Solved

Scriupt to look for XP machines

Posted on 2014-04-09
9
197 Views
Last Modified: 2014-04-28
Greeting Experts,

Does anybody know of a script that can scan for Windows XP based on a IP range instead of Windows Active Directory.  I support large number of sites using windows XP and do not have it registered in AD.  So to reduce our risk, I need to find those machines hiding out in the dark corners of my network.  Unfortunately, most people do not want to give up a legacy machine that is no longer supported by Microsoft. So they try to let one or two slip throw the cracks… but when you add all of those up in enterprise environment the numbers can get very high…..
0
Comment
Question by:amstoots
9 Comments
 
LVL 34

Expert Comment

by:Dan Craciun
ID: 39989949
You can use Nmap with the switch -o, and it will try to guess the OS of the live hosts.

See here: http://nmap.org/book/man-os-detection.html

HTH,
Dan
0
 

Author Comment

by:amstoots
ID: 39989994
ok... but I looking for something that will ignore everything else and report back only those machines using XP....
0
 
LVL 39

Expert Comment

by:footech
ID: 39990027
Are you saying the WinXP machines are not joined to the domain?
You might try something like what is posted in
http://www.experts-exchange.com/Programming/Languages/Scripting/Powershell/Q_28406930.html
You can look up the OS type via WMI if you have the proper credentials.  If that would work for you it should easy enough to modify to perform a scan based on IP address rather than computer names.
0
 
LVL 14

Expert Comment

by:Justin Yeung
ID: 39991546
are they all having the same local Administrator password?
0
Netscaler Common Configuration How To guides

If you use NetScaler you will want to see these guides. The NetScaler How To Guides show administrators how to get NetScaler up and configured by providing instructions for common scenarios and some not so common ones.

 

Author Comment

by:amstoots
ID: 39991591
yes... they would have the same password...
0
 
LVL 14

Expert Comment

by:Justin Yeung
ID: 39991719
when the machine is online, do they register their name in DNS?

another word, if you nslookup the IP of the xp machine, does it resolve to name?

you can try this when prompt for credential
username: .\Administrator
password: the local admin password

$Cred = Get-Credential
$IPs = Get-Content 'C:\IP.csv'
Foreach ($IP in $IPs)
{
$Ping = Test-Connection $IP -Count 1 -Quiet -ErrorAction SilentlyContinue
if ($Ping -eq $True)
{
$Win32Obj = Get-WmiObject -Class Win32_OperatingSystem -ComputerName $IP -Credential $Cred -ErrorAction SilentlyContinue
}
if ($Ping -eq $False)
{
Write-Host "$IP is not pingable"
$Win32Obj.caption = $Null
}

$array = @()
$Properties = @{"IP Address"=$IP;"Pingable"=$Ping;"Operating System"=$Win32obj.caption}
$Newobject = New-Object  PSObject -Property  $Properties
$Array +=$Newobject

#$Outpath = "C:\Export.csv"
$array | Select-Object "IP Address",Pingable,"Operating System"`
#| export-csv $Outpath -Append
}

Open in new window

0
 

Author Comment

by:amstoots
ID: 39991748
Most are registered with DNS but some are not... those are the ones I looking to track down
0
 
LVL 26

Accepted Solution

by:
skullnobrains earned 500 total points
ID: 39994006
nmap is the way

try something like this

sudo nmap -O 192.168.1.1 192.168.1.29 | sed -n '/report/ h ; /XP/ {x ; p}' | grep report

the sed reads any 'report' line and sticks them in the hold space.
if 'XP' is found the contents of the hold space is printed ('x' exchanges hold and pattern and 'p' prints. the same letters are used but it is just by chance)

the additional grep is to remove garbage if 'XP' appears multiple times under the host which i am too lazy to do with the sed
0
 

Author Closing Comment

by:amstoots
ID: 40027932
Nmap string worked perfect... thank you
0

Featured Post

Netscaler Common Configuration How To guides

If you use NetScaler you will want to see these guides. The NetScaler How To Guides show administrators how to get NetScaler up and configured by providing instructions for common scenarios and some not so common ones.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Are you one of those front-line IT Service Desk staff fielding calls, replying to emails, all-the-while working to resolve end-user technological nightmares? I am! That's why I have put together this brief overview of tools and techniques I use in o…
Active Directory replication delay is the cause to many problems.  Here is a super easy script to force Active Directory replication to all sites with by using an elevated PowerShell command prompt, and a tool to verify your changes.
In this fourth video of the Xpdf series, we discuss and demonstrate the PDFinfo utility, which retrieves the contents of a PDF's Info Dictionary, as well as some other information, including the page count. We show how to isolate the page count in a…
In this fifth video of the Xpdf series, we discuss and demonstrate the PDFdetach utility, which is able to list and, more importantly, extract attachments that are embedded in PDF files. It does this via a command line interface, making it suitable …

895 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

16 Experts available now in Live!

Get 1:1 Help Now