$Inventory = Get-Content -Path "C:\Temp\computer list.txt"
foreach ($Computer in $Inventory) {
(Get-WmiObject -Class win32_process -ComputerName $Computer | Where-Object name -Match explorer).getowner().user
}
I'm trying to run a script that will get me the username and timestamp of lastlogon through a list of computer names in a text file associated with AD.
I can manage to get the names but I run into null-valued errors as it goes through the list and takes longer than expected to finish.
How would I go about fixing that and adding a timestamp for users who last logged on/off?
A better method would be to parse through event logs to find their log on log off times
this script looks like it fits the bill
https://gallery.technet.microsoft.com/scriptcenter/Find-user-logon-duration-667b8c48
you could then use it like this
$Inventory = Get-Content -Path 'C:\Temp\computerlist.txt'
ForEach ($Computer in $Inventory) {
Get-OSCUserLogonDuration -ComputerName $Computer -IncludeRemoteInteractive -
Verbose | FT -AutoSize
}
Related
I am trying to identify some orphan server's, these are windows servers in active directory I have a domain list of about 100 domain, I'm try to write a script where I can input a server name and it searches the domain names which I have stored in a text file, any assistance would be appriciated.
You can do the following
Get the content of the file with - Get-Content C:\temp\file.txt
Do foreach loop for every server
Try to ping the server using Test-Connection
Use Get-ADComputer to pull computer object from AD and check when is the last time it updated it's password
If password is not changed in the last 30 days, append the computer name and Password Last Set date in orphan.csv file.
$serverlist = Get-Content C:\temp\file.txt
foreach ($server in $serverlist)
{
if (-not (Test-Connection -Ping $server -Count 1 -Quiet))
{
Get-ADComputer $server -Properties PasswordLastSet |
Where {$_.Passwordlastset -le (Get-date).AddDays(-30)} |
Select-Object Name,PasswordLastSet |
Export-CSV C:\temp\orphan.csv -append -force -NoTypeInformation
}
}
I am trying to write a simple script to scan through a list of workstations, pull their local user info, and export it to a CSV. The code works for doing that, but I am having trouble including any identifier of what workstation the information is related to. At the moment I just get a large list of users and their info.
$computerList = gc "C:\Temp\ComputerList.txt"
ForEach ($Computer in $computerList){
Get-LocalUser | Export-Csv C:\temp\passUser.csv -NoTypeInformation -Append }
You need to add the property Computer to the objects that are output from Get-LocalUser.
Also, you are currently running Get-LocalUser on your own local machine in each iteration.
Try
$computerList = Get-Content "C:\Temp\ComputerList.txt"
Invoke-Command -ComputerName $computerList -ScriptBlock {
Get-LocalUser |
Select-Object #{Name = 'Computer'; Expression = {$env:ComputerName}}, *
} | Export-Csv -Path C:\temp\passUser.csv -NoTypeInformation
Invoke-Command can take an array of computernames.
It also has a -Credential parameter with which you can specify the credentials of a user that has permissions to perform the actions inside the scriptblock
I need to get the name and size of the file that has been sent to printer. So I need to get info about it BEFORE file is printed.
I have tried to work with files in Windows\System32\spool\PRINTERS, but I can't get any info from .SHD and .SPL files even if I pause the print work.
I started to look for some solution using Get-WmiObject -Class Win32_Printer.
Is it a correct approach? Maybe I should use some particular methods or something?
I tried this code, but it shows a mistake
$comp = $(Get-WmiObject Win32_Computersystem).Name
if ( (Get-ChildItem C:\Windows\System32\spool\PRINTERS | Measure-Object).Count -ne 0)
{
Get-WmiObject -Class win32_service -filter 'name="spooler"' -ComputerName $comp | Invoke-WmiMethod -Name StopService | out-null
$name = $(Get-WmiObject Win32_PrintJob).Document
$size = $(Get-WmiObject Win32_PrintJob).Size
$time = $(Get-WmiObject Win32_PrintJob).StartTime
"$comp,$name,$size,$time" | Out-file C:\Scripts\PrintJobs.csv -Append
Set-Service spooler -ComputerName $comp -Status Running
}
What is wrong?
PowerShell is a new thing for me and for now I'm totally lost with this task
Unless you know when to run the powershell I don't see how you can get this information "Before" the print job is sent. You would have to keep the spooler "Paused" and then when the script is run set it to Running and then pause it again until the next time the script is run.
one thing is that "Get-WmiObject Win32_PrintJob" will most likely return a collection of all current spooled jobs. so your code should look something like this to get the information you are looking for:
$comp = $(Get-WmiObject Win32_Computersystem).Name
$jobs=Get-WmiObject Win32_PrintJob
$jobInfo = $jobs | ForEach-Object {"$comp,$($_.Document),$($_.Size),$($_.StartTime)"}
$jobInfo | Out-file C:\Scripts\PrintJobs.csv -Append
I am creating a script that pulls all of the date and time information from our servers. The script gets the servers from a text file. I am having is getting the output of a script to be written to a text file.
I tried using a pipe with Out-File like so:
$servers = gc "C:\Users\Public\Shell_NTP\TestList.txt"
foreach ($server in $servers){
$dt = gwmi win32_operatingsystem -computer $server
$dt_str = $dt.converttodatetime($dt.localdatetime)
write-host "$($server) current local time is $($dt_str)" | Out-File
"C:\Users\Public\Shell_NTP\TestListOutput.txt"
Then I tried the simple carrot output like so:
$servers = gc "C:\Users\Public\Shell_NTP\TestList.txt"
foreach ($server in $servers){
$dt = gwmi win32_operatingsystem -computer $server
$dt_str = $dt.converttodatetime($dt.localdatetime)
write-host "$($server) current local time is $($dt_str)" >
C:\Users\Public\Shell_NTP\TestListOutput.txt
And that did not work either. So any help or advice would be excellent.
TL;DR Trying to get the powershell output into a text file or some other more usable file format.
Don't use write-host - use write-output
write-host will only output your string to the console, the data will not be passed along the pipleline.
You don't need to use write-output you can just
"text" | Out-File ...
into a text file or some other more usable file format
CSV is a more usable format. The format you're writing is something you will have to process again to get the data back out of the text. CSV you can just Import-Csv to get it back. Or open in Excel, etc.
gc "C:\Users\Public\Shell_NTP\TestList.txt" | ForEach {
$dt = gwmi win32_operatingsystem -Computer $_
[PSCustomObject]#{
'ServerName' = $_
'DateTime' = $dt.converttodatetime($dt.localdatetime)
}
} | Export-Csv C:\Users\Public\Shell_NTP\TestListOutput.csv -NoTypeInformation
When using this code:
$Prodservers = Get-ADComputer -Filter {OperatingSystem -like '*Server*'} -SearchScope Subtree -SearchBase $ProdSB -Server $DCprod -Credential $ProdCred -ErrorAction SilentlyContinue |
select -Expand DnsHostname
foreach ($P in $Prodservers) {
[PSCustomObject]#{
Hostname = $P
'Support team' = (Invoke-Command -ComputerName $P -ScriptBlock {$env:supportteam} -Credential $ProdCred)
'Local Admins' = (Invoke-Command -ComputerName $P -ScriptBlock {$ADSIComputer = [ADSI]('WinNT://localhost,computer');$lgroup = $ADSIComputer.psbase.children.find('Administrators', 'Group');$lgroup.psbase.invoke('members') | % {$_.GetType().InvokeMember('Name', 'GetProperty', $null, $_, $null)}} -Credential $ProdCred)
'Host Reachable' = [bool](Invoke-Command -ComputerName $P -ScriptBlock {1} -Credential $ProdCred)
}
}
This works, however an group membership of more than two members in the local administrators group returns similar to this:
{Administrator, Domain Admins, Prod Server Admin...
How would I expend the output to show the full membership?
Also after pointers for selecting only certain groups that match group name x or y or return True is group x is present etc.
You might be running into output display formatting issues, where the column data exceeds the displayable width in table format in PowerShell.
You can try use the Format-List cmdlet to display things in a list instead to see if your local administrators group with multiple members displays correctly. Check out the link above to see how it helps, but a basic example of using it would be:
Get-Service | Format-List
As for your filtering question, it looks like you're using reflection to invoke methods that collect that data, so it would be harder to use PS cmdlets to help there, so I would suggest getting that data as you do now, but do it separately, into a temporary variable, then filter the data there selecting your specific groups you want using something like this to match your group names, and in the if statement, put the relevant data into another variable, which you then use for your final output.
if ($item -match "groupNameX") { #Then... }
Finally worked it out.
Came across this answer.
First, found a script block that outputted the memberships as a PSObject property:
$SB = {
$members = net localgroup administrators |
where {$_ -AND $_ -notmatch "command completed successfully"} |
select -skip 4
New-Object PSObject -Property #{
Members=$members
}
}
Then modified the local admins column:
'Local Admins' = $admins.Members -join ','
The output is still truncated, however now instead of export-CSV showing the column contents as System.Object[] it now shows the full output with the separator specified in -join.