Want to protect your cyber security and still get fast solutions? Ask a secure question today.Go Premium

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 1627
  • Last Modified:

using VB to return what ou and what gpos are applied, indifferent results any ideas ?

Hi I am using some vbs code to return the OU and applied GPOs of a server. Sometimes it returns the info and other times its blank.

I have discovered that if i have logged onto the server previously, the code works, IF its a server i have not logged onto (at the console or via TS) The code fails.  

I am running the code remotely, using a full administrator id.   Any help would be greatly appreciated.



Const FL_FORCE_CREATE_NAMESPACE = 4
On Error Resume Next
strComputer = "myserver"
 
'what OU am I in ?
WScript.Echo "*********************************************************** "
WScript.Echo " What OU ? "
Set wDate = CreateObject("WbemScripting.SWbemDateTime")
Set locator = CreateObject("WbemScripting.SWbemLocator")
Set connection = locator.ConnectServer( strComputer, "root\rsop", null, null, null, null, 0, null)
Set provider = connection.Get("RsopLoggingModeProvider")
provider.RsopCreateSession FL_FORCE_CREATE_NAMESPACE, Null, namespaceLocation, hResult, eInfo
 
WScript.Echo "RSOP Computer Session Information"
 
Set rsopProv = locator.ConnectServer _
    (strComputer, namespaceLocation & "\Computer", null, null, Null, Null, 0 , Null)
 
Set colItems = rsopProv.ExecQuery("Select * from RSOP_Session",,48)
 
For Each objItem in colItems
 
    	wDate.Value  = objItem.creationTime
    	
    	WScript.Echo "OU Location: " & objItem.SOM
 
Next
 
provider.RsopDeleteSession namespaceLocation, hResult
'=============================================================================
'what GPOs are applied
WScript.Echo "*********************************************************** "
WScript.Echo " GPOs applied to this Server are "
Set locator = CreateObject("WbemScripting.SWbemLocator")
Set connection = locator.ConnectServer( strComputer, "root\rsop", null, null, null, null, 0, null)
Set provider = connection.Get("RsopLoggingModeProvider")
provider.RsopCreateSession FL_FORCE_CREATE_NAMESPACE, Null, namespaceLocation, hResult, eInfo
 
Set rsopProv = locator.ConnectServer _
    (strComputer, namespaceLocation & "\Computer", null, null, Null, Null, 0 , Null)
 
WScript.Echo "Computer RSOP of Group Policy Objects"
 
Set colItems = rsopProv.ExecQuery("Select * from RSOP_GPO")
 
For Each objItem in colItems  
 
    WScript.Echo "Name: " & objItem.Name
Next
 
provider.RsopDeleteSession namespaceLocation, hResult

Open in new window

0
dutboy
Asked:
dutboy
  • 5
  • 2
  • 2
  • +1
1 Solution
 
MeCanHelpCommented:
Add a line that shell's out the GPUPDATE command on the machine before it grabs the info just to make sure that all policies are up to dat and applied.
0
 
biztopiaCommented:
Try adding credentials to the ConnectServer call.  This link has a code snippet to show how.

http://techtasks.com/code/viewbookcode/553

Cheers
D.
0
 
dutboyAuthor Commented:
tried both options unfortunately neither worked !
0
What does it mean to be "Always On"?

Is your cloud always on? With an Always On cloud you won't have to worry about downtime for maintenance or software application code updates, ensuring that your bottom line isn't affected.

 
dutboyAuthor Commented:
Its really an odd issue, as it only appears to work if the id used to run the script has cached credentials on the server.
0
 
deaditeCommented:
Have you tried using GPRESULT?

Here are the parameters:
http://www.microsoft.com/windowsxp/using/setup/expert/gpresults.mspx

Download it here:
http://support.microsoft.com/kb/927229
0
 
MeCanHelpCommented:
Thanks for repeating my suggestion deadite, I take it you must agree with what I was saying huh?
0
 
dutboyAuthor Commented:
As mentioned i had tried the gpudate..  here are the results from grpresult, which provide the same results as the vbs.  maybe I should move this to a windows\os group?  To try to work out why cached credentials are required to return the info (as it wasnt an issue with the code)

I have not physically logged on to this server previously. (but am using an admin id)
C:\>gpresult /s server1 /scope computer
INFO: The user "domain\userid" does not have RSOP data.

I have Physically logged on this server previously. (but am running the code remotely)
C:\>gpresult /s server2 /scope computer

Microsoft (R) Windows (R) XP Operating System Group Policy Result tool v2.0
Copyright (C) Microsoft Corp. 1981-2001

Created On 07/12/2007 at 14:32:48


RSOP results for domain\userid on Server2 : Logging Mode
-------------------------------------------------------------

OS Type:           Blah          
OS Configuration:  Blah          
OS Version:                  
Domain Name:                
Domain Type:                
Site Name:                  
Roaming Profile:
Local Profile:              
Connected over a slow link?: No


COMPUTER SETTINGS
------------------

    Last time Group Policy was applied: 07/12/2007 at 09:50:03
    Group Policy was applied from:      
    Group Policy slow link threshold:  

    Applied Group Policy Objects
    -----------------------------
        Policy.1
      Policy.2
      Policy.3
      etc
      etc
0
 
deaditeCommented:
MeCanHelp, my last post said "GPRESULT" not "GPUPDATE".

Are you just interested in getting the GPO that apply to the computer and not the user?  If so, I believe I got your answer. When you connect, use winmgmts like this (Note: root\rsop\computer)...

Set objWMIService = GetObject _
    ("winmgmts:\\" & strComputer & "\root\rsop\computer")


Here are a bunch of sample scripts showing how to access this information:
http://www.activexperts.com/activmonitor/windowsmanagement/scripts/grouppolicy/
0
 
dutboyAuthor Commented:
Deadite. That worked a treat..  I didnt realise it was also trying to report GPOs linked to the user as well..> which makes sense as to why it failed.  Ive tested the new code and am truly satisifed with the results... (damn that "\computer" addition)
0
 
dutboyAuthor Commented:
Sorry , meant to say thanks also :)
0

Featured Post

[Webinar] Database Backup and Recovery

Does your company store data on premises, off site, in the cloud, or a combination of these? If you answered “yes”, you need a data backup recovery plan that fits each and every platform. Watch now as as Percona teaches us how to build agile data backup recovery plan.

  • 5
  • 2
  • 2
  • +1
Tackle projects and never again get stuck behind a technical roadblock.
Join Now