From a support point of view, when someone calls the Helpdesk with a "there's something going on with my pc" question, very early in the process you'll want to know what is installed on that computer, and then what versions of each installed application. It's also handy to know *when* things were installed - if things just started to go wrong, knowing what was just installed is a must-know. Of course, the person making the call will always say "I didn't install anything", but once you have that list, the hasty "oh, except for that" is generally quickly forthcoming.
set HOST=%1 md %DIRNAME%
Now that we have inven.cmd and the list of hosts in hostlist.txt, let's combine them and get the full report, by creating DOMLOOP.CMD, which will contain a single line (Note that USERID and PASSWORD will need rights to login to the remote hosts and run the WMIC commands) FOR /F %%G IN ( HOSTLIST.TXT ) DO CALL INVEN.CMD %%G USERID PASSWORD Now, you say, what about malware? Oddly enough, lots of the malware out there (many of the FAKE-AV packages for instance), actually use the Windows installer and register themselves. You can any apps that *don't* register using variations on "dir c:\*.exe /s", or, if you are looking for hidden and/or system files, you can use variants on "attrib c:\*.exe /s" (or whatever file type, not just exe's).
[robv@pt01 ~]$ chkconfig --list Name Version Description
==================================================================================== Finally, we're interested in how you tackle the software inventory problem. Please use our comment form - let us know of any cool tools you use, or post any scripts you may have written to help out !
=============== Rob VandenBrink |
Rob VandenBrink 578 Posts ISC Handler Oct 4th 2011 |
||||||||||
Thread locked Subscribe |
Oct 4th 2011 1 decade ago |
||||||||||
Shouldn't "set HOSTNAME=%1" say "set HOST=%1"?
I'm asking because right below you have "/node:%HOST%" I was trying to run this script as a test on a local machine but not sure what "set HOSTNAME" should be. If I'm wrong (cuz I'm also a newb) what should "set Hostname" be and just below what should "/node:%HOST%" be? Could I please have an example of both? I'm thinking the "/node:%HOST%" should probably be an IP address? I'm confused at this hour, but would really like to get the script working :) Thank you in advance. |
Anonymous |
||||||||||
Quote |
Oct 4th 2011 1 decade ago |
||||||||||
Correct, good catch !
I guess that's what happens when you cut from a larger script to make a small one. Thanks very much! |
Rob VandenBrink 578 Posts ISC Handler |
||||||||||
Quote |
Oct 4th 2011 1 decade ago |
||||||||||
Great tip, however when it's run on a Win7 box, i had a little trouble, error message;
"Invalid XSL format (or) file name." After googling a little i found the solution, before running any wmic command that outputs to a formated file, we should first tell the PATH to look in "C:\Windows\System32\wbem\en-US" that's were the format "template" is. Again very nice tip to make a simple "inventory" Cheers |
Flip 1 Posts |
||||||||||
Quote |
Oct 4th 2011 1 decade ago |
||||||||||
If you don't have cut like me, this seems to work instead:
for /F "tokens=2 delims=,=" %i in ('dsquery computer -s DCname -u domainname\administrator -p adminpassword -limit 10000') do @echo %i |
Flip 2 Posts |
||||||||||
Quote |
Oct 4th 2011 1 decade ago |
||||||||||
Hey Rob,
Just wanted to note that if your hostnames have any special characters in them such as dashes, you will get an 'invalid global variable' error and your folders will be empty. the way around this is to put %HOST% and %DIRNAME%\filename.htm in single quotes: wmic /output:'%DIRNAME%\os.htm' /user:%UID% /password:%PWD% /node:'%HOST%' os list full /format:hform |
Flip 2 Posts |
||||||||||
Quote |
Oct 4th 2011 1 decade ago |
||||||||||
I would also like to know how others tackle the "users having admin privileges" problem? It almost seems that it's common sense for users NOT to be admins but I rarely seen that enforced in my experience thus far. I'll have to check if there's a poll already on how many companies restrict their users.
|
Flip 3 Posts |
||||||||||
Quote |
Oct 4th 2011 1 decade ago |
||||||||||
Collecting this info on a Windows domain can be done with the Microsoft Assessment and Planning Toolkit. It is a free download and does not require installation of an agent, and is pretty easy to use.
http://technet.microsoft.com/en-us/library/bb977556.aspx |
Flip 3 Posts |
||||||||||
Quote |
Oct 5th 2011 1 decade ago |
||||||||||
In any system, U*ix, Linux, or M$, even a non-admin can install an executable binary in their own directory. While this may not be under the OS's package control system, it can still be loaded and run, and thus constitute a potential problem. How does one deal with that?
|
Moriah 133 Posts |
||||||||||
Quote |
Oct 5th 2011 1 decade ago |
||||||||||
OpenAudIT is an INCREDIBLE open source auditing tool.
install xampp with defaults and then openaudit pretty much just works, can be integrated with AD and audits EVERYTHING on a machine in great detail www.open-audit.org |
Moriah 2 Posts |
||||||||||
Quote |
Oct 6th 2011 1 decade ago |
Sign Up for Free or Log In to start participating in the conversation!