bsharath
asked on
Find all machines which are not contactable with the domain administartor
Hi,
Find all machines which are not contactable with the domain administartor.
What i want is to find all machines if anyone has restricted Domain/Administrator logging into there machines or given any type of restrictions.I have the machine names in the file or a way that the script scans all the machines in the network.
Regards
Sharath
Find all machines which are not contactable with the domain administartor.
What i want is to find all machines if anyone has restricted Domain/Administrator logging into there machines or given any type of restrictions.I have the machine names in the file or a way that the script scans all the machines in the network.
Regards
Sharath
MotherMayI.vbs
Will return results to csv file as pcname,access/error with error checking if offline and not reporting.
Give it a pcname file like others, pcnames.txt
pcNum1
pcNum2
pcNum3
will return;
pcNum1 admin access ok
pcNum2 Permission Denied
pcNum3 Remote computer is offline or unavailable
'===Start copy: MotherMayI.vbs===
' -------------------------- ---------- ---------- ---------- -------'
' MotherMayI.vbs
' 'Sample VBScript to query remote computers
' 'and return cdrom model information into csv file.
' ''Author Riley C. aka ZooFan
' '''Version 1.1 - August 2007
' ''''https://www.experts-exchange.com question ID:22749674
' -------------------------- ---------- ---------- ---------- -------'
'
Option Explicit
Const ForReading = 1, ForWriting = 2, ForAppending = 3 'FileObject Access Type
Const TristateUseDefault = -2, TristateTrue = -1, TristateFalse = 0 'FileObject Format Type
Dim strPcList
Dim arrPcnames()
Dim strResultsFile
Dim dte
Dim tme
Dim objFso
Dim objWshShell
Dim objPCnames
Dim objReadFile
Dim intLneCount
Dim objOutputFile
Dim strCurPath
Dim intPCLoop
Dim strReturn
Dim strTestcon
Set objFso = CreateObject("Scripting.Fi leSystemOb ject")
Set objWshShell = WScript.CreateObject("WScr ipt.Shell" )
strCurPath = CreateObject("Scripting.Fi leSystemOb ject").Get AbsolutePa thName("." )
strPcList = InputBox("Please enter the full path and file" & VbCrLf & "name of the file with the computer names.","Get cdrom drives.")
'Test to make sure file exists if not exit script
If Not objFso.FileExists(strPcLis t) Then
MsgBox "You must enter a valid full path and file name!",vbOKOnly,"Get cdrom drives."
WScript.Quit(0)
Elseif strPcList = "" Then
MsgBox "You must enter a filename!",vbOKOnly,"Get cdrom drives."
WScript.Quit(0)
Else 'File exists continue
dte = Replace(FormatDateTime(dat e(),vbshor tdate),"/" ,"-")
tme = Replace(Replace(FormatDate Time(now() ,vbLongtim e),":","-" )," ","")
strResultsFile = strCurPath & "\" & tme & "_" & dte & ".csv"
If objFSO.FileExists(strResul tsFile) Then
ObjFSO.deleteFile(strResul tsFile)
Else
Set objOutputFile = objFso.CreateTextFile(strR esultsFile )
objOutputFile.Close
End If
MsgBox strResultsFile
Set objPCnames = objFso.GetFile(strPcList)
Set objReadFile = objPCnames.OpenAsTextStrea m(ForReadi ng, TristateUseDefault)
Do Until objReadFile.AtEndOfStream
ReDim Preserve arrPCnames(intLneCount)
arrPCnames(intLneCount) = objReadFile.ReadLine
intLneCount = intLneCount + 1
Loop
objReadFile.Close
Set objOutputFile = objFso.OpenTextFile(strRes ultsFile,F orWriting, TristateUs eDefault)
objOutputFile.WriteLine("C omputer,Ac ess/Error" )
For intPCLoop = LBound(arrPCnames) To UBound(arrPCnames)
strTestcon = MotherMayI(arrPCnames(intP CLoop))
objOutputFile.WriteLine(ar rPCnames(i ntPCLoop) & "," & strTestcon)
Next
objOutputFile.Close
MsgBox("Script has completed")
WScript.Quit
End If
Function MotherMayI(strserver)
Dim Testme
Dim intErr
Dim strRegValue
Dim strFileServer
On Error Resume Next
Set Testme = GetObject("winmgmts://" & strserver & "/root/cimv2")
Set strRegValue = GetObject("winmgmts://" & strserver & "/root/default:StdRegProv" )
intErr = Err.Number
If intErr <> 0 Then
MotherMayI = Err.Description
Else
MotherMayI = "Admin Access OK"
End If
On Error GoTo 0
End Function
'===End copy: MotherMayI.vbs===
Any problems let me know.
zf
p.s. Umm you need to run this while logged on as an admin of the domain. :-)
Will return results to csv file as pcname,access/error with error checking if offline and not reporting.
Give it a pcname file like others, pcnames.txt
pcNum1
pcNum2
pcNum3
will return;
pcNum1 admin access ok
pcNum2 Permission Denied
pcNum3 Remote computer is offline or unavailable
'===Start copy: MotherMayI.vbs===
' --------------------------
' MotherMayI.vbs
' 'Sample VBScript to query remote computers
' 'and return cdrom model information into csv file.
' ''Author Riley C. aka ZooFan
' '''Version 1.1 - August 2007
' ''''https://www.experts-exchange.com question ID:22749674
' --------------------------
'
Option Explicit
Const ForReading = 1, ForWriting = 2, ForAppending = 3 'FileObject Access Type
Const TristateUseDefault = -2, TristateTrue = -1, TristateFalse = 0 'FileObject Format Type
Dim strPcList
Dim arrPcnames()
Dim strResultsFile
Dim dte
Dim tme
Dim objFso
Dim objWshShell
Dim objPCnames
Dim objReadFile
Dim intLneCount
Dim objOutputFile
Dim strCurPath
Dim intPCLoop
Dim strReturn
Dim strTestcon
Set objFso = CreateObject("Scripting.Fi
Set objWshShell = WScript.CreateObject("WScr
strCurPath = CreateObject("Scripting.Fi
strPcList = InputBox("Please enter the full path and file" & VbCrLf & "name of the file with the computer names.","Get cdrom drives.")
'Test to make sure file exists if not exit script
If Not objFso.FileExists(strPcLis
MsgBox "You must enter a valid full path and file name!",vbOKOnly,"Get cdrom drives."
WScript.Quit(0)
Elseif strPcList = "" Then
MsgBox "You must enter a filename!",vbOKOnly,"Get cdrom drives."
WScript.Quit(0)
Else 'File exists continue
dte = Replace(FormatDateTime(dat
tme = Replace(Replace(FormatDate
strResultsFile = strCurPath & "\" & tme & "_" & dte & ".csv"
If objFSO.FileExists(strResul
ObjFSO.deleteFile(strResul
Else
Set objOutputFile = objFso.CreateTextFile(strR
objOutputFile.Close
End If
MsgBox strResultsFile
Set objPCnames = objFso.GetFile(strPcList)
Set objReadFile = objPCnames.OpenAsTextStrea
Do Until objReadFile.AtEndOfStream
ReDim Preserve arrPCnames(intLneCount)
arrPCnames(intLneCount) = objReadFile.ReadLine
intLneCount = intLneCount + 1
Loop
objReadFile.Close
Set objOutputFile = objFso.OpenTextFile(strRes
objOutputFile.WriteLine("C
For intPCLoop = LBound(arrPCnames) To UBound(arrPCnames)
strTestcon = MotherMayI(arrPCnames(intP
objOutputFile.WriteLine(ar
Next
objOutputFile.Close
MsgBox("Script has completed")
WScript.Quit
End If
Function MotherMayI(strserver)
Dim Testme
Dim intErr
Dim strRegValue
Dim strFileServer
On Error Resume Next
Set Testme = GetObject("winmgmts://" & strserver & "/root/cimv2")
Set strRegValue = GetObject("winmgmts://" & strserver & "/root/default:StdRegProv"
intErr = Err.Number
If intErr <> 0 Then
MotherMayI = Err.Description
Else
MotherMayI = "Admin Access OK"
End If
On Error GoTo 0
End Function
'===End copy: MotherMayI.vbs===
Any problems let me know.
zf
p.s. Umm you need to run this while logged on as an admin of the domain. :-)
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
I get these type of answers.
Admin Access OK
Permission denied
The remote server machine does not exist or is unavailable
What does each mean
Admin Access OK
Permission denied
The remote server machine does not exist or is unavailable
What does each mean
"Admin access ok" means domain admin has rights to access the pc over the network
"Permission Denied" means admin does NOT have rights to access the pc over the network
"means admin has right to access the pc over the net" means either the pc is off/blocked by firewall/or incorrect name given in file. basically the script couldnt conact the pc.
zf
"Permission Denied" means admin does NOT have rights to access the pc over the network
"means admin has right to access the pc over the net" means either the pc is off/blocked by firewall/or incorrect name given in file. basically the script couldnt conact the pc.
zf
Sorry got paste happy
"Admin access ok"
means domain admin has rights to access the pc over the network
"Permission Denied"
means admin does NOT have rights to access the pc over the network
"The remote server machine does not exist or is unavailable"
means either the pc is off/blocked by firewall/or incorrect name given in file. basically the script couldnt conact the pc.
zf
"Admin access ok"
means domain admin has rights to access the pc over the network
"Permission Denied"
means admin does NOT have rights to access the pc over the network
"The remote server machine does not exist or is unavailable"
means either the pc is off/blocked by firewall/or incorrect name given in file. basically the script couldnt conact the pc.
zf
ASKER
Ok i have another Q to check the same way on folders.Is there a way to scan all folders in a local machine if the logged in user has access to all the folders and files.If he has permissions...
ASKER
I can raise a new Q if you can do it....
Do you realize how long it would take to scan every file on the hard drive? lol
But if your sure you want to wait that long(could be hours to scan) Ill give it a try
zf
But if your sure you want to wait that long(could be hours to scan) Ill give it a try
zf
ASKER
Yes not a problem .If possible to mession the drive or Folder path in the script.So that it would be easy.
Output of only denied access ok? might be a shorter and easier to read list I think.
and we are talking just read rights correct?
ex:
drive:\path\path\file permission denied
will give it a try tommorrow and let you know, am headed to bed for the night.
zf
and we are talking just read rights correct?
ex:
drive:\path\path\file permission denied
will give it a try tommorrow and let you know, am headed to bed for the night.
zf
ASKER
One very important thing which i wantd.As we are formatting our file server need to take the permission details to a file..
Is there a way you can get a script which can scan the folder for the paths that are there and give a output with the security permission members to a file
Say i have
C:\share1
C:\Share2
i the file
The script results should look like this.
C:\share1 Permissions Sharathr Samme rajesh
C:\Share2 Permissions Administrator Rajesh
THX
Sharath
Is there a way you can get a script which can scan the folder for the paths that are there and give a output with the security permission members to a file
Say i have
C:\share1
C:\Share2
i the file
The script results should look like this.
C:\share1 Permissions Sharathr Samme rajesh
C:\Share2 Permissions Administrator Rajesh
THX
Sharath
ASKER
Ok zoofan....
You are correct the output as you mentioned....
You are correct the output as you mentioned....
I have questions about this as to ensure I accurately return what your looking for. Are you really after the script to answer your share permission results question? or are you looking for NTFS (NOT SHARE) permissions as well? I was workiing on the share permissions export and think I about have that one.
If this is the same then I will continue working on it, if this is different I will start a new, and still work on the other.
zf
If this is the same then I will continue working on it, if this is different I will start a new, and still work on the other.
zf
ASKER
What i want is the share and NTFS permissions.All members or groups to be exported to a csv or txt file.
I see, ummm I had(I Think were on the same page) a simular situation at work I migrated to a NEW file server but needed to replicate EVERYTHING permissions shares directory structure etc etc as I think this is what your trying to do,
if so this is what you truly need to do it right!!!!!!!
the export of permissions will be a very crude and unsuccessful way to do this....trust me I tried!!!!
go here
"How do I use the Microsoft File Server Migration Toolkit (FSMT)?"
http://www.windowsitpro.com/Articles/ArticleID/49595/49595.html?Ad=1
if you need help with that give a yell.
zf
ps. this ones one me :-)
if so this is what you truly need to do it right!!!!!!!
the export of permissions will be a very crude and unsuccessful way to do this....trust me I tried!!!!
go here
"How do I use the Microsoft File Server Migration Toolkit (FSMT)?"
http://www.windowsitpro.com/Articles/ArticleID/49595/49595.html?Ad=1
if you need help with that give a yell.
zf
ps. this ones one me :-)
If that is not what your trying to do and still need both the NTFS and share permissions exported I will work on it and get back to you, probably this weekend.
zf
zf
Oh and from MS site for tool kit
http://www.microsoft.com/windowsserver2003/upgrading/nt4/tooldocs/msfsc.mspx
and download link for kit
http://www.microsoft.com/downloads/details.aspx?FamilyID=d00e3eae-930a-42b0-b595-66f462f5d87b&DisplayLang=en
hope this helps, I know it helped me TONS!!!
zf
http://www.microsoft.com/windowsserver2003/upgrading/nt4/tooldocs/msfsc.mspx
and download link for kit
http://www.microsoft.com/downloads/details.aspx?FamilyID=d00e3eae-930a-42b0-b595-66f462f5d87b&DisplayLang=en
hope this helps, I know it helped me TONS!!!
zf
ASKER
Zoofan..
Thanks for this i shall go through but for cross checking i would require a file which has all these details so that tommorow no one can blame me if any share has been removed or wrongly added
thanks...
Have a good sleep....
Thanks for this i shall go through but for cross checking i would require a file which has all these details so that tommorow no one can blame me if any share has been removed or wrongly added
thanks...
Have a good sleep....
Open up computer managment console on the server, goto Shares\Shared Folders
lists all the current server shares with full paths,
On the tool bar up click "export List" this will export the full list with details so you have a master list of current shares. :-)
cheers
zf
lists all the current server shares with full paths,
On the tool bar up click "export List" this will export the full list with details so you have a master list of current shares. :-)
cheers
zf
ASKER
zoofan...
this get these details
Share Name Folder Path Type # Client Connections Description
but i want the members who are in the share and NTFS permissions....
Need to get each shared folder and to whome it is shared and who have NTFS access and who has full/Read only ....
this get these details
Share Name Folder Path Type # Client Connections Description
but i want the members who are in the share and NTFS permissions....
Need to get each shared folder and to whome it is shared and who have NTFS access and who has full/Read only ....
I know, was just a comparative list of shares for your records.
CYA
"cross checking i would require a file which has all these details so that tommorow no one can blame me if any share has been removed or wrongly added"
zf
CYA
"cross checking i would require a file which has all these details so that tommorow no one can blame me if any share has been removed or wrongly added"
zf
ASKER
zoofan:
File server migration.
What does it exxactly do..I have data of 2 TB in my file server will it backup all the data with the shares and permissions intact???
File server migration.
What does it exxactly do..I have data of 2 TB in my file server will it backup all the data with the shares and permissions intact???
You set up a new, second server. The orginal server connects to it and yes transfers everything from old to new. Folder\file structure with NTFS permissions, recreates shares with permissions,
bascially it allows you to clone everything but the OS to a new/different server for replacement.
zf
bascially it allows you to clone everything but the OS to a new/different server for replacement.
zf
ASKER
Ok but i need to backup to tapes as we have to just format and restore the same data to the same machine but the Os would be Win 2003
Previously we had win 2000
Previously we had win 2000
Ok, well this is more to your target then I thought you were moveing to new you need to restore from backup got it.
go here,
"This article explains how to restore share definitions using NTBackup and the Registry Editor."
http://support.microsoft.com/?id=141589
That what were after?
zf
go here,
"This article explains how to restore share definitions using NTBackup and the Registry Editor."
http://support.microsoft.com/?id=141589
That what were after?
zf
Doing this VIA ntbackup, ALL ntfs permissions are retained, following this aarticle adds to that all the share information. Think that is exactly what you need.
zf
zf
Sorry for all the other info.
As my mother once told me
"Precise questions lead to precise answers." lol
ahh well hope all this helps.
zf
As my mother once told me
"Precise questions lead to precise answers." lol
ahh well hope all this helps.
zf
And sorry to speshalyst for flooding his email with posts to this question :-)
zf
zf
ASKER
But i am using Veritas for backup to a tape loader...
And data protector for backing up data from my Nas server...
And data protector for backing up data from my Nas server...
ASKER
Zoofan
"Permission Denied"
means admin does NOT have rights to access the pc over the network
I scanned my whole network and got about 10 machines which shows this.
I am able to connect to there machine \\machinename\c$ with Domain\administrator credentials
"Permission Denied"
means admin does NOT have rights to access the pc over the network
I scanned my whole network and got about 10 machines which shows this.
I am able to connect to there machine \\machinename\c$ with Domain\administrator credentials
go into computer managment of one of those remotly and look to see if WMI service is running. It is returning the permissions based on WMI access.
zf
zf
And did it prompt you to enter then domain credentials?
zf
fyi: script for you in IIS automation, to change source path
oh yea and I am going to be off to bed here ummm soooooooon lol 6am here now, work at Noon
zf
fyi: script for you in IIS automation, to change source path
oh yea and I am going to be off to bed here ummm soooooooon lol 6am here now, work at Noon
ASKER
Ok Zoofan sleep well catch you tommorow....
Thank you,
see you tommorrow(today)
zf
see you tommorrow(today)
zf
ASKER
Windows Management Instrumentation serice is Started
Windows Management Instrumentation Driver Extensions Manual
WMI Performance Adapter Manual
Yes when i connected from the domain/administrator logged in machine it does not ask and when i connect from my machine it asks for a username and password...
Windows Management Instrumentation Driver Extensions Manual
WMI Performance Adapter Manual
Yes when i connected from the domain/administrator logged in machine it does not ask and when i connect from my machine it asks for a username and password...
why dont you give this tool a shot.. NSAUDITOR
http://www.snapfiles.com/get/nsauditor.html
You questions have a pattern mostly relating to audits over the network..