple of approaches that have been used on this..
(1) Log the user, IP, and other info to a database, CSV, etc.
(2) Cisco has a tool for getting this or related info as well - UTLITE33.EXE (From Cisco)

You would then query either of these.

HTH,

Kent
_________________________
Utilize these resources:
UDFs (Full List)
KiXtart FAQ & How to's

Top
#108194 - 2003-11-18 03:06 PM Re: Retrieve an user's IP in a lan/domain
Radimus Moderator Offline
Moderator
*****

Registered: 2000-01-06
Posts: 5187
Loc: Tampa, FL
you could also parse your domain controllers for event 673 and then read the details
_________________________
How to ask questions the smart way <-----------> Before you ask

Top
#108195 - 2003-11-18 03:10 PM Re: Retrieve an user's IP in a lan/domain
Chris S. Moderator Offline
MM club member
*****

Registered: 2002-03-18
Posts: 2368
Loc: Earth
Here's a KiXforms script that I use...

Code:
Break On


$nul=SetConsole("Hide")

$frmMain = CreateObject("Kixtart.Form")
$frmMain.Caption = "Locate"
$frmMain.Icon = "shell32.dll;52"
$frmMain.Size = 285,155

$txtUser = $frmMain.TextBox("",10,10,200,20)
$txtUser.OnChange = "$$btnFind.Enabled=1"

$txtIP = $frmMain.TextBox("",10,40,200,20)
;$txtIP.Enabled = 0

$txtHost = $frmMain.TextBox("",10,70,200,20)
;$txtHost.Enabled = 0

$btnFind = $frmMain.Button("Find",$txtUser.Right+10,$txtUser.Top,50,20)
$btnFind.Enabled = 0
$btnFind.OnClick = "fnFindUser($$txtUser.Value) If @@ERROR fnERROR() EndIf"

$btnIP = $frmMain.Button("Copy",$txtIP.Right+10,$txtIP.Top,50,20)
$btnIP.Enabled = 0
$btnIP.OnClick = "fnCopyIP()"

$btnHost = $frmMain.Button("Copy",$txtHost.Right+10,$txtHost.Top,50,20)
$btnHost.Enabled = 0
$btnHost.OnClick = "fnCopyHost()"

$prgStatus = $frmMain.ProgressBar()
$prgStatus.Left = 10
$prgStatus.Top = $txtHost.Bottom+10
$prgStatus.Width = $frmMain.ClientWidth - 20
$prgStatus.Height = 20
$prgStatus.BorderStyle = 5
$prgStatus.Style = 1
$prgStatus.Max=3

$frmMain.Center
$frmMain.Show
While $frmMain.Visible
$nul=Execute($frmMain.DoEvents)
Loop

Exit 1

Function fnCopyIP()
$txtIP.SelStart = 0
$txtIP.SelLength = Len($txtIP.Text)
$txtIP.SetFocus() $txtIP.Copy()
EndFunction

Function fnCopyHost()
$txtHost.SelStart = 0
$txtHost.SelLength = Len($txtHost.Text)
$txtHost.SetFocus() $txtHost.Copy()
EndFunction

Function fnERROR()
$nul=MessageBox("User not found","Error")
EndFunction

Function fnFindUser($sUser)
$txtIP.Text = ""
$txtHost.Text = ""
$btnIP.Enabled = 0
$btnHost.Enabled = 0
$prgStatus.Value=0
$nul=WshPipe('Net Send '+$sUser+' ""',1)
If @ERROR Exit @ERROR EndIf
$prgStatus.Value=$prgStatus.Value+1
$aCon=WshPipe('nbtstat -c',1)
If @ERROR Exit @ERROR EndIf
$prgStatus.Value=$prgStatus.Value+1
For Each $sCon in $aCon
If Instr($sCon,$sUser)
$aFnd=Split($sCon," ")
For Each $sFnd in $aFnd
If Instr($sFnd,".") $sIP=$sFnd EndIf
Next
EndIf
Next
$aHost=WshPipe('Ping -a -n 1 $sIP',1)
$prgStatus.Value=$prgStatus.Value+1
If @ERROR Exit @ERROR EndIf
For Each $sHost in $aHost
If Instr($sHost,$sIP) and Instr($sHost,"Pinging")
$sCom=Split($sHost," ")[1]
EndIf
Next
$txtIP.Text = $sIP
$txtHost.Text = $sCom
$btnIP.Enabled = 1
$btnHost.Enabled = 1
$prgStatus.Value=0
EndFunction

Function WshPipe($ShellCMD, OPTIONAL $NoEcho)
Dim $oExec, $Output
$oExec = CreateObject("WScript.Shell").Exec($ShellCMD)
If Not VarType($oExec)=9 $WshPipe="WScript.Shell Exec Unsupported" Exit 10 EndIf
$Output = $oExec.StdOut.ReadAll + $oExec.StdErr.ReadAll
If Not $NoEcho $Output Endif
$WshPipe=Split($Output,@CRLF)
Exit($oExec.ExitCode)
EndFunction


Top
#108196 - 2003-11-18 03:20 PM Re: Retrieve an user's IP in a lan/domain
Radimus Moderator Offline
Moderator
*****

Registered: 2000-01-06
Posts: 5187
Loc: Tampa, FL
I try to net send a nul and it chokes on it...

Quote:


C:\Documents and Settings\whsfrc>net send fsdshfm
Sending files is no longer supported.

More help is available by typing NET HELPMSG 3777.


C:\Documents and Settings\whesferc>nbtstat -c

LAN:
Node IpAddress: [164.51.34.88] Scope Id: []

No names in cache






if I send any single char it works and inserts into the cache
_________________________
How to ask questions the smart way <-----------> Before you ask

Top
#108197 - 2003-11-18 03:22 PM Re: Retrieve an user's IP in a lan/domain
Chris S. Moderator Offline
MM club member
*****

Registered: 2002-03-18
Posts: 2368
Loc: Earth
Try...

net send fsdshfm ""

Top
#108198 - 2003-11-18 03:50 PM Re: Retrieve an user's IP in a lan/domain
Radimus Moderator Offline
Moderator
*****

Registered: 2000-01-06
Posts: 5187
Loc: Tampa, FL
ok... here is a basic script. I'll UDF this eventually


Code:

break on


gets $name ; or $name=''
if $name
$nul = wshpipe('net send '+$name+' ""',1)
$str = WshPipe('cmd /c nbtstat -c | find "'+ucase($name)+'"',1)
if not @error
for each $entry in $str
$ip = trim(substr($entry,41,16))
? $ip
next
else
? $name+" not found"
endif
endif

Function WshPipe($ShellCMD, OPTIONAL $NoEcho)
Dim $oExec, $Output
$oExec = CreateObject("WScript.Shell").Exec($ShellCMD)
If Not VarType($oExec)=9 $WshPipe="WScript.Shell Exec Unsupported" Exit 10 EndIf
$Output = $oExec.StdOut.ReadAll + $oExec.StdErr.ReadAll
If Not $NoEcho $Output Endif
$WshPipe=Split($Output,@CRLF)
Exit($oExec.ExitCode)
EndFunction

_________________________
How to ask questions the smart way <-----------> Before you ask

Top
#108199 - 2003-11-18 04:44 PM Re: Retrieve an user's IP in a lan/domain
Radimus Moderator Offline
Moderator
*****

Registered: 2000-01-06
Posts: 5187
Loc: Tampa, FL
Code:

? FindUserIP('JoeL')
? FindUserIP('SteveN')


Function FindUserIP($user)
DIM $nul, $str, $entry
$nul = WshPipe('net send '+$user+' ""',1)
$str = WshPipe('%comspec% /c nbtstat -c | find "'+ucase($user)+'"',1)
if @error exit @error endif
for each $entry in $str
if instr($entry,$user)
$FindUserIP = trim(substr($entry,41,16))
endif
next
exit @error
endfunction

Function WshPipe($ShellCMD, OPTIONAL $NoEcho)
Dim $oExec, $Output
$oExec = CreateObject("WScript.Shell").Exec($ShellCMD)
If Not VarType($oExec)=9 $WshPipe="WScript.Shell Exec Unsupported" Exit 10 EndIf
$Output = $oExec.StdOut.ReadAll + $oExec.StdErr.ReadAll
If Not $NoEcho $Output Endif
$WshPipe=Split($Output,@CRLF)
Exit($oExec.ExitCode)
EndFunction

_________________________
How to ask questions the smart way <-----------> Before you ask

Top
#108200 - 2003-11-18 05:22 PM Re: Retrieve an user's IP in a lan/domain
1984 Offline
Starting to like KiXtart

Registered: 2003-08-14
Posts: 150
Wow! Many thanks for your feedbacks, but I’m still confused…

Remember the only known data/input to the script should be the specific single “User ID”.
The user running the script may not be domain or server admin.
Other info such as WINS and DNS servers, subnets and V-LAN may NOT been known.

?My Questions?

kdyer
Can I use Cisco tools on any LAN based environment or it only works with their equipments???

Chris S.
Could you please provide some short inputs how your script work and an example how to run it?

Radimus
Could you please provide some short inputs how your script work and an example how to run it?

/C [list]
_________________________
"... Great minds talk about idea' s, average minds talk about events and samll minds talks about people...!"

Top
#108201 - 2003-11-18 05:33 PM Re: Retrieve an user's IP in a lan/domain
Radimus Moderator Offline
Moderator
*****

Registered: 2000-01-06
Posts: 5187
Loc: Tampa, FL
take the last post I sent, copy all of it

change the names in the FindUserIP() statements to what ever names you are looking for
_________________________
How to ask questions the smart way <-----------> Before you ask

Top
#108202 - 2003-11-18 06:29 PM Re: Retrieve an user's IP in a lan/domain
Chris S. Moderator Offline
MM club member
*****

Registered: 2002-03-18
Posts: 2368
Loc: Earth
Sure, copy and paste my script and run it. Type a USERID in the top input field and hit the find button. Since you mentioned KiXforms in your initial post I assume that you have it installed.
Top
#108203 - 2003-11-18 06:39 PM Re: Retrieve an user's IP in a lan/domain
1984 Offline
Starting to like KiXtart

Registered: 2003-08-14
Posts: 150
Radimus
Excellent! Your script is a beautiful piece of artwork.
Now to the secound part:
Having the IP add, the script should now perform a remote scan on target client. This to collect some HW & SW information for the target machine. HW info such as System Bios, Mem, CPU, and some SW info such as OS, SP level, installd apps are needed. This to be presented in GUI based interface.(KIXForms)

How do I make a KIX script to do an online remote scan?

U R D Best
_________________________
"... Great minds talk about idea' s, average minds talk about events and samll minds talks about people...!"

Top
#108204 - 2003-11-18 06:53 PM Re: Retrieve an user's IP in a lan/domain
1984 Offline
Starting to like KiXtart

Registered: 2003-08-14
Posts: 150
Chris S.
Wow! Another great pice of master work!.
Works perfectly
Now once i have the IP, I should be able to make an remote scan on the target client and collect some HW & SW infor for that client.

How do I do that?

\C

_________________________
"... Great minds talk about idea' s, average minds talk about events and samll minds talks about people...!"

Top
#108205 - 2003-11-18 08:13 PM Re: Retrieve an user's IP in a lan/domain
Radimus Moderator Offline
Moderator
*****

Registered: 2000-01-06
Posts: 5187
Loc: Tampa, FL
Go to my web site and DL Inquisitor.

I am actually working on version 2 now. The first one was my first kform project and my code is a bit (a lot) barbaric. The next version should be quite a bit better.
_________________________
How to ask questions the smart way <-----------> Before you ask

Top
#108206 - 2003-11-20 05:53 PM Re: Retrieve an user's IP in a lan/domain
1984 Offline
Starting to like KiXtart

Registered: 2003-08-14
Posts: 150
Radimus
Many thanks for your feedback and your scripts.

Now when the IP/Host name for the target "User ID" is listed, Im trying to understand how to use this output to perform a RealTime query on the target machine.

Could you plz provide me some sample how to do a Realtime scan on a client???

Best regards \C
_________________________
"... Great minds talk about idea' s, average minds talk about events and samll minds talks about people...!"

Top
#108207 - 2003-11-20 11:46 PM Re: Retrieve an user's IP in a lan/domain
Radimus Moderator Offline
Moderator
*****

Registered: 2000-01-06
Posts: 5187
Loc: Tampa, FL
read the post on WMIQuery() UDF
_________________________
How to ask questions the smart way <-----------> Before you ask

Top
Page 1 of 1 1


Moderator:  Jochen, Allen, Radimus, Chris S., Glenn Barnas, ShaneEP, Arend_, Mart 
Hop to:
Shout Box

Who's Online
1 registered (Allen) and 151 anonymous users online.
Newest Members
MikeKrausnick, Ruggiero, xempa333, KroodjeBip, Thala
17470 Registered Users

Generated in 0.038 seconds in which 0.01 seconds were spent on a total of 12 queries. Zlib compression enabled.

Search the board with:
superb Board Search
or try with google:
Google
Web kixtart.org