dutboy
asked on
using VB to return what ou and what gpos are applied, indifferent results any ideas ?
Hi I am using some vbs code to return the OU and applied GPOs of a server. Sometimes it returns the info and other times its blank.
I have discovered that if i have logged onto the server previously, the code works, IF its a server i have not logged onto (at the console or via TS) The code fails.
I am running the code remotely, using a full administrator id. Any help would be greatly appreciated.
I have discovered that if i have logged onto the server previously, the code works, IF its a server i have not logged onto (at the console or via TS) The code fails.
I am running the code remotely, using a full administrator id. Any help would be greatly appreciated.
Const FL_FORCE_CREATE_NAMESPACE = 4
On Error Resume Next
strComputer = "myserver"
'what OU am I in ?
WScript.Echo "*********************************************************** "
WScript.Echo " What OU ? "
Set wDate = CreateObject("WbemScripting.SWbemDateTime")
Set locator = CreateObject("WbemScripting.SWbemLocator")
Set connection = locator.ConnectServer( strComputer, "root\rsop", null, null, null, null, 0, null)
Set provider = connection.Get("RsopLoggingModeProvider")
provider.RsopCreateSession FL_FORCE_CREATE_NAMESPACE, Null, namespaceLocation, hResult, eInfo
WScript.Echo "RSOP Computer Session Information"
Set rsopProv = locator.ConnectServer _
(strComputer, namespaceLocation & "\Computer", null, null, Null, Null, 0 , Null)
Set colItems = rsopProv.ExecQuery("Select * from RSOP_Session",,48)
For Each objItem in colItems
wDate.Value = objItem.creationTime
WScript.Echo "OU Location: " & objItem.SOM
Next
provider.RsopDeleteSession namespaceLocation, hResult
'=============================================================================
'what GPOs are applied
WScript.Echo "*********************************************************** "
WScript.Echo " GPOs applied to this Server are "
Set locator = CreateObject("WbemScripting.SWbemLocator")
Set connection = locator.ConnectServer( strComputer, "root\rsop", null, null, null, null, 0, null)
Set provider = connection.Get("RsopLoggingModeProvider")
provider.RsopCreateSession FL_FORCE_CREATE_NAMESPACE, Null, namespaceLocation, hResult, eInfo
Set rsopProv = locator.ConnectServer _
(strComputer, namespaceLocation & "\Computer", null, null, Null, Null, 0 , Null)
WScript.Echo "Computer RSOP of Group Policy Objects"
Set colItems = rsopProv.ExecQuery("Select * from RSOP_GPO")
For Each objItem in colItems
WScript.Echo "Name: " & objItem.Name
Next
provider.RsopDeleteSession namespaceLocation, hResult
Add a line that shell's out the GPUPDATE command on the machine before it grabs the info just to make sure that all policies are up to dat and applied.
Try adding credentials to the ConnectServer call. This link has a code snippet to show how.
http://techtasks.com/code/viewbookcode/553
Cheers
D.
http://techtasks.com/code/viewbookcode/553
Cheers
D.
ASKER
tried both options unfortunately neither worked !
ASKER
Its really an odd issue, as it only appears to work if the id used to run the script has cached credentials on the server.
Have you tried using GPRESULT?
Here are the parameters:
http://www.microsoft.com/windowsxp/using/setup/expert/gpresults.mspx
Download it here:
http://support.microsoft.com/kb/927229
Here are the parameters:
http://www.microsoft.com/windowsxp/using/setup/expert/gpresults.mspx
Download it here:
http://support.microsoft.com/kb/927229
Thanks for repeating my suggestion deadite, I take it you must agree with what I was saying huh?
ASKER
As mentioned i had tried the gpudate.. here are the results from grpresult, which provide the same results as the vbs. maybe I should move this to a windows\os group? To try to work out why cached credentials are required to return the info (as it wasnt an issue with the code)
I have not physically logged on to this server previously. (but am using an admin id)
C:\>gpresult /s server1 /scope computer
INFO: The user "domain\userid" does not have RSOP data.
I have Physically logged on this server previously. (but am running the code remotely)
C:\>gpresult /s server2 /scope computer
Microsoft (R) Windows (R) XP Operating System Group Policy Result tool v2.0
Copyright (C) Microsoft Corp. 1981-2001
Created On 07/12/2007 at 14:32:48
RSOP results for domain\userid on Server2 : Logging Mode
-------------------------- ---------- ---------- ---------- -----
OS Type: Blah
OS Configuration: Blah
OS Version:
Domain Name:
Domain Type:
Site Name:
Roaming Profile:
Local Profile:
Connected over a slow link?: No
COMPUTER SETTINGS
------------------
Last time Group Policy was applied: 07/12/2007 at 09:50:03
Group Policy was applied from:
Group Policy slow link threshold:
Applied Group Policy Objects
-------------------------- ---
Policy.1
Policy.2
Policy.3
etc
etc
I have not physically logged on to this server previously. (but am using an admin id)
C:\>gpresult /s server1 /scope computer
INFO: The user "domain\userid" does not have RSOP data.
I have Physically logged on this server previously. (but am running the code remotely)
C:\>gpresult /s server2 /scope computer
Microsoft (R) Windows (R) XP Operating System Group Policy Result tool v2.0
Copyright (C) Microsoft Corp. 1981-2001
Created On 07/12/2007 at 14:32:48
RSOP results for domain\userid on Server2 : Logging Mode
--------------------------
OS Type: Blah
OS Configuration: Blah
OS Version:
Domain Name:
Domain Type:
Site Name:
Roaming Profile:
Local Profile:
Connected over a slow link?: No
COMPUTER SETTINGS
------------------
Last time Group Policy was applied: 07/12/2007 at 09:50:03
Group Policy was applied from:
Group Policy slow link threshold:
Applied Group Policy Objects
--------------------------
Policy.1
Policy.2
Policy.3
etc
etc
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
Deadite. That worked a treat.. I didnt realise it was also trying to report GPOs linked to the user as well..> which makes sense as to why it failed. Ive tested the new code and am truly satisifed with the results... (damn that "\computer" addition)
ASKER
Sorry , meant to say thanks also :)