I have few Windows Server 2012 R2 with RDS installed and I need to have function which returns array or object with users and their session IDs on specified server. I need to run this function with non-admin permissions. On the session hosts I ran this command:
wmic /namespace:\\root\CIMV2\TerminalServices PATH Win32_TSPermissionsSetting WHERE (TerminalName ="RDP-Tcp") CALL AddAccount "domain\group",2
...so the users have elevated permissions and now they can use RDS shadowing through command line. The ID which I need is the session ID which I can get for example from command "quser". The best solution will be if I will have function which returns array (with logged on users on the specific server) like this (or something similar, maybe object):
LOGIN ID
user1 -> 3
user2 -> 4
user3 -> 5
I don't know if this function or these commands will solve my problem, however I tried them and this was the result:
I tried this:
http://gallery.technet.microsoft.com/scriptcenter/Get-UserSessions-Parse-b4c97837
but the command returns nothing.
This command:
WMIC /NODE:<COMPUTERNAME> COMPUTERSYSTEM GET USERNAME
returns only "UserName" and this:
Get-WmiObject Win32_ComputerSystem | Select UserName
..returns only "UserName" with underlines. I tried a lot of variations of WMI commands, but with similar results.
There's probably a half dozen scripts in various repositories around the 'net to do that.
I use this one:
http://gallery.technet.microsoft.com/scriptcenter/0e43993a-895a-4afe-a2b2-045a5146048a
gwmi -query "Select * from Win32_LogonSession where LogonType = 2" |
% {
$user = $_
gwmi -query "Associators of {$user} Where AssocClass=Win32_LoggedOnUser" | select *
}
Related
I run this command in my windows 10 powershell:
wmic path win32_physicalmedia get SerialNumber
get result with normal user permission:
SerialNumber
ACE4_2E81_7004_1B90.
get result with administrator permission:
SerialNumber
EJ82N176910102N4Q
I think EJ82N176910102N4Q is correct.
Why the two results are different?
Is there a way to convert ACE4_2E81_7004_1B90. to EJ82N176910102N4Q?
The command Get-WMIObject win32_physicalmedia|Format-List Tag,SerialNumber has the same problem.
I have a PID for which I want to check its username. I knew that we can use GetOwner(), but it is the valid method for Get-WmiObject Win32_Process. I am using Get-WmiObject -Class Win32_PerfRawData_PerfProc_Process in which there is no way to get username (as per I search online). So, I think to check PID separately is the only way to resolve this.
Can you please tell me how can I get the username of PID or get username inside Win32_PerfRawData_PerfProc_Process?
As it is described in this technet article :Technet you can use the code below.
In the last line you can put the process you want after the get-process command.
e.g. Get-Process outlook | select processname,Id,#{l="Owner";e={$owners[$_.id.tostring()]}}
$owners = #{}
gwmi win32_process |% {$owners[$_.handle] = $_.getowner().user}
Get-Process | select processname,Id,#{l="Owner";e={$owners[$_.id.tostring()]}}
The time it takes depends on how many services are currently running.
Your output will be like:
ProcessName Id Owner
----------- -- -----
OUTLOOK 13128 UserName
Hope that helps.
Kind regards.
I have a query in SCCM that will take a printer IP address and return all workstations in SCCM that have the printer installed on it. I am wanting to create a powershell script that will take said query and use the workstations that it returns to then list current print jobs in the print queue on the workstation.
I know that you can use Get-CIMInstance -query to query different things in WMI. That works well if I am trying to find out information locally. However if I dump the WQL query into a Here-String and assign it to a variable and then call it with Get-CIMInstance -query it returns an error saying invalid query. The same thing happens when I use Get-WmiObject -Namespace "root\wmi" -Query $WQlquery
So how would I be able to use the WQL query from SCCM in powershell? Here is an example of what I have so far:
$WQLquery = #"
select SMS_R_System.Name from
SMS_R_System inner join
SMS_G_System_PRINTER_DEVICE on
SMS_G_System_PRINTER_DEVICE.ResourceID =
SMS_R_System.ResourceId where
SMS_G_System_PRINTER_DEVICE.PortName like "10.10.10.10"
"#
Get-CIMInstance -query $WQLquery
Assuming that worked and returned a list of workstation ids, I would then use Get-Printjob cmdlet to list current jobs in each workstations print queue. I have found a few questions posted here already that have helped me get this far. Any additional help would be appreciated. Go easy on me, still a newb here.
You need to specify the namespace for the sccm site root\sms\site_SITECODE and the sccm-server if you're running it from a remote computer. Ex:
$WQLquery = #"
select SMS_R_System.Name from
SMS_R_System inner join
SMS_G_System_PRINTER_DEVICE on
SMS_G_System_PRINTER_DEVICE.ResourceID =
SMS_R_System.ResourceId where
SMS_G_System_PRINTER_DEVICE.PortName like "10.10.10.10"
"#
Get-WmiObject -Query $WQLquery -ComputerName "SCCMSERVER" -Namespace "root\sms\site_PRI"
I'm trying to retrieve some parameters from xenstore using WMI (specifically, I was hoping to use this script to change a VM IP address after it's created).
According to this article, it seems like I should just be able to do something like:
From the xenserver CLI:
xe vm-param-set uuid=e66660e9-85e1-1f99-3229-1dfa7d1065a8 xenstore-data:data/TempValue=test
then in a powershell script:
$base = gwmi -n root\wmi -cl CitrixXenStoreBase
$sid = $base.AddSession("MyNewSession")
$session = gwmi -n root\wmi -q "select * from CitrixXenStoreSession where SessionId=$($sid.SessionId)"
$output = $session.GetValue("data/TempValue").value
log "$output"
But that doesn't seem to retrieve the value that I expect.
One thing I noticed was if I set the value from a powershell script, it seems to consistently retrieve the value when I run the previous script:
$base = gwmi -n root\wmi -cl CitrixXenStoreBase
$sid = $base.AddSession("MyNewSession")
$session = gwmi -n root\wmi -q "select * from CitrixXenStoreSession where SessionId=$($sid.SessionId)"
$session.SetValue("data/TempValue","This is a string")
It seems to retain the set value across sessions, but when I go back to the CLI and attempt to find the value, I get nothing:
xe vm-param-list uuid=e66660e9-85e1-1f99-3229-1dfa7d1065a8 | grep TempValue
So what it boils down to is that I'd like to either:
Know how to retrieve a xenstore parameter in a WMI script after executing the xe vm-param-set command.
Know how to set a parameter in the xenserver CLI in the same way that $session.SetValue works in the above example.
Nevermind, looks like this was user error on my end. I was setting the values after the VM was already started. Looks like the parameters have to be set before the VM starts (or the VM should be restarted).
I'm trying to create wmi query to sccm to get PC, where was user's last logon.
Something like:
Get-WmiObject -namespace $SCCMNameSpace -computer $SCCMServer -query "select lastlogon, PCname from sms_? where LastLogonUserName='$SamAccountName'" | select lastlogon, PCname.
I can see this information in sccm report, but I don't know what class I have to use for a query. I'm using sms_r_system for getting IP and computer name.
Is anyone knew sccm class with this information or sql queries will be better for me?
Which report are you viewing the data with? You might want to open up the report's SQL code, figure out which ConfigMgr SQL views it's referencing, and then translate that to the SCCM WMI class names. The WMI class names closely correlate to the SQL view names.
Use a WMI browser like SAPIEN's free WMI Explorer GUI tool to help explore the root\sms\site_xyz WMI namespace and discover which class you are looking for. You can also use Windows PowerShell to help discover which class contains this property:
gwmi -name root\cimv2 -list | ? { ($_.Properties.Name -join ',') -match 'lastlogon' }
Note: Make sure you're using PowerShell version 3.0 Release Preview for the above command, otherwise it won't work right.