WMIQuery() Problem and Remote Registry (Update) - KiXtart.org - official site

You are not logged in. [Log In] KiXtart.org website » Forums » KiXtart » Lounge » WMIQuery() Problem and Remote Registry (Update)

Page 1 of 2

1

Topic Options

#166601 - 2006-08-30 04:00 PM WMIQuery() Problem and Remote Registry (Update)
private_meta private_meta Getting the hang of it Registered: 2006-07-27 Posts: 80 Loc: Austria	Edit: Remote Registry Problem solved! WMIQuery still a problem :'( I've been working with WMIQuery() longer, a smaller version of it tho. I've switched now from woring with a domain to working with workgroups (different company) so i want to make an inventory script that makes remote WMI-Queries Since most of the Users on these Computers in the Company have the same Password and there is one Administrator user set up on all of the computers i thought i could now access the other computers easily with WMIQuery, but as some of the computers have different passwords for their users i wanted to do it with the admin user. Code: FOR EACH $obj IN WMIQuery("MacAddress","Win32_NetworkAdapter","PC103","AdapterType","Ethernet 802.3",,"Administrator","<password>") ? $obj NEXT The Company has mostly empty passwords for mere users, so whenever i need a password and another user for it, it doesn't work, it cannot connect Anyone here who knows what i can try? greets meta P.S.: (edit/update) Talking about remotely getting information: is there a way to access the remote registry of another user with a different username/password? I was not able (again) to find anything of value for that. Edited by private_meta (2006-08-31 05:13 PM) _________________________ -=If you absolutly believe you can make up talent with hard work, there is no limit to what you can't achieve.=-
Top

#166602 - 2006-08-30 05:09 PM Re: WMIQuery() Problem
Witto Witto MM club member Registered: 2004-09-29 Posts: 1828 Loc: Belgium	Poor lad. Workgroup approach. I hope the company does not have too much computers. I think you will need your own admin account, in the (local) Administrator group, WITH password on every computer. To keep it easy, you will want to set the same secret on every computer. Didn't Microsoft change something about logon with empty password being denied.?
Top

#166603 - 2006-08-30 05:11 PM Re: WMIQuery() Problem
private_meta private_meta Getting the hang of it Registered: 2006-07-27 Posts: 80 Loc: Austria	First: All normal workstations here are Win2k Computers, Laptops mostly winxp Second: There IS a Administrator User on every machine that has the same password Third: i tried to access the computers via this user but it did not work, the WMIQuery-Script returned nothing _________________________ -=If you absolutly believe you can make up talent with hard work, there is no limit to what you can't achieve.=-
Top

#166604 - 2006-08-30 10:12 PM Re: WMIQuery() Problem
NTDOC NTDOC Administrator Registered: 2000-07-28 Posts: 11629 Loc: CA	You may have to check in DCOMCNFG and find out what launch and excute rights are on the name space and for specific objects. You may also want to try using WMIConfirm() to make sure if or what error you get from connecting. Edited by NTDOC (2006-08-30 10:13 PM)
Top

#166605 - 2006-08-30 11:02 PM Re: WMIQuery() Problem and Remote Registry (Update)
Witto Witto MM club member Registered: 2004-09-29 Posts: 1828 Loc: Belgium	Quote: is there a way to access the remote registry of another user with a different username/password? Is it this what you are looking for? - The NTUSER.DAT file should be closed (the user should have logged off) - Connect to the computer (p.e. "NET USE \\ComputerName Password /USER:ComputerName\AdminAccount") - Open regedit, position on HKEY_USERS and go to File -> Load Hive... - Browse to \\ComputerName\C$\Documents and Settings\UserName\NTUSER.DAT, provide a name. - Do not forget to UNLOAD HIVE afterwards, before user logs on again
Top

#166606 - 2006-08-31 10:16 AM Re: WMIQuery() Problem and Remote Registry (Update)
private_meta private_meta Getting the hang of it Registered: 2006-07-27 Posts: 80 Loc: Austria	NTDOC: Well... I've got it to the trade-off that, after i've set rights for a specific user, i have to be logged in as exactly THIS user on the machine that runs the script, so that i can access the remote WMI Witto: Do i have to do this one time only on the machines where i need the access on a different user? _________________________ -=If you absolutly believe you can make up talent with hard work, there is no limit to what you can't achieve.=-
Top

#166607 - 2006-08-31 11:06 AM Re: WMIQuery() Problem and Remote Registry (Update)
Witto Witto MM club member Registered: 2004-09-29 Posts: 1828 Loc: Belgium	Quote: is there a way to access the remote registry of another user with a different username/password? If I understand well, you want to do someting in the HKEY_CURRENT_USER part of the registry of a user, eventually with elevated rights. Is that right?
Top

#166608 - 2006-08-31 11:12 AM Re: WMIQuery() Problem and Remote Registry (Update)
private_meta private_meta Getting the hang of it Registered: 2006-07-27 Posts: 80 Loc: Austria	It's HKEY_LOCAL_MACHINE i want HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\ This keybase and it's subkeys i need for my software audit _________________________ -=If you absolutly believe you can make up talent with hard work, there is no limit to what you can't achieve.=-
Top

#166609 - 2006-08-31 11:40 AM Re: WMIQuery() Problem and Remote Registry (Update)
Witto Witto MM club member Registered: 2004-09-29 Posts: 1828 Loc: Belgium	Well, in that case, the user will not have to log of. - Connect to the computer (p.e. "NET USE \\ComputerName Password /USER:ComputerName\AdminAccount") - Open regedit and go to File -> Connect Network Registry... - Type "ComputerName" in the pop-up window - To disconnect afterwards, you can p.e. right-click the ComputerName and click on Disconnect in the pop-up menu If you want to automate a software audit, I presume you can p.e. use Code: Break On $Index = -1 Do $Index = $Index + 1 $Keyname = EnumKey("\\ComputerName\HKEY_LOCAL_MACHINE",$Index) ? $Keyname Until NOT $Keyname
Top

#166610 - 2006-08-31 11:47 AM Re: WMIQuery() Problem and Remote Registry (Update)
private_meta private_meta Getting the hang of it Registered: 2006-07-27 Posts: 80 Loc: Austria	The Automation of the Software Audit is not my problem I need the automation of the remote registry access... Can i do that by scripting the "NET USE \\ComputerName Password /USER:ComputerName\AdminAccount"??
Top

#166611 - 2006-08-31 12:02 PM Re: WMIQuery() Problem and Remote Registry (Update)
Witto Witto MM club member Registered: 2004-09-29 Posts: 1828 Loc: Belgium	Quote: This keybase and it's subkeys i need for my software audit Quote: The Automation of the Software Audit is not my problem I do not get it totally... Quote: I need the automation of the remote registry access... Can i do that by scripting the "NET USE \\ComputerName Password /USER:ComputerName\AdminAccount"?? IMHO, yes, why not. I think the only problem you have is that you do not have directly access to (almost) everything like an administrator in a domain. You will always have to provide local administrator credentials per computer. Maybe you can first try what I said and see if it suites you. Good luck. Code: Break on Shell '%COMSPEC% /c net Use \\ComputerName Password /user:ComputerName\AdminAccount > NUL' $Index = -1 Do $Index = $Index + 1 $Keyname = EnumKey("\\ComputerName\HKEY_LOCAL_MACHINE",$Index) If $KeyName ? "-" + ($Index + 1) +": " + $Keyname EndIf Until NOT $Keyname Shell '%COMSPEC% /c net Use \\ComputerName /d > NUL' Edited by Witto (2006-08-31 12:26 PM)
Top

#166612 - 2006-08-31 01:35 PM Re: WMIQuery() Problem and Remote Registry (Update)
private_meta private_meta Getting the hang of it Registered: 2006-07-27 Posts: 80 Loc: Austria	Ok... the registry stuff works, thanks, witto NTDOC: The only thing still remains is that i somehow cannot connect to the WMI of WinXP Computers. I'm running the script from a WIN2K-Computer. The Firewall on the winxp is not a problem, the RPC-Services are all turned on, but it just doesn't work, it gives me an "ERROR 1722", the RPC-Server was not found. When I try to access it/run the script from another winxp-computer it gives me access denied (error 5, though i have the right user/pwd typed in)
Top

#166613 - 2006-08-31 01:44 PM Re: WMIQuery() Problem and Remote Registry (Update)
Witto Witto MM club member Registered: 2004-09-29 Posts: 1828 Loc: Belgium	About the WMIQuery Did not try this, just some suggestions. 1) What if you also put "Shell '%COMSPEC% /c net Use \\ComputerName Password /user:ComputerName\AdminAccount > NUL'" in front 2) I see in the first post you just write "Administrator". What if you change this to "ComputerName\AdminAccount"? Do not forget the password. Edited by Witto (2006-08-31 01:56 PM)
Top

#166614 - 2006-08-31 02:01 PM Re: WMIQuery() Problem and Remote Registry (Update)
private_meta private_meta Getting the hang of it Registered: 2006-07-27 Posts: 80 Loc: Austria	Neither the first, nor the second approach work. TBH, instead of the command in 1) i actually had to use "NET USE \\$computer $password /USER:$computer\Administrator" instead of your line (here and in the attempts above) to make it even work 2) i tried in combination with 1 and without, didn't work either...
Top

#166615 - 2006-08-31 02:34 PM Re: WMIQuery() Problem and Remote Registry (Update)
Witto Witto MM club member Registered: 2004-09-29 Posts: 1828 Loc: Belgium	I tried the examples I gave you. They work (for me). Just changed the real computername, accountname and password with dummies. The only difference I see is you put the computername and the password in a variable and are using the local admin account. In your case, I would avoid using vars in strings and write something like: Code: Shell '%COMSPEC% /c net Use \\' + $Computer + ' ' + $Password + ' /user:ComputerName\AdminAccount > NUL'
Top

#166616 - 2006-08-31 02:44 PM Re: WMIQuery() Problem and Remote Registry (Update)
private_meta private_meta Getting the hang of it Registered: 2006-07-27 Posts: 80 Loc: Austria	The net use worked with the registry all the time, but it doesn't help me access that WMI on that other Computer (and yes, i tried the other "style" in your previous posting, it works, but not for WMI _________________________ -=If you absolutly believe you can make up talent with hard work, there is no limit to what you can't achieve.=-
Top

#166617 - 2006-08-31 03:44 PM Re: WMIQuery() Problem and Remote Registry (Update)
private_meta private_meta Getting the hang of it Registered: 2006-07-27 Posts: 80 Loc: Austria	There i have another question that fits to the current topic: I use the following fragment for getting the Drive names, sizes and free space of the computers in the network WMIQuery("Name","Win32_LogicalDisk",$computer,"DriveType",3) When i do it like this: Code: $colItems = $WMI.ExecQuery("Select * from Win32_LogicalDisk WHERE DriveType = 3",,48) For Each $objItem in $colItems ?"Logical Disk Size: " + ROUND($ToGB * $objItem.Size,2) ?"FreeSpace: " + ROUND($ToGB * $objItem.FreeSpace,2) ?"Name: " + $objItem.Name ?"------" Next Now, the later Code Accesses just the Drives with the DriveType 3, but the upper code seems to access ALL drives, stores the info and outputs those with Type3, which makes the WMIQuery Access my Floppy Drive and make the Access-Noise that i don't want to have at every Audit. I would like to use the later script part, but i don't know how to access other computers (with different passwords) and i'm not quite able to extract that information out of the WMIQuery() UDF Any solution there? Edit: $ToGB = Factor for converting Byte to GB Edited by private_meta (2006-08-31 03:45 PM) _________________________ -=If you absolutly believe you can make up talent with hard work, there is no limit to what you can't achieve.=-
Top

#166618 - 2006-08-31 03:45 PM Re: WMIQuery() Problem and Remote Registry (Update)
Witto Witto MM club member Registered: 2004-09-29 Posts: 1828 Loc: Belgium	I did not want to say the notation with the variables outside the strings would make the WMIQuery work. It is just a better notation. Just in case someone would use your code and set NoVarsInStrings option to On. IMHO, variables just do not belong in a string.
Top

#166619 - 2006-08-31 03:47 PM Re: WMIQuery() Problem and Remote Registry (Update)
private_meta private_meta Getting the hang of it Registered: 2006-07-27 Posts: 80 Loc: Austria	Quote: I did not want to say the notation with the variables outside the strings would make the WMIQuery work. It is just a better notation. Just in case someone would use your code and set NoVarsInStrings option to On. IMHO, variables just do not belong in a string. Ok, that's understandable, sorry for getting your intentions wrong _________________________ -=If you absolutly believe you can make up talent with hard work, there is no limit to what you can't achieve.=-
Top

#166620 - 2006-08-31 03:48 PM Re: WMIQuery() Problem and Remote Registry (Update)
Witto Witto MM club member Registered: 2004-09-29 Posts: 1828 Loc: Belgium	No problem.
Top

Page 1 of 2

1

Previous Topic

Previous Topic View All Topics

View All Topics

Index Next Topic

Next Topic

Moderator: Arend_, Allen, Jochen, Radimus, Glenn Barnas, ShaneEP, Ruud van Velsen, Mart

Hop to:

Shout Box

Who's Online

1 registered (Allen) and 675 anonymous users online.

Newest Members

batdk82, StuTheCoder, M_Moore, BeeEm, min_seow
17885 Registered Users

Generated in 0.114 seconds in which 0.064 seconds were spent on a total of 13 queries. Zlib compression enabled.

click tracking