|
 |  |  |  |  |  |  |
| Welcome to Windows Vista Forums. Our forum is dedicated to helping you find solutions with any problems, errors or issues you are experiencing with Windows Vista. The Vista forum also covers news and updates and has an extensive Windows Vista tutorial section that covers a wide range of tips and tricks. |
| |||||||
 |
| |
01-03-2007
| #1 (permalink) |
| | Collecting information from Active Directory Hello All, I need to get a list of all computers in our Active Directory and the user who last logged onto it. Has anyone got a sample script to help with this, or at least some parts of it..... Thanks in advance. |
My System Specs |
|
01-03-2007
| #2 (permalink) |
| | Re: Collecting information from Active Directory $root = {ADSI]"LDAP://ou=workstations,dc=somedomain,dc=net" $computers = $root.psbase.get_children() $computers | ft distinguishedname,operatingsystem Those attributes I used as an example, there are others available on computers. Unfortunately, you will not find the last logged on user stored in AD, its just not in the design. For that you would have to enable auditing on the workstation, and look through the security logs. The script above connects to a specific OU and enumerates the objects inside. Things to add is a LDAP filter to search for computer objects( like (objectcategory=computer)), and maybe starting at the rootDSE instead of a child OU and using .findall() to find computers. james pogran Glenn Wilson wrote: > Hello All, > > I need to get a list of all computers in our Active Directory and the user > who last logged onto it. Has anyone got a sample script to help with this, or > at least some parts of it..... > > Thanks in advance. |
| My System Specs |
|
01-03-2007
| #3 (permalink) |
| | Re: Collecting information from Active Directory Use following 4 lines to retrieve a list of computers in your AD. This will return all computers no matter what OU they are in. $ldapQuery = "(&(objectCategory=computer))" $de = new-object system.directoryservices.directoryentry $ads = new-object system.directoryservices.directorysearcher -argumentlist $de,$ldapQuery $complist = $ads.findall() Now iterate through $complist and query the registry on each remote computer for last logged on user: $complist | % { $cn = $_.properties['cn'] $rk = [Microsoft.Win32.RegistryKey]::OpenRemoteBaseKey([Microsoft.Win32.RegistryHive]::LocalMachine,$cn) $rv = $rk.opensubkey("\Software\Microsoft\Windows NT\CurrentVersion\WinLogon") $lastuser = $rv.GetValue("DefaultDomainName") + "\" + $rv.GetValue("DefaultUserName") write-host "$cn - $lastuser" } -- gaurhoth http://gaurhothw.spaces.live.com/ "Glenn Wilson" <GlennWilson@discussions.microsoft.com> wrote in message news:42CD0DB7-6364-4D6E-8A43-E967A501CEF7@microsoft.com... > Hello All, > > I need to get a list of all computers in our Active Directory and the user > who last logged onto it. Has anyone got a sample script to help with this, or > at least some parts of it..... > > Thanks in advance. |
| My System Specs |
|
01-03-2007
| #4 (permalink) |
| | Re: Collecting information from Active Directory Thanks parts of it work, but I am geting the followig error with the script, it runs collects the machines, then when it goes to read the registery I get the following. Exception calling "OpenRemoteBaseKey" with "2" argument(s): "The network path was not found." At E:\PowerShell\Scripts\get-computerlastlogon.ps1:8 char:59 + $rk = [Microsoft.Win32.RegistryKey]::OpenRemoteBaseKey( <<<< [Microsoft.Win32.RegistryHive]::LocalMachine,$cn) You cannot call a method on a null-valued expression. At E:\PowerShell\Scripts\get-computerlastlogon.ps1:10 char:29 + $lastuser = $rv.GetValue( <<<< "DefaultDomainName") + "\" + $rv.GetValue("DefaultUserName") "Gaurhoth" wrote: > Use following 4 lines to retrieve a list of computers in your AD. This will return all computers no matter what OU they are in. > > $ldapQuery = "(&(objectCategory=computer))" > $de = new-object system.directoryservices.directoryentry > $ads = new-object system.directoryservices.directorysearcher -argumentlist $de,$ldapQuery > $complist = $ads.findall() > > Now iterate through $complist and query the registry on each remote computer for last logged on user: > > $complist | % { > $cn = $_.properties['cn'] > $rk = [Microsoft.Win32.RegistryKey]::OpenRemoteBaseKey([Microsoft.Win32.RegistryHive]::LocalMachine,$cn) > $rv = $rk.opensubkey("\Software\Microsoft\Windows NT\CurrentVersion\WinLogon") > $lastuser = $rv.GetValue("DefaultDomainName") + "\" + $rv.GetValue("DefaultUserName") > write-host "$cn - $lastuser" > } > > -- > > gaurhoth > http://gaurhothw.spaces.live.com/ > > > "Glenn Wilson" <GlennWilson@discussions.microsoft.com> wrote in message news:42CD0DB7-6364-4D6E-8A43-E967A501CEF7@microsoft.com... > > Hello All, > > > > I need to get a list of all computers in our Active Directory and the user > > who last logged onto it. Has anyone got a sample script to help with this, or > > at least some parts of it..... > > > > Thanks in advance |
| My System Specs |
|
01-04-2007
| #5 (permalink) |
| | Re: Collecting information from Active Directory I don't think PS supports remote registry access (yet). As a workaround, you might be able to use the win32_Process Create method to run regedit on the remote machine, export the key, and then parse the username out of the .reg file. "Glenn Wilson" wrote: > Thanks parts of it work, but I am geting the followig error with the script, > it runs collects the machines, then when it goes to read the registery I get > the following. > > Exception calling "OpenRemoteBaseKey" with "2" argument(s): "The network > path was not found." > At E:\PowerShell\Scripts\get-computerlastlogon.ps1:8 char:59 > + $rk = [Microsoft.Win32.RegistryKey]::OpenRemoteBaseKey( <<<< > [Microsoft.Win32.RegistryHive]::LocalMachine,$cn) > You cannot call a method on a null-valued expression. > At E:\PowerShell\Scripts\get-computerlastlogon.ps1:10 char:29 > + $lastuser = $rv.GetValue( <<<< "DefaultDomainName") + "\" + > $rv.GetValue("DefaultUserName") > > > "Gaurhoth" wrote: > > > Use following 4 lines to retrieve a list of computers in your AD. This will return all computers no matter what OU they are in. > > > > $ldapQuery = "(&(objectCategory=computer))" > > $de = new-object system.directoryservices.directoryentry > > $ads = new-object system.directoryservices.directorysearcher -argumentlist $de,$ldapQuery > > $complist = $ads.findall() > > > > Now iterate through $complist and query the registry on each remote computer for last logged on user: > > > > $complist | % { > > $cn = $_.properties['cn'] > > $rk = [Microsoft.Win32.RegistryKey]::OpenRemoteBaseKey([Microsoft.Win32.RegistryHive]::LocalMachine,$cn) > > $rv = $rk.opensubkey("\Software\Microsoft\Windows NT\CurrentVersion\WinLogon") > > $lastuser = $rv.GetValue("DefaultDomainName") + "\" + $rv.GetValue("DefaultUserName") > > write-host "$cn - $lastuser" > > } > > > > -- > > > > gaurhoth > > http://gaurhothw.spaces.live.com/ > > > > > > "Glenn Wilson" <GlennWilson@discussions.microsoft.com> wrote in message news:42CD0DB7-6364-4D6E-8A43-E967A501CEF7@microsoft.com... > > > Hello All, > > > > > > I need to get a list of all computers in our Active Directory and the user > > > who last logged onto it. Has anyone got a sample script to help with this, or > > > at least some parts of it..... > > > > > > Thanks in advance |
| My System Specs |
|
01-04-2007
| #6 (permalink) |
| | Re: Collecting information from Active Directory My guess would be that you're receiving this error because the machine you're trying to open the registry on is not currently available or is not accessible for some other reason (security, firewall, etc). You can tell the script to continue by either trapping the error or just setting the global $ErrorActionPreference variable to "SilentlyContinue" before running the script. This way, when the script encounters a machine that it cannot reach it will just move onto the next machine. Tom G. -- Glenn Wilson wrote: > Thanks parts of it work, but I am geting the followig error with the > script, it runs collects the machines, then when it goes to read the > registery I get the following. > > Exception calling "OpenRemoteBaseKey" with "2" argument(s): "The > network path was not found." > At E:\PowerShell\Scripts\get-computerlastlogon.ps1:8 char:59 > + $rk = [Microsoft.Win32.RegistryKey]::OpenRemoteBaseKey( <<<< > [Microsoft.Win32.RegistryHive]::LocalMachine,$cn) > You cannot call a method on a null-valued expression. > At E:\PowerShell\Scripts\get-computerlastlogon.ps1:10 char:29 > + $lastuser = $rv.GetValue( <<<< "DefaultDomainName") + "\" + > $rv.GetValue("DefaultUserName") > > > "Gaurhoth" wrote: > > > Use following 4 lines to retrieve a list of computers in your AD. > > This will return all computers no matter what OU they are in. > > > > $ldapQuery = "(&(objectCategory=computer))" > > $de = new-object system.directoryservices.directoryentry > > $ads = new-object system.directoryservices.directorysearcher > > -argumentlist $de,$ldapQuery $complist = $ads.findall() > > > > Now iterate through $complist and query the registry on each remote > > computer for last logged on user: > > > > $complist | % { > > $cn = $_.properties['cn'] > > $rk = > > [Microsoft.Win32.RegistryKey]::OpenRemoteBaseKey([Microsoft.Win32.Re > > gistryHive]::LocalMachine,$cn) $rv = > > $rk.opensubkey("\Software\Microsoft\Windows > > NT\CurrentVersion\WinLogon") $lastuser = > > $rv.GetValue("DefaultDomainName") + "\" + > > $rv.GetValue("DefaultUserName") write-host "$cn - $lastuser" } > > > > -- > > > > gaurhoth > > http://gaurhothw.spaces.live.com/ > > > > > > "Glenn Wilson" <GlennWilson@discussions.microsoft.com> wrote in > > message news:42CD0DB7-6364-4D6E-8A43-E967A501CEF7@microsoft.com... > > > Hello All, > > > > > > I need to get a list of all computers in our Active Directory and > > > the user who last logged onto it. Has anyone got a sample script > > > to help with this, or at least some parts of it..... > > > > > > Thanks in advance |
| My System Specs |
|
01-04-2007
| #7 (permalink) |
| | Re: Collecting information from Active Directory PowerShell itself doesn't support remoting. However, the script is using a .NET RegistryKey object that does support remotely accessing another machine using the OpenRemoteBaseKey method. Think of it as .NET picking up the slack for PowerShell  Tom G. -- Rob Campbell wrote: > I don't think PS supports remote registry access (yet). > > As a workaround, you might be able to use the win32_Process Create > method to run regedit on the remote machine, export the key, and then > parse the username out of the .reg file. > > > > "Glenn Wilson" wrote: > > > Thanks parts of it work, but I am geting the followig error with > > the script, it runs collects the machines, then when it goes to > > read the registery I get the following. > > > > Exception calling "OpenRemoteBaseKey" with "2" argument(s): "The > > network path was not found." > > At E:\PowerShell\Scripts\get-computerlastlogon.ps1:8 char:59 > > + $rk = [Microsoft.Win32.RegistryKey]::OpenRemoteBaseKey( <<<< > > [Microsoft.Win32.RegistryHive]::LocalMachine,$cn) > > You cannot call a method on a null-valued expression. > > At E:\PowerShell\Scripts\get-computerlastlogon.ps1:10 char:29 > > + $lastuser = $rv.GetValue( <<<< "DefaultDomainName") + "\" + > > $rv.GetValue("DefaultUserName") > > > > > > "Gaurhoth" wrote: > > > > > Use following 4 lines to retrieve a list of computers in your AD. > > > This will return all computers no matter what OU they are in. > > > > > > $ldapQuery = "(&(objectCategory=computer))" > > > $de = new-object system.directoryservices.directoryentry > > > $ads = new-object system.directoryservices.directorysearcher > > > -argumentlist $de,$ldapQuery $complist = $ads.findall() > > > > > > Now iterate through $complist and query the registry on each > > > remote computer for last logged on user: > > > > > > $complist | % { > > > $cn = $_.properties['cn'] > > > $rk = > > > [Microsoft.Win32.RegistryKey]::OpenRemoteBaseKey([Microsoft.Win32. > > > RegistryHive]::LocalMachine,$cn) $rv = > > > $rk.opensubkey("\Software\Microsoft\Windows > > > NT\CurrentVersion\WinLogon") $lastuser = > > > $rv.GetValue("DefaultDomainName") + "\" + > > > $rv.GetValue("DefaultUserName") write-host "$cn - $lastuser" } > > > > > > -- > > > > > > gaurhoth > > > http://gaurhothw.spaces.live.com/ > > > > > > > > > "Glenn Wilson" <GlennWilson@discussions.microsoft.com> wrote in > > > message news:42CD0DB7-6364-4D6E-8A43-E967A501CEF7@microsoft.com... > > > > Hello All, > > > > > > > > I need to get a list of all computers in our Active Directory > > > > and the user who last logged onto it. Has anyone got a sample > > > > script to help with this, or at least some parts of it..... > > > > > > > > Thanks in advance |
| My System Specs |
|
01-04-2007
| #8 (permalink) |
| | Re: Collecting information from Active Directory It does. Use it all the time... It is possible the RemoteRegistry Service is unavailable or Server is not pingable.. I always ping first. I would 1) write out the $cn and make sure there is a valid computer name. 2) ping the server before connecting to reg "Rob Campbell" <RobCampbell@discussions.microsoft.com> wrote in message news:EAD6994E-E525-488B-A586-B9332381085A@microsoft.com... >I don't think PS supports remote registry access (yet). > > As a workaround, you might be able to use the win32_Process Create method > to > run regedit on the remote machine, export the key, and then parse the > username out of the .reg file. > > > > "Glenn Wilson" wrote: > >> Thanks parts of it work, but I am geting the followig error with the >> script, >> it runs collects the machines, then when it goes to read the registery I >> get >> the following. >> >> Exception calling "OpenRemoteBaseKey" with "2" argument(s): "The network >> path was not found." >> At E:\PowerShell\Scripts\get-computerlastlogon.ps1:8 char:59 >> + $rk = [Microsoft.Win32.RegistryKey]::OpenRemoteBaseKey( <<<< >> [Microsoft.Win32.RegistryHive]::LocalMachine,$cn) >> You cannot call a method on a null-valued expression. >> At E:\PowerShell\Scripts\get-computerlastlogon.ps1:10 char:29 >> + $lastuser = $rv.GetValue( <<<< "DefaultDomainName") + "\" + >> $rv.GetValue("DefaultUserName") >> >> >> "Gaurhoth" wrote: >> >> > Use following 4 lines to retrieve a list of computers in your AD. This >> > will return all computers no matter what OU they are in. >> > >> > $ldapQuery = "(&(objectCategory=computer))" >> > $de = new-object system.directoryservices.directoryentry >> > $ads = new-object >> > system.directoryservices.directorysearcher -argumentlist $de,$ldapQuery >> > $complist = $ads.findall() >> > >> > Now iterate through $complist and query the registry on each remote >> > computer for last logged on user: >> > >> > $complist | % { >> > $cn = $_.properties['cn'] >> > $rk = >> > [Microsoft.Win32.RegistryKey]::OpenRemoteBaseKey([Microsoft.Win32.RegistryHive]::LocalMachine,$cn) >> > $rv = $rk.opensubkey("\Software\Microsoft\Windows >> > NT\CurrentVersion\WinLogon") >> > $lastuser = $rv.GetValue("DefaultDomainName") + "\" + >> > $rv.GetValue("DefaultUserName") >> > write-host "$cn - $lastuser" >> > } >> > >> > -- >> > >> > gaurhoth >> > http://gaurhothw.spaces.live.com/ >> > >> > >> > "Glenn Wilson" <GlennWilson@discussions.microsoft.com> wrote in message >> > news:42CD0DB7-6364-4D6E-8A43-E967A501CEF7@microsoft.com... >> > > Hello All, >> > > >> > > I need to get a list of all computers in our Active Directory and the >> > > user >> > > who last logged onto it. Has anyone got a sample script to help with >> > > this, or >> > > at least some parts of it..... >> > > >> > > Thanks in advance |
| My System Specs |
|
01-04-2007
| #9 (permalink) |
| | Re: Collecting information from Active Directory Or better yet... Powershell utilizing the already provided power of .NET  "Tom G." <thomglow@lycos.com> wrote in message news:uTKfieBMHHA.4912@TK2MSFTNGP02.phx.gbl... > PowerShell itself doesn't support remoting. However, the script is > using a .NET RegistryKey object that does support remotely accessing > another machine using the OpenRemoteBaseKey method. Think of it as .NET > picking up the slack for PowerShell > > Tom G. > -- > > > > Rob Campbell wrote: > >> I don't think PS supports remote registry access (yet). >> >> As a workaround, you might be able to use the win32_Process Create >> method to run regedit on the remote machine, export the key, and then >> parse the username out of the .reg file. >> >> >> >> "Glenn Wilson" wrote: >> >> > Thanks parts of it work, but I am geting the followig error with >> > the script, it runs collects the machines, then when it goes to >> > read the registery I get the following. >> > >> > Exception calling "OpenRemoteBaseKey" with "2" argument(s): "The >> > network path was not found." >> > At E:\PowerShell\Scripts\get-computerlastlogon.ps1:8 char:59 >> > + $rk = [Microsoft.Win32.RegistryKey]::OpenRemoteBaseKey( <<<< >> > [Microsoft.Win32.RegistryHive]::LocalMachine,$cn) >> > You cannot call a method on a null-valued expression. >> > At E:\PowerShell\Scripts\get-computerlastlogon.ps1:10 char:29 >> > + $lastuser = $rv.GetValue( <<<< "DefaultDomainName") + "\" + >> > $rv.GetValue("DefaultUserName") >> > >> > >> > "Gaurhoth" wrote: >> > >> > > Use following 4 lines to retrieve a list of computers in your AD. >> > > This will return all computers no matter what OU they are in. >> > > >> > > $ldapQuery = "(&(objectCategory=computer))" >> > > $de = new-object system.directoryservices.directoryentry >> > > $ads = new-object system.directoryservices.directorysearcher >> > > -argumentlist $de,$ldapQuery $complist = $ads.findall() >> > > >> > > Now iterate through $complist and query the registry on each >> > > remote computer for last logged on user: >> > > >> > > $complist | % { >> > > $cn = $_.properties['cn'] >> > > $rk = >> > > [Microsoft.Win32.RegistryKey]::OpenRemoteBaseKey([Microsoft.Win32. >> > > RegistryHive]::LocalMachine,$cn) $rv = >> > > $rk.opensubkey("\Software\Microsoft\Windows >> > > NT\CurrentVersion\WinLogon") $lastuser = >> > > $rv.GetValue("DefaultDomainName") + "\" + >> > > $rv.GetValue("DefaultUserName") write-host "$cn - $lastuser" } >> > > >> > > -- >> > > >> > > gaurhoth >> > > http://gaurhothw.spaces.live.com/ >> > > >> > > >> > > "Glenn Wilson" <GlennWilson@discussions.microsoft.com> wrote in >> > > message news:42CD0DB7-6364-4D6E-8A43-E967A501CEF7@microsoft.com... >> > > > Hello All, >> > > > >> > > > I need to get a list of all computers in our Active Directory >> > > > and the user who last logged onto it. Has anyone got a sample >> > > > script to help with this, or at least some parts of it..... >> > > > >> > > > Thanks in advance |
| My System Specs |
|
01-04-2007
| #10 (permalink) |
| | Re: Collecting information from Active Directory OK. My bad. "Brandon Shell" wrote: > It does. Use it all the time... > > It is possible the RemoteRegistry Service is unavailable or Server is not > pingable.. I always ping first. > > I would > 1) write out the $cn and make sure there is a valid computer name. > 2) ping the server before connecting to reg > > "Rob Campbell" <RobCampbell@discussions.microsoft.com> wrote in message > news:EAD6994E-E525-488B-A586-B9332381085A@microsoft.com... > >I don't think PS supports remote registry access (yet). > > > > As a workaround, you might be able to use the win32_Process Create method > > to > > run regedit on the remote machine, export the key, and then parse the > > username out of the .reg file. > > > > > > > > "Glenn Wilson" wrote: > > > >> Thanks parts of it work, but I am geting the followig error with the > >> script, > >> it runs collects the machines, then when it goes to read the registery I > >> get > >> the following. > >> > >> Exception calling "OpenRemoteBaseKey" with "2" argument(s): "The network > >> path was not found." > >> At E:\PowerShell\Scripts\get-computerlastlogon.ps1:8 char:59 > >> + $rk = [Microsoft.Win32.RegistryKey]::OpenRemoteBaseKey( <<<< > >> [Microsoft.Win32.RegistryHive]::LocalMachine,$cn) > >> You cannot call a method on a null-valued expression. > >> At E:\PowerShell\Scripts\get-computerlastlogon.ps1:10 char:29 > >> + $lastuser = $rv.GetValue( <<<< "DefaultDomainName") + "\" + > >> $rv.GetValue("DefaultUserName") > >> > >> > >> "Gaurhoth" wrote: > >> > >> > Use following 4 lines to retrieve a list of computers in your AD. This > >> > will return all computers no matter what OU they are in. > >> > > >> > $ldapQuery = "(&(objectCategory=computer))" > >> > $de = new-object system.directoryservices.directoryentry > >> > $ads = new-object > >> > system.directoryservices.directorysearcher -argumentlist $de,$ldapQuery > >> > $complist = $ads.findall() > >> > > >> > Now iterate through $complist and query the registry on each remote > >> > computer for last logged on user: > >> > > >> > $complist | % { > >> > $cn = $_.properties['cn'] > >> > $rk = > >> > [Microsoft.Win32.RegistryKey]::OpenRemoteBaseKey([Microsoft.Win32.RegistryHive]::LocalMachine,$cn) > >> > $rv = $rk.opensubkey("\Software\Microsoft\Windows > >> > NT\CurrentVersion\WinLogon") > >> > $lastuser = $rv.GetValue("DefaultDomainName") + "\" + > >> > $rv.GetValue("DefaultUserName") > >> > write-host "$cn - $lastuser" > >> > } > >> > > >> > -- > >> > > >> > gaurhoth > >> > http://gaurhothw.spaces.live.com/ > >> > > >> > > >> > "Glenn Wilson" <GlennWilson@discussions.microsoft.com> wrote in message > >> > news:42CD0DB7-6364-4D6E-8A43-E967A501CEF7@microsoft.com... > >> > > Hello All, > >> > > > >> > > I need to get a list of all computers in our Active Directory and the > >> > > user > >> > > who last logged onto it. Has anyone got a sample script to help with > >> > > this, or > >> > > at least some parts of it..... > >> > > > >> > > Thanks in advance > > |
| My System Specs |
|
| Thread Tools | |
| |
Similar Threads | ||||
| Thread | Forum | |||
| Active Directory information | VB Script | |||
| Collecting Information Delay | Vista installation & setup | |||
| Extending Active Directory Schema for Bitlocker recovery information | Vista General | |||
| Extending Active Directory Schema for Bitlocker recovery information | Vista security | |||
| Install hangs at collecting information | Vista General | |||
