Powershell to find a users workstation
Is there a way to query AD via powershell to find the workstation of a user with just the users name/username?
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
What is your goal with this task?
I create a vbs Logon script years ago to collect the computer to user details at logon for auditing as well as troubleshooting the end-user's computer without having to ask them too many questions
Is this what you are look to do?
I would be more then happy to share this with you.
I create a vbs Logon script years ago to collect the computer to user details at logon for auditing as well as troubleshooting the end-user's computer without having to ask them too many questions
Is this what you are look to do?
I would be more then happy to share this with you.
I know that I am late to the party but thought I would through in a couple of things.
1. An AD user can log into any computer so there isn't really a relationship between user and computer.
2. We have tracked computers for years using nothing more than the login script. It provides a lot of detail including the username.
We have moved to KixStart for our login script however it shouldn't be difficult to modify. We send the results to our syslog server.
1. An AD user can log into any computer so there isn't really a relationship between user and computer.
2. We have tracked computers for years using nothing more than the login script. It provides a lot of detail including the username.
We have moved to KixStart for our login script however it shouldn't be difficult to modify. We send the results to our syslog server.
;Get PC info
$ComputerName = @WKSTA
Shell "CMD /e:1024 /c echo " + @Day + " " + @Date + " " + @Time + " > \\SYSLOG01V\logins\PC\%COMPUTERNAME%.txt"
If Exist ("\\SYSLOG01V\logins\PC\" + $ComputerName + ".txt")
Open (3,"\\SYSLOG01V\logins\PC\$ComputerName.txt",4)
$wmiColl = GetObject("WinMgmts:root/cimv2").ExecQuery("Select * FROM Win32_ComputerSystem")
For Each $wmiObj in $wmiColl
WriteLine (3,@CRLF + "System Manufacture: " + $wmiObj.Manufacturer)
WriteLine (3,@CRLF + "System Model: " + $wmiObj.Model)
WriteLine (3,@CRLF + "System Name: " + $wmiObj.Name)
WriteLine (3,@CRLF + "Domain: " + $wmiObj.Domain)
Next
WriteLine (3,@CRLF + "Logged in User: " + %username%)
$wmiColl = GetObject("WinMgmts:root/cimv2").ExecQuery("Select * FROM Win32_BIOS")
For Each $wmiObj in $wmiColl
WriteLine (3,@CRLF + @CRLF + "SerialNumber: " + $wmiObj.SerialNumber)
Next
$wmiColl = GetObject("WinMgmts:root/cimv2").ExecQuery("Select * FROM Win32_OperatingSystem")
For Each $wmiObj in $wmiColl
WriteLine(3,@CRLF + @CRLF + "Operating System: " + $wmiObj.Caption + " " + $wmiObj.CSDVersion)
WriteLine(3,@CRLF + "OS Serial Identification Number: " + $wmiObj.SerialNumber)
WriteLine(3,@CRLF + "OS Install Date: " + $wmiObj.InstallDate + @CRLF)
Next
$wmiColl = GetObject("WinMgmts:root/cimv2").ExecQuery("Select * FROM Win32_Processor")
For Each $wmiObj in $wmiColl
WriteLine(3,@CRLF + "Processor Type: " + LTRIM($wmiObj.Name))
WriteLine(3,@CRLF + "Processor Description: " + $wmiObj.Caption)
Next
$wmiColl = GetObject("WinMgmts:root/cimv2").ExecQuery("Select * FROM Win32_PhysicalMemory")
For Each $wmiObj in $wmiColl
$Type = $wmiObj.FormFactor
If $Type = 7
$Factor = SIMM
Else
If $Type = 8
$Factor = DIMM
Else
$Factor = Other
Endif
Endif
WriteLine(3,@CRLF + "Memory Type: " + $Factor + " " + int($wmiObj.Capacity) / 1048576 + " MB of RAM" )
Next
Close (3)
EndIf 
@pony10us,
Is that script must be saved as .batch file and then run it as computer login script ?
Is that script must be saved as .batch file and then run it as computer login script ?
If you want to go down that road, you might like the simple option of this one:
http://blogs.msmvps.com/kwsupport/2005/02/24/lazy-mans-way-to-track-user-logonlogoff/
I used that one long, long ago.
Chris
http://blogs.msmvps.com/kwsupport/2005/02/24/lazy-mans-way-to-track-user-logonlogoff/
I used that one long, long ago.
Chris
Many thanks Chris.
That's cool.
That's cool.
Sorry, had an emergency medical situation so didn't get back to you.
If all you want to track is Logon/Logoff then I suggest going with Chris's script. Much simpler. Mine actually grabs a lot of information about the computer as well.
I can maybe go back and get the batch version we used prior to moving to Kixstart if you really want it.
If all you want to track is Logon/Logoff then I suggest going with Chris's script. Much simpler. Mine actually grabs a lot of information about the computer as well.
I can maybe go back and get the batch version we used prior to moving to Kixstart if you really want it.
pony10us,
Yes please that'd be greatly appreciated since I'm not using Kixstart.
Anyway, I will be creating new thread and update you the link here :-)
Yes please that'd be greatly appreciated since I'm not using Kixstart.
Anyway, I will be creating new thread and update you the link here :-)
Here is a basic Powershell that leverages AD module and WMI to gather information about the computers, but keep in mind that the computer needs a logged on person to have true value for it.
If you wish to export it to a CSV just add the piped part after the Select
This will take some time, but it will work for you.
To truly gather a log you will need to create a logon and logoff script and write the data to a DB of some sort.
As I mentioned I have something in place in my environment that uses a VBS logon and Logoff to write to a MSSQL DB and I built a VB.net Form to query this data as well as execute commands against the computer or user.
If you are interested in this I will be more than happy to share this with you.
Import-Module ActiveDirectory
$computers = Get-ADComputer -Filter * -SearchBase 'OU=Computers,OU=Production,OU=xxx,DC=xxxxxx,DC=local' -SearchScope Subtree
Foreach ($computer in $computers)
{ if (Test-Connection -ComputerName $computer.name -Quiet)
{
Get-WmiObject -ComputerName $computer.name -Class Win32_ComputerSystem | Select Name,Username
}
}If you wish to export it to a CSV just add the piped part after the Select
| Export-csv -Path c:\ -NoTypeInformation -Append This will take some time, but it will work for you.
To truly gather a log you will need to create a logon and logoff script and write the data to a DB of some sort.
As I mentioned I have something in place in my environment that uses a VBS logon and Logoff to write to a MSSQL DB and I built a VB.net Form to query this data as well as execute commands against the computer or user.
If you are interested in this I will be more than happy to share this with you.
here is one addition script.
Import-Module activedirectory
clear
Get-ADComputer -Filter * -SearchBase 'OU=Computers,OU=Production,OU=FLH,DC=flhlaw,DC=local' |
ForEach-Object{
If (Test-Connection -computername $_.name -Count 1 -quiet)
{
$User = (Get-WmiObject Win32_ComputerSystem -ComputerName $_.name)
$Logon = (Get-WmiObject -Class Win32_LogonSession -ComputerName $_.name -Filter "LogonType='2'"| Select-Object -First 1 | where { $_.StartTime -ne $null} )
##If($.starttime)
write-Host $user.name, $user.userName,$logon.ConvertToDateTime($logon.StartTime)
}
Else
{
$_.name + " Offline"
}
}
This posting on spiceworks offers some suggestions for scripts & tools.
https://community.spiceworks.com/topic/441253-find-out-what-pc-a-user-is-logged-into-domain-connected
One of the responses mentions Network Scanner by Lansweeper, which looks promsing, although I have never used it.
https://www.softperfect.com/products/networkscanner/
The powershell script described on this page might work for you:
https://blogs.technet.microsoft.com/heyscriptingguy/2011/06/04/use-powershell-to-find-logon-sessions/