Solved

VBS to Retrieve the computer a user is logged on.

Posted on 2009-05-14
8
332 Views
Last Modified: 2012-05-07
I would like to have a script that retrieves computer names in the Active Directory Domain, where a certain user account has logged on, or there is a process running under certain user account.
For instance a script that shows an input box to enter a user account then it searches the domain and retrieves any computer name that has been logged by that user account or if there is any process running with that user account?

Thanks
0
Comment
Question by:jskfan
  • 4
  • 3
8 Comments
 
LVL 38

Expert Comment

by:Shift-3
ID: 24387781
Paste the script below into a text file with a .vbs extension.  Customize the value of the strContainer variable with the distinguished name of the domain or OU to search under.  Running the script will prompt for the username and then query every computer for processes running under it.

This is necessarily quite slow, as the script has to check every machine.


Const ADS_SCOPE_SUBTREE = 2
 
strContainer = "ou=workstations,dc=yourdomain,dc=local"
 
strUser = InputBox("Enter the user, in the format DOMAIN\USERNAME", "Process Query")
 
On Error Resume Next
 
Set objConnection = CreateObject("ADODB.Connection")
Set objCommand = CreateObject("ADODB.Command")
objConnection.Provider = "ADsDSOObject"
objConnection.Open "Active Directory Provider"
 
Set objCommand.ActiveConnection = objConnection
objCommand.CommandText = _
    "Select Name From 'LDAP://" & strContainer & "' Where objectCategory='computer'"  
objCommand.Properties("Page Size") = 1000
objCommand.Properties("Searchscope") = ADS_SCOPE_SUBTREE 
Set objRecordSet = objCommand.Execute
objRecordSet.MoveFirst
 
Do Until objRecordSet.EOF
    blnFound = False
    strComputer = objRecordSet.Fields("Name").Value
 
    If PingCheck(strComputer, 1, 0) Then
        Set objWMIService = GetObject("winmgmts:\\" & strComputer & "\root\cimv2")
        Set colProcessList = objWMIService.ExecQuery("Select * from Win32_Process")
 
        For Each objProcess in colProcessList
            objProcess.GetOwner strProcUser, strProcDomain
            If LCase(strProcDomain & "\" & strProcUser) = LCase(strUser) Then
                blnFound = True
            End If
        Next
        
        If blnFound Then
            strList = strList & strComputer & vbCrLf
        End If
    End If
    
    objRecordSet.MoveNext
Loop
 
WScript.Echo "The user " & strUser & _
    " has processes running on the following computers: " & vbCrLf & strList
 
Function PingCheck(strTarget, strPings, intPause)
    Const ForReading = 1
    
    Set objShell = CreateObject("WScript.Shell")
    strTempDir = objShell.ExpandEnvironmentStrings("%temp%")
 
    strTempFile = strTempDir & "\script-" & strTarget & ".txt"
 
    Set objFSO = CreateObject("Scripting.FileSystemObject")
    
    objShell.Run "%comspec% /c ping -n " & strPings & " -w 100 " & _
        strTarget & ">" & strTempFile, 0, True
        
    WScript.Sleep intPause
    
    objShell.Run "%comspec% /c ping -n " & strPings & " -w 100 " & _
        strTarget & ">>" & strTempFile, 0, True
    
    Set objTempFile = objFSO.OpenTextFile(strTempFile, ForReading)
    strOutput = objTempFile.ReadAll
    objTempFile.Close
    objFSO.DeleteFile strTempFile, True
 
    If InStr(strOutput, "bytes=32") > 0 Then
        PingCheck = True
    Else
        PingCheck = False
    End If
End Function

Open in new window

0
 

Author Comment

by:jskfan
ID: 24387878
where does the script puts the output?
0
 
LVL 38

Expert Comment

by:Shift-3
ID: 24388952
As written it creates a list of computers in the strList variable and echoes it on lines 45-46.
0
Microsoft Certification Exam 74-409

Veeam® is happy to provide the Microsoft community with a study guide prepared by MVP and MCT, Orin Thomas. This guide will take you through each of the exam objectives, helping you to prepare for and pass the examination.

 

Author Comment

by:jskfan
ID: 24389934
any way to put the output to a text file?
Thanks a lot!
0
 
LVL 38

Accepted Solution

by:
Shift-3 earned 450 total points
ID: 24398019
So revised.

Customize the value of the strReport variable on line 5 with the location of the output file.


Const ADS_SCOPE_SUBTREE = 2
Const ForWriting = 2
 
strContainer = "ou=workstations,dc=yourdomain,dc=local"
strReport = "report.txt"
 
strUser = InputBox("Enter the user, in the format DOMAIN\USERNAME", "Process Query")
 
On Error Resume Next
 
Set objFSO = CreateObject("Scripting.FileSystemObject")
Set objReport = objFSO.OpenTextFile(strReport, ForWriting, True)
 
Set objConnection = CreateObject("ADODB.Connection")
Set objCommand = CreateObject("ADODB.Command")
objConnection.Provider = "ADsDSOObject"
objConnection.Open "Active Directory Provider"
 
Set objCommand.ActiveConnection = objConnection
objCommand.CommandText = _
    "Select Name From 'LDAP://" & strContainer & "' Where objectCategory='computer'"  
objCommand.Properties("Page Size") = 1000
objCommand.Properties("Searchscope") = ADS_SCOPE_SUBTREE 
Set objRecordSet = objCommand.Execute
objRecordSet.MoveFirst
 
Do Until objRecordSet.EOF
    blnFound = False
    strComputer = objRecordSet.Fields("Name").Value
 
    If PingCheck(strComputer, 1, 0) Then
        Set objWMIService = GetObject("winmgmts:\\" & strComputer & "\root\cimv2")
        Set colProcessList = objWMIService.ExecQuery("Select * from Win32_Process")
 
        For Each objProcess in colProcessList
            objProcess.GetOwner strProcUser, strProcDomain
            If LCase(strProcDomain & "\" & strProcUser) = LCase(strUser) Then
                blnFound = True
            End If
        Next
        
        If blnFound Then
            objReport.WriteLine strComputer
        End If
    End If
    
    objRecordSet.MoveNext
Loop
 
objReport.Close
 
Function PingCheck(strTarget, strPings, intPause)
    Const ForReading = 1
    
    Set objShell = CreateObject("WScript.Shell")
    strTempDir = objShell.ExpandEnvironmentStrings("%temp%")
 
    strTempFile = strTempDir & "\script-" & strTarget & ".txt"
 
    Set objFSO = CreateObject("Scripting.FileSystemObject")
    
    objShell.Run "%comspec% /c ping -n " & strPings & " -w 100 " & _
        strTarget & ">" & strTempFile, 0, True
        
    WScript.Sleep intPause
    
    objShell.Run "%comspec% /c ping -n " & strPings & " -w 100 " & _
        strTarget & ">>" & strTempFile, 0, True
    
    Set objTempFile = objFSO.OpenTextFile(strTempFile, ForReading)
    strOutput = objTempFile.ReadAll
    objTempFile.Close
    objFSO.DeleteFile strTempFile, True
 
    If InStr(strOutput, "bytes=32") > 0 Then
        PingCheck = True
    Else
        PingCheck = False
    End If
End Function

Open in new window

0
 
LVL 47

Assisted Solution

by:Donald Stewart
Donald Stewart earned 50 total points
ID: 24422847
It's easier to just run the command :
psloggedon <username>
 
http://technet.microsoft.com/en-us/sysinternals/bb897545.aspx 
0
 

Author Comment

by:jskfan
ID: 24424313
dstewartjr:It's easier to just run the command :

psloggedon <username>



Tha's what I did..
0
 

Author Comment

by:jskfan
ID: 24424323
Shift-3 worked hard on the script though... he needs to be rewarded for his efforts
0

Featured Post

PRTG Network Monitor: Intuitive Network Monitoring

Network Monitoring is essential to ensure that computer systems and network devices are running. Use PRTG to monitor LANs, servers, websites, applications and devices, bandwidth, virtual environments, remote systems, IoT, and many more. PRTG is easy to set up & use.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

In this article we want to have a look at the directory attributes which are used by Microsoft to store the so called Security Identifiers (SID). These SIDs plays an important role in delegating and granting permissions and in authentication of trus…
Welcome, welcome!  If you are new to the series and haven't been following along, please take a brief moment to review the first three installments: Part 1 (http://www.experts-exchange.com/Programming/Languages/Visual_Basic/VB_Script/A_266-VBScri…
Along with being a a promotional video for my three-day Annielytics Dashboard Seminor, this Micro Tutorial is an intro to Google Analytics API data.
With Secure Portal Encryption, the recipient is sent a link to their email address directing them to the email laundry delivery page. From there, the recipient will be required to enter a user name and password to enter the page. Once the recipient …

773 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question