?
Solved

Scriupt to look for XP machines

Posted on 2014-04-09
9
Medium Priority
?
202 Views
Last Modified: 2014-04-28
Greeting Experts,

Does anybody know of a script that can scan for Windows XP based on a IP range instead of Windows Active Directory.  I support large number of sites using windows XP and do not have it registered in AD.  So to reduce our risk, I need to find those machines hiding out in the dark corners of my network.  Unfortunately, most people do not want to give up a legacy machine that is no longer supported by Microsoft. So they try to let one or two slip throw the cracks… but when you add all of those up in enterprise environment the numbers can get very high…..
0
Comment
Question by:amstoots
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
9 Comments
 
LVL 35

Expert Comment

by:Dan Craciun
ID: 39989949
You can use Nmap with the switch -o, and it will try to guess the OS of the live hosts.

See here: http://nmap.org/book/man-os-detection.html

HTH,
Dan
0
 

Author Comment

by:amstoots
ID: 39989994
ok... but I looking for something that will ignore everything else and report back only those machines using XP....
0
 
LVL 40

Expert Comment

by:footech
ID: 39990027
Are you saying the WinXP machines are not joined to the domain?
You might try something like what is posted in
http://www.experts-exchange.com/Programming/Languages/Scripting/Powershell/Q_28406930.html
You can look up the OS type via WMI if you have the proper credentials.  If that would work for you it should easy enough to modify to perform a scan based on IP address rather than computer names.
0
Does Powershell have you tied up in knots?

Managing Active Directory does not always have to be complicated.  If you are spending more time trying instead of doing, then it's time to look at something else. For nearly 20 years, AD admins around the world have used one tool for day-to-day AD management: Hyena. Discover why

 
LVL 14

Expert Comment

by:Justin Yeung
ID: 39991546
are they all having the same local Administrator password?
0
 

Author Comment

by:amstoots
ID: 39991591
yes... they would have the same password...
0
 
LVL 14

Expert Comment

by:Justin Yeung
ID: 39991719
when the machine is online, do they register their name in DNS?

another word, if you nslookup the IP of the xp machine, does it resolve to name?

you can try this when prompt for credential
username: .\Administrator
password: the local admin password

$Cred = Get-Credential
$IPs = Get-Content 'C:\IP.csv'
Foreach ($IP in $IPs)
{
$Ping = Test-Connection $IP -Count 1 -Quiet -ErrorAction SilentlyContinue
if ($Ping -eq $True)
{
$Win32Obj = Get-WmiObject -Class Win32_OperatingSystem -ComputerName $IP -Credential $Cred -ErrorAction SilentlyContinue
}
if ($Ping -eq $False)
{
Write-Host "$IP is not pingable"
$Win32Obj.caption = $Null
}

$array = @()
$Properties = @{"IP Address"=$IP;"Pingable"=$Ping;"Operating System"=$Win32obj.caption}
$Newobject = New-Object  PSObject -Property  $Properties
$Array +=$Newobject

#$Outpath = "C:\Export.csv"
$array | Select-Object "IP Address",Pingable,"Operating System"`
#| export-csv $Outpath -Append
}

Open in new window

0
 

Author Comment

by:amstoots
ID: 39991748
Most are registered with DNS but some are not... those are the ones I looking to track down
0
 
LVL 27

Accepted Solution

by:
skullnobrains earned 2000 total points
ID: 39994006
nmap is the way

try something like this

sudo nmap -O 192.168.1.1 192.168.1.29 | sed -n '/report/ h ; /XP/ {x ; p}' | grep report

the sed reads any 'report' line and sticks them in the hold space.
if 'XP' is found the contents of the hold space is printed ('x' exchanges hold and pattern and 'p' prints. the same letters are used but it is just by chance)

the additional grep is to remove garbage if 'XP' appears multiple times under the host which i am too lazy to do with the sed
0
 

Author Closing Comment

by:amstoots
ID: 40027932
Nmap string worked perfect... thank you
0

Featured Post

Get real performance insights from real users

Key features:
- Total Pages Views and Load times
- Top Pages Viewed and Load Times
- Real Time Site Page Build Performance
- Users’ Browser and Platform Performance
- Geographic User Breakdown
- And more

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

A quick Powershell script I wrote to find old program installations and check versions of a specific file across the network.
My attempt to use PowerShell and other great resources found online to simplify the deployment of Office 365 ProPlus client components to any workstation that needs it, regardless of existing Office components that may be needing attention.
Learn the basics of if, else, and elif statements in Python 2.7. Use "if" statements to test a specified condition.: The structure of an if statement is as follows: (CODE) Use "else" statements to allow the execution of an alternative, if the …
The viewer will learn how to count occurrences of each item in an array.
Suggested Courses

801 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question