Welcome to my Weblog
I will be using this site to post on a number of subjects including time saving scripts, technological investigations and topical issues on a number on platforms including Windows and MacOSX.
Any comments or suggestions are welcome!
VB WMI Query Computer Attributes
August 2nd, 2009
No comments
By using a VB scripts we can perform a WMI (Windows Management Instrumentation) connection to a host to execute a query against.
Below is an example of a WMI query connecting to the host named “computer”, once connected will loop around each drive letter which is a hard drive displaying the drive letter and total disk space in GB
On Error Resume Next
Const HARD_DISK = 3Set objWMIService = GetObject(“winmgmts:” & “{impersonationLevel=impersonate}!\\” & “computer” & “\root\cimv2″)
if Err.Number = 0 then
‘ Add WMI Query Script in here!Set colDisks = objWMIService.ExecQuery (“Select * from Win32_LogicalDisk Where DriveType = ” & HARD_DISK & “”)
For Each objDisk in colDisksWscript.Echo objDisk.DeviceID + ” Disk Size (GB): ” + CStr(Round((((objDisk.Size / 1024)/1024)/1024),1))
Next
else
Wscript.echo “Could not connect to ” & “computer” & ” error ” & Err.Number
End IfErr.Clear
The above WMI query can be combined with an Active Directory query to make the script more versatile (further information is here), an example of this script is below:
On Error Resume Next
Const ADS_SCOPE_SUBTREE = 2
Const HARD_DISK = 3Set objConnection = CreateObject(“ADODB.Connection”)
Set objCommand = CreateObject(“ADODB.Command”)
objConnection.Provider = “ADsDSOObject”
objConnection.Open “Active Directory Provider”Set objCOmmand.ActiveConnection = objConnection
objCommand.CommandText = “Select Name from ‘LDAP://OU=MyServers,DC=Domain,DC=co,DC=uk’ ” & “Where objectClass=’computer’”
objCommand.Properties(”Page Size”) = 1000
objCommand.Properties(”Searchscope”) = ADS_SCOPE_SUBTREE
Set objRecordSet = objCommand.Execute
objRecordSet.MoveFirstDo Until objRecordSet.EOF
Wscript.Echo “Computer Name: ” & objRecordSet.Fields(“Name”).ValueSet objWMIService = GetObject(“winmgmts:” & “{impersonationLevel=impersonate}!\\” & objRecordSet.Fields(“Name”).Value & “\root\cimv2″)
if Err.Number = 0 then
‘ Add WMI Query Script in here!
else
Wscript.echo “Could not connect to ” & objRecordSet.Fields(“Name”).Value & ” error ” & Err.Number
End IfErr.Clear
objRecordSet.MoveNext
Loop
A number of WMI queries used can be found in the reference page WMI_Queries
VB Query Active Directory Objects
June 13th, 2009
No comments
In an Active Directory environment there is often a requirement to query objects within the AD database, either returning selected attribute values or using this information to for further queries.
The same principles apply across any object type, the script below connects via LDAP, performs a query and returns selected values from Active Directory.
The below script will query all objects in the OU MyServers and subtree, in the domain Domain.co.uk, of type computer, returning the attributes Name and Location.
Const ADS_SCOPE_SUBTREE = 2
Set objConnection = CreateObject(”ADODB.Connection”)
Set objCommand = CreateObject(”ADODB.Command”)
objConnection.Provider = “ADsDSOObject”
objConnection.Open “Active Directory Provider”Set objCOmmand.ActiveConnection = objConnection
objCommand.CommandText = “Select Name, Location from ‘LDAP://OU=MyServers,DC=Domain,DC=co,DC=uk’ ” & “Where objectClass=’computer’”
objCommand.Properties(”Page Size”) = 1000
objCommand.Properties(”Searchscope”) = ADS_SCOPE_SUBTREE
Set objRecordSet = objCommand.Execute
objRecordSet.MoveFirst
Do Until objRecordSet.EOF‘ Insert Operators here
objRecordSet.MoveNextLoop
Once the query has been run the results can then be used for any requirement, a simple example below is to display the name of the computer followed by the Location attribute stored in AD.
……
Do Until objRecordSet.EOF‘ Insert Operators here
Wscript.Echo “Computer Name: ” & objRecordSet.Fields(”Name”).Value
Wscript.Echo “Location: ” & objRecordSet.Fields(”Location”).ValueobjRecordSet.MoveNext
Loop
Any attribute of the object can be displayed as long as it was requested in the initial query; Select Name, Location from…. , attribute names are LDAP attributes rather than field names seen in the Active Directory Users and Computers mmc. A list of attributes can be found here; Active Directory LDAP Attributes
One way to enhance this script further is for each computer selected perform a WMI query against it; VB WMI Query
AD Command Line Queries
February 16th, 2009
1 comment
There are a number of ways to query the Active Directory database to export objects and there attributes. One of the most common groups of tools are provided by Microsoft; dsget and dsquery.
Query Group Members
To display the member of a specific group use the dsget group command
dsget group “CN=My Group,OU=Domain Groups,DC=Domain,DC=co,DC=uk” -members
The above command will list the UPN of the users in My Group, if more information is required from each of the users within My Group the output can be piped into another dsget command
To display the member of a specific group use the dsget group command
dsget group “CN=My Group,OU=Domain Groups,DC=Domain,DC=co,DC=uk” -members | dsget user -upn -display -disabled -acctexpires
This commnd above will list the users in the group My Group with there UPN, display name, if the account is disabled and when the account expires.
SVCHOST High CPU Usage Issue
February 9th, 2009
No comments
There are a number of threads in the Microsoft Windows Update Newsgroup and around other well known sites regarding the infamous SVCHOST Issue!
The main issue that people are reporting is the high CPU usage from the process SVCHOST.exe, generally fluctuating between 20 and 85 percent CPU usage, in some cases using all of the CPU cycles and leaving the computer un-usable.
The cause of this is the Automatic Update service during its detection process; this is where the client PC either checks in to the local WSUS server or accesses the Windows Update site and determines which MS updates are required from the update catalogue.
All of this information is very good… I hear you say, however where is the fix!
Ok, after much web crawling and some testing, below is the method I have used for my clients which has proved sucessfull:
- Firstly stop the Automatic Update service either through services.msc or with the command line net stop “Automatic Updates”. This will ensure the update process is as quick as possible.
- Next apply the first of two patches; an update to the Windows Update Agent, the current version is 2.0, this patch updates it to version 3.0 which is pushed out via WSUS v3.0:
- Apply the hotfix for this issue, originally stated in KB916089 and then superseded by KB927891 which provides an update for the Msi31.dll (exact name depends on operating version) with basically a more efficient detection algorithm in place:
- Finally reboot the client PC and start the Automatic Update service if it is not set to start automatically.
I hope this solution is effective for everyone who reads this article as it was for me, and there are only one statement to make; Thanks again MS… another fine mess you have gotten us into.. however at least you are keeping us in our jobs!
Create a Custom Windows Service
February 9th, 2009
No comments
This article describes how to create a service on either Windows NT, 2000 or XP (untested on Vista). The service can run any application required and can be configured as any other service on the system can.
This information has been extracted from the Microsoft article KB137890, and requires two programs that can be found in the Windows NT resource kit (or here)
- SRVANY.EXE – Allows any application to run as a service
- INSTSRV.EXE – Creates the system service
Create the service
Use the INSTSRV.EXE application to create the system service, it requires two parameters; the first is the name of the service you want to create, the second is always the path to the SRVANY.EXE application.
INSTSRV.EXE Notepad c:\SRVANY.EXE
Set the application as a service
Next edit the registry and enter the path to the application that is required to run as a service. The location is the registry depends on the name of the service that was defined above; in this case Notepad
Run regedit.exe
Navigate to HKLM\SYSTEM\CurrentControlSet\Services\Notepad
Create a new key called Parameters
Under the new key create a new string value called Application and set its value to the path of the application c:\WINDOWS\NOTEPAD.EXE
Once created this service can be managed through the services mmc to set its startup type, recovery response etc.
To make this process easier, the following code can be placed into a batch file and run (with the correct parameters) to create the service and congfiure the registry. It assumes that INSTSRV.EXE is already in a search path and that SRVANY.EXE is located in the root of the C drive.
@echo off
rem #################################
rem ## This batch file created a new system service ##
rem ## ensure the correct parameters are used      ##
rem #################################rem Parameter 1 should be the name of the service
rem Parameter 2 should be the path to the executableecho Creating Service
INSTSRV.EXE %1 c:\SRVANY.EXEecho Creating Registry Keys
reg add “HKLM\SYSTEM\CurrentControlSet\Services\%1\Parameters”
reg add “HKLM\SYSTEM\CurrentControlSet\Services\%1\Parameters” /v Application /d %2
Windows CLI – Tasklist
February 9th, 2009
No comments
The command line tool tasklist without any switches will simply display the local currently running processes and if the /S parameter is used process’s running on a remote machine can be queried.
Now all of this isn’t really worth writing about you might say, however one switch that I found useful was the command tasklist /svc ; this will display a list of all running processes along with any related services attached to that process.