Alan's Blog

"Yeah. I wrote a script that will do that."

Finding Rarely Used Computers On Your Network

Posted on February 13th, 2016

I support a number of hospitals.  Many of these have very large facilities, where the placement of computers was originally done by a space planner or others trying to make an educated guess about how and where people would be working.  Frequently we find that there are computers which are unused or only rarely used.  Efficient use of the machines requires that you identify these systems and reallocate them to be used where they are needed most.

There are a lot of ways to try to get at this information, for example, working with the information collected by SCCM, but you may not be collecting what is needed.  I wanted to create a multi-threaded script which collected the list of users from AD, pinged the list, then recorded the most recent logon which was not done by the local administrator account.

Get-UnusedComputers.ps1 uses Get-WMIObject to find the local path of each of the user profiles. Because the “lastwritten” attribute is updated when you log on, I sort the files by that date to determine the most recent logon. The results are exported to your desktop in a CSV file.

Script Text

Tags: ,
Filed under PowerShell, Scripting, Windows Administration, WMI | No Comments »

Win32_ReliablityRecords, PowerShell and ScriptoMatic

Posted on January 3rd, 2014

I was reviewing my blog stats today and found a link from a site in UK to my version of ScriptoMatic.hta.  I have upgraded my home laptop to 8.1, and decided to see whether it still works (it does).  If you launch the “fixed” ScriptoMatic as an ordinary user, it takes a very long time to load.  But after it did, I found that it worked just fine.  I began reviewing the WMI classes listed, and found one that I had not noticed before, Win32_ReliablityRecords. This class, introduced in Windows 7,  gives you a list of failed installs, system hangs, and application crashes in an easy to read format.

Scriptomatic created a nice vbScript to enumerate the class.  I coded Get-ReliablityRecords.ps1 in PowerShell with one-third the lines including comments.  It has only basic parameters.  You may choose a remote computer and a limit on the records returned.

Tags: , ,
Filed under PowerShell, Scripting, Windows 7, Windows 8, Windows Administration, WMI | No Comments »

USB Monitor for Removable Drives

Posted on April 7th, 2010

Having users plug USB drives into their systems can be a portal for malware into your network and data exiting from your network.  There are sophisticated programs that allow you to block and monitor endpoint security, such as Lumension’s Sanctuary.  If you don’t have that in your budget, you can still monitor and detect insertion of USB drives onto your computers.  USBMonitor.vbs is a highly configurable script that can send you email alerts when a user inserts a drive.  The alert will have the user’s name, the device they inserted and the time it happened.  The script can also generate an annoying beep that persists as long as the drive is inserted.  Users get a pop-up window with a message telling them to remove the drive.  You can permit certain devices to be used by all users, by all users at a certain workstation, or by a single user.  This way you can say that Bob can use a camera, or all users may use an approved IronKey.

Email is sent to the administrator via SMTP.  Take time to read the comments, which should guide you to the required edits for this to work in your environment.   Version 4 (4/7/10) adds options for exiting the program for servers and administrators, and reporting if endpoint security software is working.  It also can dismount the drive using the freeware USB Disk Ejector program, which may be downloaded here: http://quick.mixnmojo.com/usb-disk-ejector.  If you need assistance implementing this in your environment, send me an email.

Tags: USB+Monitor

Tags: , , ,
Filed under Alan's Favorites, My Best, Security, VbScript, Windows Administration | No Comments »

Please Note

All the scripts are saved as .txt files. Newer files have a "View Script" button which will let you save or open a script in notepad. For earlier posts, the easiest way to download with IE is to right click on the link and use "Save Target As". Rename file from Name_ext.txt to Name.ext.

To see a full post after searching, please click on the title.

PowerShell Scripts were written with Version 3 or 4.

https connections are supported.

All new users accounts must be approved, as are comments. Please be patient. It is pretty easy to figure out my email address from the scripts, and you are welcome to contact me that way.

Site Search

Categories

Archives

SQL Site

Bad Behavior has blocked 262 access attempts in the last 7 days.