I'm writing a script to get the Username of any user logged on to any computer. It works fine with 2 Exceptions.
Here is the code:
$computername = Get-Content 'I:\NodeList\SWSL.txt'
Remove-item "I:\NodeList\UsersPC.txt"
foreach ($computer in $computername)
{
if(Test-Connection -Computername $Computer -BufferSize 16 -Count 1 -ea 0)
{
$Uinfo = gwmi win32_computersystem -comp $computer | select Username,Caption #,Manufacturer
$Uinfo | Out-File -Filepath "I:\NodeList\UsersPC.txt" -Append
Write-Host $Uinfo
}else{
Write-Host $computer " Is offline, not responing to ping"
$computer + " Is offline!" | Out-File -Filepath "I:\NodeList\UsersPC.txt" -Append
}
}
First the Output is:
USername Caption
-------- -------
BINYAN\Charlie SYD-WS04
But I would only like to have:
Charlie SYD-WS04
The domain is always the same, so I just need the username and the computer name, and NOT the headings or the "---"
2nd Problem is, we are a render farm and all renders are processed on a user account Called "Render".
For those computers I only get the computer name, Username is Blank.
This user account is a Domain user, but not in an OU like the others (Sydney, Melbourne, Brisbane).
It resides in the default "Users" folder in AD.
You could remove the domain name using a regex that replaces everything until and including a \: '.*?\\'
You get rid of the heading using select -expand or using a foreach loop where you select the properties using $_.PROPERTY
So your statement could look like this:
$Uinfo = gwmi win32_computersystem -comp $computer |
foreach { '{0} {1}' -f ($_.Username -replace '.*?\\'), $_.Caption }
I have no answer for / I dont understand your second question.
Related
get-content 'C:\assets.txt' | % {
$computer = $_
. 'c:\PSTools\PsLoggedon.exe' -accepteula -l -x \\$Computer 3>$null |
? {$_ -match '^\s{2,}((?<domain>\w+)\\(?<user>\S+))'} |
Select-Object `
#{n='Computer';e={$Computer}},
#{n='Domain';e={$matches.Domain}},
#{n='User';e={$Matches.User}} |
? user -notmatch '^Connecting$|^Users$|^NT$'
}
This is what I am using to get all of the currently logged on computers. Is there a way I can combine this with Get-ADUser so I ca pull straight from AD rather than from a txt document?
• Sorry, but currently there is no way through which you can integrate this ‘Psloggedon.exe’ utility with Active directory commands, i.e., ‘Get-AdUser’. But you can retrieve the details of currently logged on users on different computers in the network remotely by executing the below powershell function: -
‘ function Get-LoggedOnUser
{
[CmdletBinding()]
param
(
[Parameter()]
[ValidateScript({ Test-Connection -ComputerName $_ -Quiet -Count 1 })]
[ValidateNotNullOrEmpty()]
[string[]]$ComputerName = $env:COMPUTERNAME
)
foreach ($comp in $ComputerName)
{
$output = #{ 'ComputerName' = $comp }
$output.UserName = (Get-WmiObject -Class win32_computersystem -ComputerName $comp).UserName
[PSCustomObject]$output
}
} ‘
The above script will give you currently logged on users on several computer systems in the network that you pass on in place of ‘COMPUTERNAME’ as below. Please note that you must give a list of computers separated by commas when using the above script for multiple computer systems.
If you have AD in your environment, then you can check the Domain Controller logs to see when an Active Directory user account logs on and it will also tell the machine that the user is logged onto. Refer the below links for more on this: -
http://technet.microsoft.com/en-us/library/cc787176(v=ws.10).aspx
http://technet.microsoft.com/en-us/library/bb742435.aspx
http://www.windowsecurity.com/articles/deciphering-authentication-events-domain-controllers.html
Also, find the below link for more information and reference on the above: -
https://4sysops.com/archives/how-to-find-a-logged-in-user-remotely-using-powershell/
Powershell script to see currently logged in users (domain and machine) + status (active, idle, away)
You would use PowerShell's Get-ADComputer to do this job, not Get-ADUser. Here's a script which does all this work for you. The below mainly lifted from the public domain here and only slightly modified. It pulls and pipes all AD domain computers into C:\Computers.txt, then PS-remotes into each computer in that list to find the logged in, interactive user, and their last login date. Gives you a report file named C:\LoggedOnResults.txt in a nice tabled format.
# Finds and pipes all AD domain computers into Computers.txt, then PS-remotes into each computer in the list to find the logged in, interactive user, and their last login date. Generates a report file named C:\LoggedOnResults.txt, in a nice tabled format.
# Deletes the current file C:\Computers.txt (if it exists)
$FileName = "C:\Computers.txt"
if (Test-Path $FileName) {
Remove-Item $FileName
write-host "$FileName has been deleted"
}
else {
Write-host "$FileName doesn't exist"
}
# 0. Capture all AD computers into a text file named Computers.txt
# importing dependancy, assuming it's already installed.
# Install RSAT for Windows workstation, AD DS role for Windows Server if missing
Import-Module "ActiveDirectory"
Get-ADComputer -Filter {(OperatingSystem -like "*windows*") -and (Enabled -eq "True")} | Select -Expand Name | Out-File "C:\Computers.txt"
# 1. Create scriptblock to target computer will execute
$SB = {
$explorerprocesses = #(Get-WmiObject -Query "Select * FROM Win32_Process WHERE Name='explorer.exe'" -ErrorAction SilentlyContinue)
if ($explorerprocesses.Count -eq 0) {
New-Object -TypeName PSObject -Property #{
ComputerName = $env:COMPUTERNAME;
Username = [string]::Empty
LoggedOnSince = [string]::Empty
}
} else {
foreach ($i in $explorerprocesses) {
$Username = $i.GetOwner().User
$Domain = $i.GetOwner().Domain
New-Object -TypeName PSObject -Property #{
ComputerName = $env:COMPUTERNAME ;
Username = '{0}\{1}' -f $Domain,$Username ;
LoggedOnSince = ($i.ConvertToDateTime($i.CreationDate)) ;
}
}
}
} # endof scriptblock
# 2. Create an empty array to store results
$results = #()
# 3. Query target computers using PSRemoting
Get-content "C:\Computers.txt" | ForEach-Object -Process {
$computer = $_
try {
$results += Invoke-Command -ComputerName $Computer -ScriptBlock $SB -ErrorAction Stop
} catch {
Write-Warning -Message "Faild to use PSremoting on $Computer because $($_.Exception.Message)"
}
}
# 4. Display the results
$results | Select ComputerName,Username,LoggedOnSince | ft -AutoSize
# 5. Send results to a text file
$results | Select ComputerName,Username,LoggedOnSince | ft -AutoSize | Out-File -FilePath "C:\LoggedOnResults.txt"
(I am a newbie to PS who has mostly used VBS and Batch so I am still working on following PS scripts)
I need to delete most (but not all) domain accounts off of all 500 of our systems.
Some of these are from a specific list.
Some follow a generic format *21, *19, etc...
I can find scripts that will let me delete a specific user account but I can't figure out how to pass it the long list or use the wildcards...
This one seems promising if I can figure out how to get the values need in it...
:: This Script taken from https://www.nextofwindows.com/delete-user-profiles-on-a-remote-computer-in-powershell
$Computer = Read-Host "Please Enter Computer Name: "
$user = Read-Host "Enter User ID: "
Invoke-Command -ComputerName $computer -ScriptBlock {
param($user)
$localpath = 'c:\users\' + $user
Get-WmiObject -Class Win32_UserProfile | Where-Object {$_.LocalPath -eq $localpath} |
Remove-WmiObject
} -ArgumentList $user
It sounds like you are most of the way there. Just use some pipelines and a foreach loop or two.
This will attempt to remove all users in the list from all computers in the list:
# define function that takes user list from pipeline
function Remove-User {
[cmdletBinding()]
param(
[Parameter(ValueFromPipeline=$true,Mandatory=$true)]
[string]
$user,
[Parameter(Mandatory=$true)]
[string]
$computer
)
process {
# copied from question
Invoke-Command -ComputerName $computer -ScriptBlock {
Get-WmiObject -Class Win32_UserProfile |
Where-Object { $_.LocalPath -eq "c:\users\${$user}" } |
Remove-WmiObject
} -ArgumentList $user
}
}
# get your lists whatever way makes sense
$userList = Import-Csv -Path "users.csv" -Delimiter ','
$computerList = Import-Csv -Path "computers.csv" -Delimiter ','
# call function to remove all users for each computer
$computerList | ForEach-Object {
$userList | Remove-User -computer $_
}
I'm not sure where you get your list from, but I used a csv just because.
*note: This is going off the assumption that the Invoke-Command portion of code from nextOfWindows does what it says
I've been given a task to get A list of machines that include T44, T45, T46, T48 in the name /with the usernames of the last people to log on to them then export them on to and .CSV.
I've been doing it a long way...
Getting a list of the machines -Like "T44" then querying against them via Get-WMI...
This is what I have:
Clear-Host
$T440 = Get-Content -Path C:\Users\khalifam\Desktop\Winver\T440.txt
$Results = foreach ($computer in $T440) {
# test if the compurer is on-line
if (!(Test-Connection -ComputerName $computer -Count 1 -Quiet)) {
Write-Warning "Computer '$computer' is off-line."
# skip this computer and carry on with the next iteration
continue
}
Get-WmiObject –ComputerName $computer –Class Win32_ComputerSystem | Select Username, PSComputerName
}
$Results |
Export-Csv -Path C:\Users\khalifam\Desktop\T440Names.csv
I'm trying to modify a script that is supposed to list out all the computers within a domain, and if there is someone logged in on said computer it should show the username for the account.
The script works fine, but i got a little esthetic problem. Is there a way to turn the return data (for those computers and servers thats online) into another color?
Here is my current script:
function Check-Domain {
Get-ADComputer -Filter * |
Select-Object -ExpandProperty Name |
ForEach-Object {
$computer = $_
$pingme = Test-Connection -ComputerName $computer -Quiet -Count 1
if ($pingme -eq $true) {
Invoke-Command -ComputerName $computer -ScriptBlock {
Get-WmiObject Win32_ComputerSystem |
Select-Object Username, Name }
} else {
Write-Host "$computer - OFF" -ForegroundColor Red
}
} | Format-Table
}
Sure, that's easy enough. Just wrap the command up in a sub-expression and use Write-Host just like you do with the offline servers.
{Write-Host $(Invoke-Command -ComputerName $computer -ScriptBlock { Get-WmiObject win32_computersystem | Select-Object username, name}) -ForegroundColor Green}
It'll execute the script inside the $() first, and then apply it's output to the Write-Host so that you can format it as desired. For output consistency, especially when it's just outputting text to the host, I personally like to use formatted strings. When used in combination with the -NoNewLine switch for Write-Host you can get some really sharp looking results.
You can edit this part - this stores the result of Invoke-Command in a variable, and outputs it with the color you like with Write-Host:
if ($pingme -eq $true) {
$result = Invoke-Command -ComputerName $computer -ScriptBlock {
Get-WmiObject Win32_ComputerSystem | Select-Object Username, Name
}
Write-Host $result -ForegroundColor Green
}
I'm new to PowerShell and I'm attempting to write a script that will query AD for machine names, check which ones are responding and write the output into a file. So far I have this:
$computers = Get-ADComputer -filter {(Name -like "PC*")} | Select-Object -Property Name
foreach ($computer in $computers) {
if((Test-Connection -Cn $computer -BufferSize 16 -Count 1 -Ea 0 -Quiet)) {
"Machine $computer connected." | Out-File "out.txt" -Append
} else {
"Machine $computer not connected." | Out-File "out.txt" -Append
} #end if
} #end foreach
What I get in the output text file looks like the following:
...
Machine #{Name=PC-0649} not connected.
Machine #{Name=PC-1541} not connected.
Machine #{Name=PC-1574} not connected.
...
I think my problem lies with the Select-Object -Property Name part of the first line. Running the debugger, it looks like PowerShell is formatting each iteration of $computer to include the header line.
[DBG]: PS Y:\>> $computer
Name
----
PC-0649
What's the best way for me to strip out everything except the PC-#### part in this situation?
I think your problem is that you still have a list of (truncated) computer objects in $computers. Verify this by doing $computers[0].GetType(). If you don't see String, it's not a string. :) Try this instead:
$computers = Get-ADComputer -filter {(Name -like "PC*")} |
Select-Object -ExpandProperty Name