Who logs onto this computer?
Posted on February 3rd, 2012
One of the questions that is frequently asked in a large organization is, “Who uses computer XYZ123?”. Many tools will report the current user, but the current user may or may not be the the person who usually works on a given computer. The current user for the computer you are logged on logged onto to fix is probably not the name you want.
In pre-Windows 7 days, I used to pull the user information from the registry location HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\DefaultUserName. I recently found out that this has been moved to HKLM\Software\Microsoft\Windows\CurrentVersion\Authentication\LogonUI\LastLoggedOnUser for Windows 7.
Unfortunately when I went looking in the new location, there was nothing there. The missing LastLoggedOnUser was a weird problem. After some Google search time I found that if you use a GPO entry to clear the last username then LastLoggedOnUser is not populated.
I then spent some time with WMI, and found some interesting information is available in Win32_NetworkLoginProfile. I ended up writing two scripts: LastUserLogon.vbs gets the last user for a computer, and TopComputerUsers.vbs which collects the top 5 interactive logons for a computer. Both let you copy the data to the clipboard if Word is installed, otherwise the information can be output to notepad.
The TopComputerUsers script is interesting because WMI contains a count of user logons, and I use a disconnected recordset to sort the user information by number of logons. The LastUserLogon gives you a subset of the information from TopComputerUsers, and can help you determine whether a given computer is underutilized.
Both will work on local or remote computers. Both take a computer name as an argument. And both scripts tell you who the current user is.
Filed under VbScript, Windows 7, Windows Administration, WMI | No Comments »
Why I am not monetizing my blog
Posted on January 24th, 2012
I am still resisting the call from my friends to monetize my blog. This means that there is no advertising here, now or later. I see this primarily as an ethical issue. You, as taxpayers, have already paid for this work. I, as a federal employee, have already been compensated for the work.
Filed under General | No Comments »
Uninstall All But the Most Recent Version of Java
Posted on January 10th, 2012
UninstallJava.vbs creates a list of programs with “Java” in the name. I then uninstalls all but the most recent version. You can run it locally or against a remote computer.
Filed under Scripting, VbScript | No Comments »
Finding Name Resolution Problems
Posted on December 12th, 2011
Name resolution problems are a plague for system administrators. If you think you are working on ComputerA but instead are working on ComputerB much gnashing of teeth may result. In our environment we have NetBIOS and FQDNs to resolve. The correct name, of course, is the one in the registry.
NameResolution.wsf checks the registry, FQDN and NBTName for computers. Any name mismatches are noted. This is an example of a WSF front end that I wrote. The front end lets you run the script against a single file name, a list of files typed, a file of computer names, or a list from AD. When you run it against more than one computer it is multi-threaded. The results are written to a file on your desktop. I had some strange issues with the .Run and .Exec methods for wshShell on a Windows 7 x64 system. These returned “file not found” when I tried to run NBTSTAT. I rewrote the script to use the WMI Win32_Process create method instead. (Later I discovered that this was related to an old version of PrimalScript.)
Soon I will post a script to fix PTR errors.
Tags: Name Resolution
Filed under Patching, Scripting, Windows Administration, WMI | No Comments »
Can’t find %HOMESHARE%\Favorites\.
Posted on December 12th, 2011
I tried to update Adobe Reader using my domain based admin account for elevation, and got this installer error “Can’t Find %HOMESHARE%\Favorites\.” To fix it I opened RegEdit, navigated to HKCU\Environment, and added a new expandable string value named HOMESHARE, and pointed it to the proper location.
Filed under Computing, Windows Administration | No Comments »
Scriptomatic on Windows 7 Solved
Posted on November 20th, 2011
I have been writing HTA files for a years as a way to improve the appearance of some of my scripts. MSDN has a good article from May of 2011 about the power and utility of HTA files. After moving to Windows 7 x64, I was disappointed to find that one of my favorite HTA files, Scriptomatic, had quit working. Scriptomatic is a Microsoft utility that writes WMI code. Unfortunately when running Scriptomatic I got this error on line 177, character 4: “Could not complete the operation due to error 80041003”. If you look at the code the line is: Set objWMIService = GetObject(“winmgmts:\\” & _strWMISource & “\” & strNameSpace) If you look up the error you find that it is WBEM_E_ACCESS_DENIED, “Current user does not have permission to perform the action.” If you search this problem with Scriptomatic in Google, you will find a slew of answers concluding that your only choice is to run the tool as an administrator. This is true with the code as is, but I thought it would be more interesting to fix the problem, which is ultimately an error handing issue. Scriptomatic tries to enumerate all of WMI. An ordinary user cannot access all of WMI, so it fails with a permission error. My version of Scriptomatic (Fixed_Scriptomatic.hta) adds error handling so an ordinary user can enumerate classes where there is permission to do so. Why do this? I have another project where an ordinary user uses an HTA to get computer information. I wanted to make sure that there would be no problems. My version of Scriptomatic adds error handling. I have commented all of my changes. If you are uneasy, then I suggest you download the original file and compare. If you run my fixed version as an ordinary user, it will take a really long time to open. On my system, a full two minutes. But the resulting list will be good for the current user’s credentials. Note that HTA files run best from the local computer.
(Update: 1–24–12. Fixed the embarrasing lack of a link to the file)
Filed under Alan's Favorites, HTA, Scripting, Windows 7, WMI | 2 Comments »
Floppy Drive Settings for Virtual PC
Posted on November 16th, 2011
Earlier I wrote about using WinImage to preserve floppy disk data. In my continuing adventure with Windows 7 x64, I found that DOS programs will not run under x64. What DOS program do I like to use? The WordPerfect Editor from the WordPefect Shell. (Curious? You can get it here). Why? Because it allows you to easily replace formatting codes like TAB and NewLine. It also permits macros.
I figured I would be able to run the WP Editor from a floppy image. WinImage works with FileDisk to allow you to mount floppy images so they are available as drive letters within the Windows OS. So I made the bootable floppy, injected the files I wanted, and went into Virtual PC to map the floppy image to the VM. What I failed to notice was that Microsoft no longer shows the floppy drive in the Virtual PC UI. Howerver, a search of the internet found that floppy drive assignments were still available programatically with Virtual PC.
Being a scripting guy, I decided to write a script that sets and clears floppy drive settings. The result is SetVPCFloppy.vbs. Some odd things about this script. First, do not run it as an administrator. If you do, the activex control throws a permission denied error. Instead, run it with the permissions of the owner of the virtual machines. Also remember that you will need to change the boot order in the virtual BIOS if you want to boot from the floppy. Use the DELete key to enter BIOS setup.
Unfortunately, I discovered after all this work that the DOS virtual machines do not have the Virtual Machine extensions available. I found some instructions as to how to do this, but the extension failed to work on my system. When the Virtual Machine Folder Sharing begins to load I get “Folder Sharing is not supported on this host”. As a result, I am unable to cut and paste into the DOS window and cannot share data. A disappointing result. If you have been able to get the extensions working, please share your experience.
Tags: Virtual PC
Filed under VbScript, Windows 7 | No Comments »