• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 1167
  • Last Modified:

Need a way to filter output from psloggedon.exe

Hi i got a script that uses a input.txt with computernames in it, then runs a psloggedon on mutiplemachines.

'On Error Resume Next
Set objExcel = CreateObject("Excel.Application")
Set objWorkbook = objExcel.Workbooks.Open("C:\SMS_Discovery\maskiner.txt")
x = 1
Do Until objExcel.Cells(x, 1).Value = ""
    If objExcel.Cells(x, 1).Value = "" Then
        Exit Do
    End If
    strComputer = objExcel.Cells(x, 1).Value
Set WshShell = WScript.CreateObject("WScript.Shell")
errorReturn = WshShell.Run("%comspec% /c C:\SMS_Discovery\psloggedon.exe \\" & strComputer & " >>C:\SMS_Discovery\Results.csv", 0, True)
x = x + 1
Loop
objWorkbook.Close
objExcel.Quit

msgbox "script complete!"

Wscript.Quit(0)

Open in new window


Now id like to filter output into diffrent colums in a csv file,

Like :

colum 1                                                         | colum 2                          | Colum 3
Connecting to Registry of \\computername  | Users logged on locally  | error connecting

Vbs, powershell, or another tool that can do the same other then psloggedon.
Im working in a domain ofc.

Thank you in advanced .
0
firmapost
Asked:
firmapost
  • 7
  • 6
  • 3
1 Solution
 
QlemoBatchelor, Developer and EE Topic AdvisorCommented:
IMHO that CSV output doesn't make sense. I would expect you wanted something like:
    Computername | Username | Logon Time
and that only for users logged on locally (psloggedon -L).
0
 
Meir RivkinFull stack Software EngineerCommented:
0
 
firmapostAuthor Commented:
IMHO that CSV output doesn't make sense. I would expect you wanted something like:
    Computername | Username | Logon Time
and that only for users logged on locally (psloggedon -L).

Yes Correct, i didint make the script, its what im trying to work with now. ill gladly accept another script or method to make this work.

i tryed the spiceworks script but all i get on every complete computer is a output of error.
And i tested and know the computers are online.
0
Problems using Powershell and Active Directory?

Managing Active Directory does not always have to be complicated.  If you are spending more time trying instead of doing, then it's time to look at something else. For nearly 20 years, AD admins around the world have used one tool for day-to-day AD management: Hyena. Discover why

 
Meir RivkinFull stack Software EngineerCommented:
can u describe the requirement again plz?
do u want to loop list of server names and create a csv report which lists which users logged currently to each server?
0
 
firmapostAuthor Commented:
can u describe the requirement again plz?
do u want to loop list of server names and create a csv report which lists which users logged currently to each server?

ill tryy to explain what i want :)

I have a list of computers txt,csv...
I want to find out who is loggedon on that list. What user(s)...

And i would like it in a csv file with Like stated above :
Computername | Username | Logon Time
0
 
Meir RivkinFull stack Software EngineerCommented:
function Get-ADUserLastLogon([string]$username)
{
	$user = Get-ADUser $username | Get-ADObject -Properties lastLogon 
	[datetime]::FromFileTime($user.LastLogon)
}
  
$CSV = @()
gc c:\temp\servers.txt | %{
	$server =  $_
	try{
		$users = get-wmiobject win32_computersystem -computer $server | select username
		$users | %{
			$CSV += New-Object PSObject -Property @{
					Server = $server
	                Username = $_.username
	                Error   = ''
					LastLogonTime = Get-ADUserLastLogon $_.username.Split('\')[1]
			}
		}
	}catch [Exception] {
		$CSV += New-Object PSObject -Property @{
					Server = $server
	                Username = ''
	                Error   = $Error[0]
					LastLogonTime = ''
		}	
	}
}
$CSV | Export-Csv C:\result.CSV -NoTypeInformation

Open in new window

0
 
QlemoBatchelor, Developer and EE Topic AdvisorCommented:
Without logon time, could you try following and tell if that is ok?
Get-Content c:\Computers.txt |
  % {
    Get-WmiObject -ComputerName $_ Win32_LogonSession -Filter "LogonType=10"
  } |
  % {
    Get-WmiObject -ComputerName $_.__Server -Query `
      "Associators of {Win32_LogonSession.LogonID=$($_.LogonID)} Where AssocClass=Win32_LoggedOnUser Role=Dependent" -EA SilentlyContinue
  } |
  ft __Server, FullName

Open in new window

If so, replace ft __Server, FullName with select __Server, FullName | export-csv C:\Results.csv
0
 
firmapostAuthor Commented:
I get Errors :


Get-WmiObject : The RPC server is unavailable. (Exception from HRESULT: 0x800706BA)
0
 
Meir RivkinFull stack Software EngineerCommented:
it means the server name is invalid or the server is shut down
0
 
firmapostAuthor Commented:
Well im not familure with PS much, im able to get info about uers with Ps now.
Get-ADUser "username" |fl

But i get that error when using Get-WmiObject. So gues i dont have that option.
0
 
QlemoBatchelor, Developer and EE Topic AdvisorCommented:
Using the AD cmdlets is much better - if they are available (domains based on W2008R2 and above).
0
 
Meir RivkinFull stack Software EngineerCommented:
in the script , u use Get-WmiObject with computer name while Get-ADUser is with the username, so its got nothing to do with that.
can u verify that the server names are correct?
do u get this error with specific computer name or to all of them?
0
 
firmapostAuthor Commented:
Well this is my error.

Get-WmiObject : The RPC server is unavailable. (Exception from HRESULT: 0x800706BA)
At H:\PS\aduserlastlogon.ps1:11 char:25
+         $users = get-wmiobject <<<<  win32_computersystem -computer $server | select username
    + CategoryInfo          : InvalidOperation: (:) [Get-WmiObject], COMException
    + FullyQualifiedErrorId : GetWMICOMException,Microsoft.PowerShell.Commands.GetWmiObjectCommand

Open in new window

0
 
Meir RivkinFull stack Software EngineerCommented:
u didn't address my questions, does it happen to all servers or to specific ones?
0
 
firmapostAuthor Commented:
Excelent scipr just modify servers.tx with what ever Asset you want to search
0
 
firmapostAuthor Commented:
User error as allways from my part :) . Thankyou for all the help sedwick
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

Join & Write a Comment

Featured Post

Improved Protection from Phishing Attacks

WatchGuard DNSWatch reduces malware infections by detecting and blocking malicious DNS requests, improving your ability to protect employees from phishing attacks. Learn more about our newest service included in Total Security Suite today!

  • 7
  • 6
  • 3
Tackle projects and never again get stuck behind a technical roadblock.
Join Now