#150009 - 2005-10-15 12:54 AM
Best way to detect the logged-in user.
|
sixdoubleo
Starting to like KiXtart
Registered: 2004-02-06
Posts: 118
Loc: California, US
|
I have a scheduled maintenance script that runs as a service account. It runs at logon and every hour. I would like it to know who the logged-in user is on the workstation. Anybody have a good way to do this???
My current method is for the logon script to simply do a writeprofilestring("userinfo.ini","UserInfo","UserID",@USERID) to a known location and then have the maintenance script pick this up. But I have some timing issues at logon where the maintenance script is firing off faster than the user's logon script and picking up the PREVIOUS logged in user.
I'm thinking I need a different way of doing this. I seem to remember some command (maybe in the resource kit) which will list all the terminal and console login sessions. I could parse this I thought.
Ideas?
|
|
Top
|
|
|
|
|
#150012 - 2005-10-15 02:16 AM
Re: Best way to detect the logged-in user.
|
sixdoubleo
Starting to like KiXtart
Registered: 2004-02-06
Posts: 118
Loc: California, US
|
Quote:
and ofcourse you can check for the loaded user hives.
something like:
for each $key in $HKEY_USERS_KEYS
as only the logged in user's key is loaded.
Hmmm, I'm not familiar with how you check which hive is loaded... Do I compare something in there with a value in HKCU???
Also, how can I tell the difference between an account logged on locally vs a service account (like the one my script is running as)??
Thanks for the suggestions.
|
|
Top
|
|
|
|
|
#150013 - 2005-10-15 04:44 AM
Re: Best way to detect the logged-in user.
|
Howard Bullock
KiX Supporter
Registered: 2000-09-15
Posts: 5809
Loc: Harrisburg, PA USA
|
This is discussed on my web page.
http://home.comcast.net/~habullock/kix_solutions.htm
The solution provided uses my Win32Admin.DLL version 3. The script also uses IFF so you will need to use a version of KiXtart that support IIF. I also hard coded my computer name in the script. You will have to remove or change it.
Code:
break on
$Win32Admin = createobject("Win32Admin")
if vartypename($Win32Admin) <> "Object"
? "@serror"
endif
; Requires KiXtart 4.02 or higher
; You can define the $Computer variable here or an the command line.
;
; Syntax: Kix32 ListLoggedOnUsers.kix $Computer="Name"
;
; Note that if your computer name is like "1 something" the command line
; option may not work
;
If VarTypeName($Computer) = 'Empty'
$Computer = ""
Endif
$Computer = "bullockha3"
;Create VBS Dictionary Object
$oDict = CreateObject("Scripting.Dictionary")
; Method EnumTrustedDomains(optional $Server)
; Returns an array of dictionary objects
; Keys: (sid, name)
; If a server name is specified, the enumeration is based
; on the domain where the server resides. If no server is supplied,
; then the computer where the script is executing will be used by
; default.
$Domains = $Win32Admin.EnumTrustedDomains($Win32Admin.GetAnyDC(@domain, @wksta))
if @error = 0
for each $Domain in $Domains
$oDict.Add($Domain.sid, $Domain.name)
;uncomment to see the values
;---------------------------
;Dim $keys, $Value
;$keys = $Domain.keys
;for each $key in $keys
; $Value = $Domain.get($key)
; ? $key + " = " + $Value
;next
;?
next
else
? "Error: @error @serror"
endif
For Each $key In fEnumKey($Computer, "HKEY_USERS")
Dim $acct
If Left($key,3) = "S-1" and Instr($key,"_") = 0
$DomainSid = Left($key,instrrev($key,"-")-1)
$Info = $Win32Admin.LsaLookupSids ($Computer, $key)
if @error = 0
for each $item in $Info
;uncomment to see the values
;---------------------------
;$keys = $item.keys
;for each $key in $keys
; $Value = $item.get($key)
; ? $key + " = " + $Value
;next
;?
; Note: Be careful here as if you pass more than one SID to
; LsaLookupSids you will get back more than $item.
$Account = $item.name
$Domain = $oDict.Item($DomainSid)
? "" + $Domain + IIF($domain, "\", "") + $Account
next
else
? "Error: @error @serror"
endif
; $acct = SidToName($key)
; If $acct = ''
; $acct = 'Sid from unknown SAM database.'
; Endif
; ? $key + " - " + $acct
Endif
Next
exit 0
;FUNCTION fEnumKey($Computer, $Key)
;
;AUTHOR Howard A. Bullock (habullock@comcast.net)
;
;ACTION Enumerates registries keys on the specified computer.
;
;SYNTAX fEnumKey($Computer, $Key)
;
;PARAMETERS $Computer (Required) - String value
; $Key (Required) - String value
;
;REMARKS Do not prefix the computer name with "\\"'s.
;
;RETURNS Array of keys names.
;
;DEPENDENCIES KiXtart 4.02
;
;EXAMPLES fEnumKey("", "HKEY_USERS")
; fEnumKey("Remote1", "HKEY_USERS")
;
Function fEnumKey($Server, $Key)
Dim $Index, $Error
$Index = 0
Dim $KeyName[$Index]
If $Server <> ""
$Key = "\\" + $Server + "\" + $Key
Endif
If KeyExist($Key)
Do
$KeyName[$Index] = ENUMKEY($Key, $Index)
$Error = @Error
If NOT $Error
$Index = $Index + 1
ReDim PRESERVE $KeyName[$Index]
Else
$Index = $Index - 1
ReDim PRESERVE $KeyName[$Index]
Endif
Until $Error
Else
$KeyName[0] = ""
Exit 2
Endif
$fEnumKey = $KeyName
Exit 0
Endfunction
|
|
Top
|
|
|
|
|
#150016 - 2005-10-17 07:01 PM
Re: Best way to detect the logged-in user.
|
sixdoubleo
Starting to like KiXtart
Registered: 2004-02-06
Posts: 118
Loc: California, US
|
Quote:
If you want to know who is logged on to the machine, why not just enumerate your local processes?
If you ignore all the daemon process owners what's left will be the user(s).
If you run full desktops it's even easier - you just need to look for any "explorer.exe" processes.
I like that idea. So pardon the question, but what is the best way to enumerate all explorer.exe's and grab the user? I've done a search and see an example using cmdow.exe but I;d like to avoid any outside executibles if I can.
tasklist /FI would work, but I dont get the user name on that.
|
|
Top
|
|
|
|
|
#150017 - 2005-10-17 07:26 PM
Re: Best way to detect the logged-in user.
|
Radimus
Moderator
Registered: 2000-01-06
Posts: 5187
Loc: Tampa, FL
|
$computer = 'computername'
$id = WMIQuery('CSName', 'Win32_Process', $computer ,'Description','explorer.exe')
for each $proc in $id
? $proc
next
using the WMIQuery() UDF
Edited by Radimus (2005-10-17 07:27 PM)
|
|
Top
|
|
|
|
|
#150019 - 2005-10-17 09:13 PM
Re: Best way to detect the logged-in user.
|
NTDOC
Administrator
Registered: 2000-07-28
Posts: 11631
Loc: CA
|
KiXtart doesn't support the OUT parameter of .GetOwner on the Win32_Process query.
The example here in VBScript works great, but KiXtart doesn't support that paramter. I've posted in the Suggestions to see if it's possible to be added to KiXtart in the future.
http://msdn.microsoft.com/library/defaul...n32_process.asp
|
|
Top
|
|
|
|
#150020 - 2005-10-17 09:23 PM
Re: Best way to detect the logged-in user.
|
Radimus
Moderator
Registered: 2000-01-06
Posts: 5187
Loc: Tampa, FL
|
|
|
Top
|
|
|
|
|
#150021 - 2005-10-17 11:20 PM
Re: Best way to detect the logged-in user.
|
sixdoubleo
Starting to like KiXtart
Registered: 2004-02-06
Posts: 118
Loc: California, US
|
So where does that leave me??? If I can't grab the name of the user running the process that method wont work.  Hmm...
|
|
Top
|
|
|
|
|
#150022 - 2005-10-17 11:49 PM
Re: Best way to detect the logged-in user.
|
Radimus
Moderator
Registered: 2000-01-06
Posts: 5187
Loc: Tampa, FL
|
$id = WMIQuery('Name','Win32_ComputerSystem',$computer)
for each $proc in $id
? $proc
next
|
|
Top
|
|
|
|
|
#150023 - 2005-10-18 01:02 AM
Re: Best way to detect the logged-in user.
|
sixdoubleo
Starting to like KiXtart
Registered: 2004-02-06
Posts: 118
Loc: California, US
|
Quote:
$id = WMIQuery('Name','Win32_ComputerSystem',$computer)
for each $proc in $id
? $proc
next
What is that supposed to do? When I run it, it returns my workstation name.
|
|
Top
|
|
|
|
|
#150024 - 2005-10-18 01:24 AM
Re: Best way to detect the logged-in user.
|
Radimus
Moderator
Registered: 2000-01-06
Posts: 5187
Loc: Tampa, FL
|
what value are you giving $computer
|
|
Top
|
|
|
|
|
#150026 - 2005-10-18 01:39 AM
Re: Best way to detect the logged-in user.
|
NTDOC
Administrator
Registered: 2000-07-28
Posts: 11631
Loc: CA
|
also...
Quote:
UserName
Data type: string
Access type: Read-only
Name of a user that is logged on currently. This property must have a value. In a terminal services session, UserName returns the name of the user that is logged on to the console—not the user logged on during the terminal service session.
|
|
Top
|
|
|
|
|
#150027 - 2005-10-18 01:51 AM
Re: Best way to detect the logged-in user.
|
Radimus
Moderator
Registered: 2000-01-06
Posts: 5187
Loc: Tampa, FL
|
Quote:
Quote:
$id = WMIQuery('Name','Win32_ComputerSystem',$computer)
for each $proc in $id
? $proc
next
What is that supposed to do? When I run it, it returns my workstation name.
This works just fine... It is what we use in SIM
|
|
Top
|
|
|
|
|
#150028 - 2005-10-18 02:08 AM
Re: Best way to detect the logged-in user.
|
sixdoubleo
Starting to like KiXtart
Registered: 2004-02-06
Posts: 118
Loc: California, US
|
Quote:
what value are you giving $computer
$computer = @WKSTA
|
|
Top
|
|
|
|
Moderator: Arend_, Allen, Jochen, Radimus, Glenn Barnas, ShaneEP, Ruud van Velsen, Mart
|
1 registered
(mole)
and 759 anonymous users online.
|
|
|
