Solved

VBS to Retrieve the computer a user is logged on.

Posted on 2009-05-14
8
346 Views
Last Modified: 2012-05-07
I would like to have a script that retrieves computer names in the Active Directory Domain, where a certain user account has logged on, or there is a process running under certain user account.
For instance a script that shows an input box to enter a user account then it searches the domain and retrieves any computer name that has been logged by that user account or if there is any process running with that user account?

Thanks
0
Comment
Question by:jskfan
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 4
  • 3
8 Comments
 
LVL 38

Expert Comment

by:Shift-3
ID: 24387781
Paste the script below into a text file with a .vbs extension.  Customize the value of the strContainer variable with the distinguished name of the domain or OU to search under.  Running the script will prompt for the username and then query every computer for processes running under it.

This is necessarily quite slow, as the script has to check every machine.


Const ADS_SCOPE_SUBTREE = 2
 
strContainer = "ou=workstations,dc=yourdomain,dc=local"
 
strUser = InputBox("Enter the user, in the format DOMAIN\USERNAME", "Process Query")
 
On Error Resume Next
 
Set objConnection = CreateObject("ADODB.Connection")
Set objCommand = CreateObject("ADODB.Command")
objConnection.Provider = "ADsDSOObject"
objConnection.Open "Active Directory Provider"
 
Set objCommand.ActiveConnection = objConnection
objCommand.CommandText = _
    "Select Name From 'LDAP://" & strContainer & "' Where objectCategory='computer'"  
objCommand.Properties("Page Size") = 1000
objCommand.Properties("Searchscope") = ADS_SCOPE_SUBTREE 
Set objRecordSet = objCommand.Execute
objRecordSet.MoveFirst
 
Do Until objRecordSet.EOF
    blnFound = False
    strComputer = objRecordSet.Fields("Name").Value
 
    If PingCheck(strComputer, 1, 0) Then
        Set objWMIService = GetObject("winmgmts:\\" & strComputer & "\root\cimv2")
        Set colProcessList = objWMIService.ExecQuery("Select * from Win32_Process")
 
        For Each objProcess in colProcessList
            objProcess.GetOwner strProcUser, strProcDomain
            If LCase(strProcDomain & "\" & strProcUser) = LCase(strUser) Then
                blnFound = True
            End If
        Next
        
        If blnFound Then
            strList = strList & strComputer & vbCrLf
        End If
    End If
    
    objRecordSet.MoveNext
Loop
 
WScript.Echo "The user " & strUser & _
    " has processes running on the following computers: " & vbCrLf & strList
 
Function PingCheck(strTarget, strPings, intPause)
    Const ForReading = 1
    
    Set objShell = CreateObject("WScript.Shell")
    strTempDir = objShell.ExpandEnvironmentStrings("%temp%")
 
    strTempFile = strTempDir & "\script-" & strTarget & ".txt"
 
    Set objFSO = CreateObject("Scripting.FileSystemObject")
    
    objShell.Run "%comspec% /c ping -n " & strPings & " -w 100 " & _
        strTarget & ">" & strTempFile, 0, True
        
    WScript.Sleep intPause
    
    objShell.Run "%comspec% /c ping -n " & strPings & " -w 100 " & _
        strTarget & ">>" & strTempFile, 0, True
    
    Set objTempFile = objFSO.OpenTextFile(strTempFile, ForReading)
    strOutput = objTempFile.ReadAll
    objTempFile.Close
    objFSO.DeleteFile strTempFile, True
 
    If InStr(strOutput, "bytes=32") > 0 Then
        PingCheck = True
    Else
        PingCheck = False
    End If
End Function

Open in new window

0
 

Author Comment

by:jskfan
ID: 24387878
where does the script puts the output?
0
 
LVL 38

Expert Comment

by:Shift-3
ID: 24388952
As written it creates a list of computers in the strList variable and echoes it on lines 45-46.
0
Independent Software Vendors: We Want Your Opinion

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

 

Author Comment

by:jskfan
ID: 24389934
any way to put the output to a text file?
Thanks a lot!
0
 
LVL 38

Accepted Solution

by:
Shift-3 earned 450 total points
ID: 24398019
So revised.

Customize the value of the strReport variable on line 5 with the location of the output file.


Const ADS_SCOPE_SUBTREE = 2
Const ForWriting = 2
 
strContainer = "ou=workstations,dc=yourdomain,dc=local"
strReport = "report.txt"
 
strUser = InputBox("Enter the user, in the format DOMAIN\USERNAME", "Process Query")
 
On Error Resume Next
 
Set objFSO = CreateObject("Scripting.FileSystemObject")
Set objReport = objFSO.OpenTextFile(strReport, ForWriting, True)
 
Set objConnection = CreateObject("ADODB.Connection")
Set objCommand = CreateObject("ADODB.Command")
objConnection.Provider = "ADsDSOObject"
objConnection.Open "Active Directory Provider"
 
Set objCommand.ActiveConnection = objConnection
objCommand.CommandText = _
    "Select Name From 'LDAP://" & strContainer & "' Where objectCategory='computer'"  
objCommand.Properties("Page Size") = 1000
objCommand.Properties("Searchscope") = ADS_SCOPE_SUBTREE 
Set objRecordSet = objCommand.Execute
objRecordSet.MoveFirst
 
Do Until objRecordSet.EOF
    blnFound = False
    strComputer = objRecordSet.Fields("Name").Value
 
    If PingCheck(strComputer, 1, 0) Then
        Set objWMIService = GetObject("winmgmts:\\" & strComputer & "\root\cimv2")
        Set colProcessList = objWMIService.ExecQuery("Select * from Win32_Process")
 
        For Each objProcess in colProcessList
            objProcess.GetOwner strProcUser, strProcDomain
            If LCase(strProcDomain & "\" & strProcUser) = LCase(strUser) Then
                blnFound = True
            End If
        Next
        
        If blnFound Then
            objReport.WriteLine strComputer
        End If
    End If
    
    objRecordSet.MoveNext
Loop
 
objReport.Close
 
Function PingCheck(strTarget, strPings, intPause)
    Const ForReading = 1
    
    Set objShell = CreateObject("WScript.Shell")
    strTempDir = objShell.ExpandEnvironmentStrings("%temp%")
 
    strTempFile = strTempDir & "\script-" & strTarget & ".txt"
 
    Set objFSO = CreateObject("Scripting.FileSystemObject")
    
    objShell.Run "%comspec% /c ping -n " & strPings & " -w 100 " & _
        strTarget & ">" & strTempFile, 0, True
        
    WScript.Sleep intPause
    
    objShell.Run "%comspec% /c ping -n " & strPings & " -w 100 " & _
        strTarget & ">>" & strTempFile, 0, True
    
    Set objTempFile = objFSO.OpenTextFile(strTempFile, ForReading)
    strOutput = objTempFile.ReadAll
    objTempFile.Close
    objFSO.DeleteFile strTempFile, True
 
    If InStr(strOutput, "bytes=32") > 0 Then
        PingCheck = True
    Else
        PingCheck = False
    End If
End Function

Open in new window

0
 
LVL 47

Assisted Solution

by:Donald Stewart
Donald Stewart earned 50 total points
ID: 24422847
It's easier to just run the command :
psloggedon <username>
 
http://technet.microsoft.com/en-us/sysinternals/bb897545.aspx 
0
 

Author Comment

by:jskfan
ID: 24424313
dstewartjr:It's easier to just run the command :

psloggedon <username>



Tha's what I did..
0
 

Author Comment

by:jskfan
ID: 24424323
Shift-3 worked hard on the script though... he needs to be rewarded for his efforts
0

Featured Post

Industry Leaders: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

I met Paul Devereux (@pdevereux) today when I responded to his tweet asking “Anybody know how to automate adding files from disk to a folder in #outlook  ?”.  I replied back and told Paul that using automation, in this case scripting, to add files t…
Deploying a Microsoft Access application in a Citrix environment is not difficult but takes a few steps. However, Citrix system people are often of little help, as they typically know next to nothing about Access. The script provided here will take …
With Secure Portal Encryption, the recipient is sent a link to their email address directing them to the email laundry delivery page. From there, the recipient will be required to enter a user name and password to enter the page. Once the recipient …

733 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question