• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 368
  • Last Modified:

VBS to Retrieve the computer a user is logged on.

I would like to have a script that retrieves computer names in the Active Directory Domain, where a certain user account has logged on, or there is a process running under certain user account.
For instance a script that shows an input box to enter a user account then it searches the domain and retrieves any computer name that has been logged by that user account or if there is any process running with that user account?

Thanks
0
jskfan
Asked:
jskfan
  • 4
  • 3
2 Solutions
 
Shift-3Commented:
Paste the script below into a text file with a .vbs extension.  Customize the value of the strContainer variable with the distinguished name of the domain or OU to search under.  Running the script will prompt for the username and then query every computer for processes running under it.

This is necessarily quite slow, as the script has to check every machine.


Const ADS_SCOPE_SUBTREE = 2
 
strContainer = "ou=workstations,dc=yourdomain,dc=local"
 
strUser = InputBox("Enter the user, in the format DOMAIN\USERNAME", "Process Query")
 
On Error Resume Next
 
Set objConnection = CreateObject("ADODB.Connection")
Set objCommand = CreateObject("ADODB.Command")
objConnection.Provider = "ADsDSOObject"
objConnection.Open "Active Directory Provider"
 
Set objCommand.ActiveConnection = objConnection
objCommand.CommandText = _
    "Select Name From 'LDAP://" & strContainer & "' Where objectCategory='computer'"  
objCommand.Properties("Page Size") = 1000
objCommand.Properties("Searchscope") = ADS_SCOPE_SUBTREE 
Set objRecordSet = objCommand.Execute
objRecordSet.MoveFirst
 
Do Until objRecordSet.EOF
    blnFound = False
    strComputer = objRecordSet.Fields("Name").Value
 
    If PingCheck(strComputer, 1, 0) Then
        Set objWMIService = GetObject("winmgmts:\\" & strComputer & "\root\cimv2")
        Set colProcessList = objWMIService.ExecQuery("Select * from Win32_Process")
 
        For Each objProcess in colProcessList
            objProcess.GetOwner strProcUser, strProcDomain
            If LCase(strProcDomain & "\" & strProcUser) = LCase(strUser) Then
                blnFound = True
            End If
        Next
        
        If blnFound Then
            strList = strList & strComputer & vbCrLf
        End If
    End If
    
    objRecordSet.MoveNext
Loop
 
WScript.Echo "The user " & strUser & _
    " has processes running on the following computers: " & vbCrLf & strList
 
Function PingCheck(strTarget, strPings, intPause)
    Const ForReading = 1
    
    Set objShell = CreateObject("WScript.Shell")
    strTempDir = objShell.ExpandEnvironmentStrings("%temp%")
 
    strTempFile = strTempDir & "\script-" & strTarget & ".txt"
 
    Set objFSO = CreateObject("Scripting.FileSystemObject")
    
    objShell.Run "%comspec% /c ping -n " & strPings & " -w 100 " & _
        strTarget & ">" & strTempFile, 0, True
        
    WScript.Sleep intPause
    
    objShell.Run "%comspec% /c ping -n " & strPings & " -w 100 " & _
        strTarget & ">>" & strTempFile, 0, True
    
    Set objTempFile = objFSO.OpenTextFile(strTempFile, ForReading)
    strOutput = objTempFile.ReadAll
    objTempFile.Close
    objFSO.DeleteFile strTempFile, True
 
    If InStr(strOutput, "bytes=32") > 0 Then
        PingCheck = True
    Else
        PingCheck = False
    End If
End Function

Open in new window

0
 
jskfanAuthor Commented:
where does the script puts the output?
0
 
Shift-3Commented:
As written it creates a list of computers in the strList variable and echoes it on lines 45-46.
0
Upgrade your Question Security!

Your question, your audience. Choose who sees your identity—and your question—with question security.

 
jskfanAuthor Commented:
any way to put the output to a text file?
Thanks a lot!
0
 
Shift-3Commented:
So revised.

Customize the value of the strReport variable on line 5 with the location of the output file.


Const ADS_SCOPE_SUBTREE = 2
Const ForWriting = 2
 
strContainer = "ou=workstations,dc=yourdomain,dc=local"
strReport = "report.txt"
 
strUser = InputBox("Enter the user, in the format DOMAIN\USERNAME", "Process Query")
 
On Error Resume Next
 
Set objFSO = CreateObject("Scripting.FileSystemObject")
Set objReport = objFSO.OpenTextFile(strReport, ForWriting, True)
 
Set objConnection = CreateObject("ADODB.Connection")
Set objCommand = CreateObject("ADODB.Command")
objConnection.Provider = "ADsDSOObject"
objConnection.Open "Active Directory Provider"
 
Set objCommand.ActiveConnection = objConnection
objCommand.CommandText = _
    "Select Name From 'LDAP://" & strContainer & "' Where objectCategory='computer'"  
objCommand.Properties("Page Size") = 1000
objCommand.Properties("Searchscope") = ADS_SCOPE_SUBTREE 
Set objRecordSet = objCommand.Execute
objRecordSet.MoveFirst
 
Do Until objRecordSet.EOF
    blnFound = False
    strComputer = objRecordSet.Fields("Name").Value
 
    If PingCheck(strComputer, 1, 0) Then
        Set objWMIService = GetObject("winmgmts:\\" & strComputer & "\root\cimv2")
        Set colProcessList = objWMIService.ExecQuery("Select * from Win32_Process")
 
        For Each objProcess in colProcessList
            objProcess.GetOwner strProcUser, strProcDomain
            If LCase(strProcDomain & "\" & strProcUser) = LCase(strUser) Then
                blnFound = True
            End If
        Next
        
        If blnFound Then
            objReport.WriteLine strComputer
        End If
    End If
    
    objRecordSet.MoveNext
Loop
 
objReport.Close
 
Function PingCheck(strTarget, strPings, intPause)
    Const ForReading = 1
    
    Set objShell = CreateObject("WScript.Shell")
    strTempDir = objShell.ExpandEnvironmentStrings("%temp%")
 
    strTempFile = strTempDir & "\script-" & strTarget & ".txt"
 
    Set objFSO = CreateObject("Scripting.FileSystemObject")
    
    objShell.Run "%comspec% /c ping -n " & strPings & " -w 100 " & _
        strTarget & ">" & strTempFile, 0, True
        
    WScript.Sleep intPause
    
    objShell.Run "%comspec% /c ping -n " & strPings & " -w 100 " & _
        strTarget & ">>" & strTempFile, 0, True
    
    Set objTempFile = objFSO.OpenTextFile(strTempFile, ForReading)
    strOutput = objTempFile.ReadAll
    objTempFile.Close
    objFSO.DeleteFile strTempFile, True
 
    If InStr(strOutput, "bytes=32") > 0 Then
        PingCheck = True
    Else
        PingCheck = False
    End If
End Function

Open in new window

0
 
DonNetwork AdministratorCommented:
It's easier to just run the command :
psloggedon <username>
 
http://technet.microsoft.com/en-us/sysinternals/bb897545.aspx 
0
 
jskfanAuthor Commented:
dstewartjr:It's easier to just run the command :

psloggedon <username>



Tha's what I did..
0
 
jskfanAuthor Commented:
Shift-3 worked hard on the script though... he needs to be rewarded for his efforts
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

Join & Write a Comment

Featured Post

Upgrade your Question Security!

Your question, your audience. Choose who sees your identity—and your question—with question security.

  • 4
  • 3
Tackle projects and never again get stuck behind a technical roadblock.
Join Now