Link to home
Start Free TrialLog in
Avatar of dutboy
dutboy

asked on

using VB to return what ou and what gpos are applied, indifferent results any ideas ?

Hi I am using some vbs code to return the OU and applied GPOs of a server. Sometimes it returns the info and other times its blank.

I have discovered that if i have logged onto the server previously, the code works, IF its a server i have not logged onto (at the console or via TS) The code fails.  

I am running the code remotely, using a full administrator id.   Any help would be greatly appreciated.



Const FL_FORCE_CREATE_NAMESPACE = 4
On Error Resume Next
strComputer = "myserver"
 
'what OU am I in ?
WScript.Echo "*********************************************************** "
WScript.Echo " What OU ? "
Set wDate = CreateObject("WbemScripting.SWbemDateTime")
Set locator = CreateObject("WbemScripting.SWbemLocator")
Set connection = locator.ConnectServer( strComputer, "root\rsop", null, null, null, null, 0, null)
Set provider = connection.Get("RsopLoggingModeProvider")
provider.RsopCreateSession FL_FORCE_CREATE_NAMESPACE, Null, namespaceLocation, hResult, eInfo
 
WScript.Echo "RSOP Computer Session Information"
 
Set rsopProv = locator.ConnectServer _
    (strComputer, namespaceLocation & "\Computer", null, null, Null, Null, 0 , Null)
 
Set colItems = rsopProv.ExecQuery("Select * from RSOP_Session",,48)
 
For Each objItem in colItems
 
    	wDate.Value  = objItem.creationTime
    	
    	WScript.Echo "OU Location: " & objItem.SOM
 
Next
 
provider.RsopDeleteSession namespaceLocation, hResult
'=============================================================================
'what GPOs are applied
WScript.Echo "*********************************************************** "
WScript.Echo " GPOs applied to this Server are "
Set locator = CreateObject("WbemScripting.SWbemLocator")
Set connection = locator.ConnectServer( strComputer, "root\rsop", null, null, null, null, 0, null)
Set provider = connection.Get("RsopLoggingModeProvider")
provider.RsopCreateSession FL_FORCE_CREATE_NAMESPACE, Null, namespaceLocation, hResult, eInfo
 
Set rsopProv = locator.ConnectServer _
    (strComputer, namespaceLocation & "\Computer", null, null, Null, Null, 0 , Null)
 
WScript.Echo "Computer RSOP of Group Policy Objects"
 
Set colItems = rsopProv.ExecQuery("Select * from RSOP_GPO")
 
For Each objItem in colItems  
 
    WScript.Echo "Name: " & objItem.Name
Next
 
provider.RsopDeleteSession namespaceLocation, hResult

Open in new window

Avatar of MeCanHelp
MeCanHelp
Flag of United States of America image
Add a line that shell's out the GPUPDATE command on the machine before it grabs the info just to make sure that all policies are up to dat and applied.
Avatar of biztopia
biztopia
Try adding credentials to the ConnectServer call.  This link has a code snippet to show how.

http://techtasks.com/code/viewbookcode/553

Cheers
D.
Avatar of dutboy
dutboy

ASKER

tried both options unfortunately neither worked !
Avatar of dutboy
dutboy

ASKER

Its really an odd issue, as it only appears to work if the id used to run the script has cached credentials on the server.
Avatar of deadite
deadite
Flag of United States of America image
Have you tried using GPRESULT?

Here are the parameters:
http://www.microsoft.com/windowsxp/using/setup/expert/gpresults.mspx

Download it here:
http://support.microsoft.com/kb/927229
Avatar of MeCanHelp
MeCanHelp
Flag of United States of America image
Thanks for repeating my suggestion deadite, I take it you must agree with what I was saying huh?
Avatar of dutboy
dutboy

ASKER

As mentioned i had tried the gpudate..  here are the results from grpresult, which provide the same results as the vbs.  maybe I should move this to a windows\os group?  To try to work out why cached credentials are required to return the info (as it wasnt an issue with the code)

I have not physically logged on to this server previously. (but am using an admin id)
C:\>gpresult /s server1 /scope computer
INFO: The user "domain\userid" does not have RSOP data.

I have Physically logged on this server previously. (but am running the code remotely)
C:\>gpresult /s server2 /scope computer

Microsoft (R) Windows (R) XP Operating System Group Policy Result tool v2.0
Copyright (C) Microsoft Corp. 1981-2001

Created On 07/12/2007 at 14:32:48


RSOP results for domain\userid on Server2 : Logging Mode
-------------------------------------------------------------

OS Type:           Blah          
OS Configuration:  Blah          
OS Version:                  
Domain Name:                
Domain Type:                
Site Name:                  
Roaming Profile:
Local Profile:              
Connected over a slow link?: No


COMPUTER SETTINGS
------------------

    Last time Group Policy was applied: 07/12/2007 at 09:50:03
    Group Policy was applied from:      
    Group Policy slow link threshold:  

    Applied Group Policy Objects
    -----------------------------
        Policy.1
      Policy.2
      Policy.3
      etc
      etc
ASKER CERTIFIED SOLUTION
Avatar of deadite
deadite
Flag of United States of America image
Link to home
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Start Free Trial
Avatar of dutboy
dutboy

ASKER

Deadite. That worked a treat..  I didnt realise it was also trying to report GPOs linked to the user as well..> which makes sense as to why it failed.  Ive tested the new code and am truly satisifed with the results... (damn that "\computer" addition)
Avatar of dutboy
dutboy

ASKER

Sorry , meant to say thanks also :)