Solved

Need a way to filter output from psloggedon.exe

Posted on 2013-07-02
16
989 Views
Last Modified: 2013-07-03
Hi i got a script that uses a input.txt with computernames in it, then runs a psloggedon on mutiplemachines.

'On Error Resume Next
Set objExcel = CreateObject("Excel.Application")
Set objWorkbook = objExcel.Workbooks.Open("C:\SMS_Discovery\maskiner.txt")
x = 1
Do Until objExcel.Cells(x, 1).Value = ""
    If objExcel.Cells(x, 1).Value = "" Then
        Exit Do
    End If
    strComputer = objExcel.Cells(x, 1).Value
Set WshShell = WScript.CreateObject("WScript.Shell")
errorReturn = WshShell.Run("%comspec% /c C:\SMS_Discovery\psloggedon.exe \\" & strComputer & " >>C:\SMS_Discovery\Results.csv", 0, True)
x = x + 1
Loop
objWorkbook.Close
objExcel.Quit

msgbox "script complete!"

Wscript.Quit(0)

Open in new window


Now id like to filter output into diffrent colums in a csv file,

Like :

colum 1                                                         | colum 2                          | Colum 3
Connecting to Registry of \\computername  | Users logged on locally  | error connecting

Vbs, powershell, or another tool that can do the same other then psloggedon.
Im working in a domain ofc.

Thank you in advanced .
0
Comment
Question by:firmapost
  • 7
  • 6
  • 3
16 Comments
 
LVL 68

Expert Comment

by:Qlemo
ID: 39292695
IMHO that CSV output doesn't make sense. I would expect you wanted something like:
    Computername | Username | Logon Time
and that only for users logged on locally (psloggedon -L).
0
 
LVL 42

Expert Comment

by:sedgwick
ID: 39292698
0
 

Author Comment

by:firmapost
ID: 39292732
IMHO that CSV output doesn't make sense. I would expect you wanted something like:
    Computername | Username | Logon Time
and that only for users logged on locally (psloggedon -L).

Yes Correct, i didint make the script, its what im trying to work with now. ill gladly accept another script or method to make this work.

i tryed the spiceworks script but all i get on every complete computer is a output of error.
And i tested and know the computers are online.
0
 
LVL 42

Expert Comment

by:sedgwick
ID: 39292736
can u describe the requirement again plz?
do u want to loop list of server names and create a csv report which lists which users logged currently to each server?
0
 

Author Comment

by:firmapost
ID: 39292746
can u describe the requirement again plz?
do u want to loop list of server names and create a csv report which lists which users logged currently to each server?

ill tryy to explain what i want :)

I have a list of computers txt,csv...
I want to find out who is loggedon on that list. What user(s)...

And i would like it in a csv file with Like stated above :
Computername | Username | Logon Time
0
 
LVL 42

Accepted Solution

by:
sedgwick earned 500 total points
ID: 39292797
function Get-ADUserLastLogon([string]$username)
{
	$user = Get-ADUser $username | Get-ADObject -Properties lastLogon 
	[datetime]::FromFileTime($user.LastLogon)
}
  
$CSV = @()
gc c:\temp\servers.txt | %{
	$server =  $_
	try{
		$users = get-wmiobject win32_computersystem -computer $server | select username
		$users | %{
			$CSV += New-Object PSObject -Property @{
					Server = $server
	                Username = $_.username
	                Error   = ''
					LastLogonTime = Get-ADUserLastLogon $_.username.Split('\')[1]
			}
		}
	}catch [Exception] {
		$CSV += New-Object PSObject -Property @{
					Server = $server
	                Username = ''
	                Error   = $Error[0]
					LastLogonTime = ''
		}	
	}
}
$CSV | Export-Csv C:\result.CSV -NoTypeInformation

Open in new window

0
 
LVL 68

Expert Comment

by:Qlemo
ID: 39292799
Without logon time, could you try following and tell if that is ok?
Get-Content c:\Computers.txt |
  % {
    Get-WmiObject -ComputerName $_ Win32_LogonSession -Filter "LogonType=10"
  } |
  % {
    Get-WmiObject -ComputerName $_.__Server -Query `
      "Associators of {Win32_LogonSession.LogonID=$($_.LogonID)} Where AssocClass=Win32_LoggedOnUser Role=Dependent" -EA SilentlyContinue
  } |
  ft __Server, FullName

Open in new window

If so, replace ft __Server, FullName with select __Server, FullName | export-csv C:\Results.csv
0
 

Author Comment

by:firmapost
ID: 39292944
I get Errors :


Get-WmiObject : The RPC server is unavailable. (Exception from HRESULT: 0x800706BA)
0
Optimizing Cloud Backup for Low Bandwidth

With cloud storage prices going down a growing number of SMBs start to use it for backup storage. Unfortunately, business data volume rarely fits the average Internet speed. This article provides an overview of main Internet speed challenges and reveals backup best practices.

 
LVL 42

Expert Comment

by:sedgwick
ID: 39292963
it means the server name is invalid or the server is shut down
0
 

Author Comment

by:firmapost
ID: 39292993
Well im not familure with PS much, im able to get info about uers with Ps now.
Get-ADUser "username" |fl

But i get that error when using Get-WmiObject. So gues i dont have that option.
0
 
LVL 68

Expert Comment

by:Qlemo
ID: 39293092
Using the AD cmdlets is much better - if they are available (domains based on W2008R2 and above).
0
 
LVL 42

Expert Comment

by:sedgwick
ID: 39295952
in the script , u use Get-WmiObject with computer name while Get-ADUser is with the username, so its got nothing to do with that.
can u verify that the server names are correct?
do u get this error with specific computer name or to all of them?
0
 

Author Comment

by:firmapost
ID: 39296218
Well this is my error.

Get-WmiObject : The RPC server is unavailable. (Exception from HRESULT: 0x800706BA)
At H:\PS\aduserlastlogon.ps1:11 char:25
+         $users = get-wmiobject <<<<  win32_computersystem -computer $server | select username
    + CategoryInfo          : InvalidOperation: (:) [Get-WmiObject], COMException
    + FullyQualifiedErrorId : GetWMICOMException,Microsoft.PowerShell.Commands.GetWmiObjectCommand

Open in new window

0
 
LVL 42

Expert Comment

by:sedgwick
ID: 39296231
u didn't address my questions, does it happen to all servers or to specific ones?
0
 

Author Closing Comment

by:firmapost
ID: 39296233
Excelent scipr just modify servers.tx with what ever Asset you want to search
0
 

Author Comment

by:firmapost
ID: 39296237
User error as allways from my part :) . Thankyou for all the help sedwick
0

Featured Post

Is Your Active Directory as Secure as You Think?

More than 75% of all records are compromised because of the loss or theft of a privileged credential. Experts have been exploring Active Directory infrastructure to identify key threats and establish best practices for keeping data safe. Attend this month’s webinar to learn more.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

This is a PowerShell web interface I use to manage some task as a network administrator. Clicking an action button on the left frame will display a form in the middle frame to input some data in textboxes, process this data in PowerShell and display…
I thought I'd write this up for anyone who has a request to create an anonymous whistle-blower-type submission form created using SharePoint 2010 (this would probably work the same for 2013). It's not 100% fool-proof but it's as close as you can get…
Learn how to match and substitute tagged data using PHP regular expressions. Demonstrated on Windows 7, but also applies to other operating systems. Demonstrated technique applies to PHP (all versions) and Firefox, but very similar techniques will w…
The viewer will learn the basics of jQuery, including how to invoke it on a web page. Reference your jQuery libraries: (CODE) Include your new external js/jQuery file: (CODE) Write your first lines of code to setup your site for jQuery.: (CODE)

912 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

19 Experts available now in Live!

Get 1:1 Help Now