Windows Server Hack [Electronic resources] نسخه متنی

اینجــــا یک کتابخانه دیجیتالی است

با بیش از 100000 منبع الکترونیکی رایگان به زبان فارسی ، عربی و انگلیسی

جستجو بر اساس ... همه عنوان پدیدآور موضوع یادداشت تمام متن
اصطلاحنامه مجموعه ها مرورالفبایی لغت نامه دهخدا
جستجو در لغت نامه
بیشتر
کتابخانه شخصی پرسش از کتابدار ارسال منبع

Windows Server Hack [Electronic resources] - نسخه متنی

Mitch Tulloch

| نمايش فراداده ، افزودن یک نقد و بررسی
افزودن به کتابخانه شخصی
میخواهم بخوانم
درحال خواندن
خوانده شده
ارسال به دوستان

آدرس پست الکترونیک گیرنده :

آدرس پست الکترونیک فرستنده :

نام و نام خانوارگی فرستنده :

پیغام برای گیرنده ( حداکثر 250 حرف ) :

کد امنیتی را وارد نمایید

ارسال
جستجو در متن کتاب
بیشتر
تنظیمات قلم

فونت

اندازه قلم

+ - پیش فرض

حالت نمایش

روز نیمروز شب
جستجو در لغت نامه
بیشتر
لیست موضوعات

Sitemap

Windows Server Hacks

Table of Contents

Copyright

Credits

About the Author

Contributors

Acknowledgments

Foreword: I''m a Sci-Fi freak

Preface

Why Windows Server Hacks?

Getting and Using the Scripts

How to Use This Book

How This Book Is Organized

Conventions Used in This Book

Using Code Examples

How to Contact Us

Got a Hack?

Chapter 1. General Administration

Hacks #1-16

Hack 1 Use Run As to Perform Administrative Tasks

Hack 2 Drag and Drop to the Run Menu

Hack 3 Find and Replace Registry Keys from a Command Line

Hack 4 Automatically Log On After Booting

Hack 5 Wait for and Optionally Terminate a Process

Hack 6 Shut Down a Remote Computer

Hack 7 Rename Mapped Drives

Hack 8 Execute a Command on Each Computer in a Domain

Hack 9 Add, Remove, or Retrieve Environment Variables

Hack 10 Extend Group Policy

Hack 11 Disable EFS

Hack 12 Get Event Log Information

Hack 13 Shortcut to Remote Assistance

Hack 14 Desktop Checker

Hack 15 Top Five Tools

Hack 16 myITforum.com

Chapter 2. Active Directory

Hacks #17-24

Hack 17 Retrieve the List of Old Domain Computer Accounts

Hack 18 Automate Creation of OU Structure

Hack 19 Modify All Objects in the OU

Hack 20 Delegate Control of an OU to a User

Hack 21 Send OU Information in Active Directory to an HTML Page

Hack 22 Display Active Directory Information

Hack 23 Store and Display Contact Information in Active Directory

Hack 24 Restore the Active Directory Icon in Windows XP

Chapter 3. User Management

Hacks #25-35

Hack 25 Search for Domain Users

Hack 26 Manage User Accounts in Active Directory

Hack 27 Get a List of Disabled Accounts

Hack 28 Get User Account Information

Hack 29 Check for Passwords that Never Expire

Hack 30 Enumerate Group Membership to a CSV File

Hack 31 Modify User Properties for All Users in a Particular OU

Hack 32 Check Group Membership and Map Drives in a Logon Script

Hack 33 Script Creation of a User''s Home Directory and Permissions

Hack 34 Prevent Ordinary Users from Creating Local Accounts

Hack 35 Put a Logoff Icon on the Desktop

Chapter 4. Networking Services

Hacks #36-47

Hack 36 Manage Services on Remote Machines

Hack 37 Simplify DNS Aging and Scavenging

Hack 38 Troubleshoot DNS

Hack 39 Manually Recreate a Damaged WINS Database

Hack 40 Change WINS for All Enabled Adapters

Hack 41 Ensure DHCP Server Availability

Hack 42 Change a Network Adapter''s IP Info

Hack 43 Change from Static IP to DHCP

Hack 44 Release and Renew IP Addresses

Hack 45 Use netsh to Change Configuration Settings

Hack 46 Remove Orphaned Network Cards

Hack 47 Implement Windows 2000 Network Load Balancing

Chapter 5. File and Print

Hacks #48-53

Hack 48 Map Network Drives

Hack 49 Determine Who Has A Particular File Open on the Network

Hack 50 Display a Directory Tree

Hack 51 Automate Printer Management

Hack 52 Set the Default Printer Based on Location

Hack 53 Add Printers Based on Name of Computer

Chapter 6. IIS

Hacks #54-61

Hack 54 Back Up the Metabase

Hack 55 Restore the Metabase

Hack 56 Map the Metabase

Hack 57 Metabase Hacks

Hack 58 Hide the Metabase

Hack 59 IIS Administration Scripts

Hack 60 Run Other Web Servers

Hack 61 IISFAQ

Chapter 7. Deployment

Hacks #62-68

Hack 62 Get Started with RIS

Hack 63 Customize RIS

Hack 64 Tune RIS

Hack 65 Customize SysPrep

Hack 66 Remove Windows Components from the Command Line

Hack 67 Unattended Installation of Windows Components

Hack 68 Easily Create a Network Boot Disk

Chapter 8. Security

Hacks #69-78

Hack 69 Fundamentals of a Virus-Free Network

Hack 70 Antivirus FAQ

Hack 71 Rename the Administrator and Guest Accounts

Hack 72 Get a List of Local Administrators

Hack 73 Find All Computers that Are Running a Service

Hack 74 Grant Administrative Access to a Domain Controller

Hack 75 Secure Backups

Hack 76 Find Computers with Automatic logon Enabled

Hack 77 Security FAQ

Hack 78 Microsoft Security Tools

Chapter 9. Patch Management

Hacks #79-89

Hack 79 Best Practices for Patch Management

Hack 80 Beginners Guide to Enterprise Patch Management

Hack 81 Patch-Management FAQ

Hack 82 Enumerate Installed Hotfixes

Hack 83 Apply Patches in the Correct Order

Hack 84 Windows Update FAQ

Hack 85 Obtain Updates via the Windows Update Catalog

Hack 86 Use Automatic Updates Effectively

Hack 87 Use Group Policy to Configure Automatic Updates

Hack 88 Automatic Updates FAQ

Hack 89 Software Update Services FAQ

Chapter 10. Backup and Recovery

Hacks #90-100

Hack 90 Collect Disaster Recovery Files

Hack 91 Back Up Individual Files from the Command Line

Hack 92 Back Up System State on Remote Machines

Hack 93 Back Up and Restore a Certificate Authority

Hack 94 Back Up EFS

Hack 95 Work with Shadow Copies

Hack 96 Back Up and Clear the Event Logs

Hack 97 Back Up the DFS Namespace

Hack 98 Recover with Automated System Recovery

Hack 99 Recovery Roadmap

Hack 100 Data Recovery of Last Resort

Colophon

Index

index_A

index_B

index_C

index_D

index_E

index_F

index_G

index_H

index_I

index_K

index_L

index_M

index_N

index_O

index_P

index_Q

index_R

index_S

index_T

index_U

index_V

index_W

index_X
توضیحات
افزودن یادداشت جدید












Hack 14 Desktop Checker












Here''''s a useful script to
quickly display the configuration of a remote system for
troubleshooting or inventory purposes.





This handy script will attempt
to gather various Windows NT/2000/XP/2003
operating-system attributes and display them in a coherent way to
assist in troubleshooting. I highly suggest modifying the
customization variables located within the script. To edit this text
file, just open it with Notepad (leave Word Wrap turned off). Even if
you have no experience with VBScript, you should find the changes
quite easy to make. Please read the comments for different sections
to make the tool viable for your organization.





This tool was intended to use only standard API calls and nothing
from third-party COM objects. This keeps the tool lightweight and
portable as only a text file. I suggest putting the tool into a local
directory by itself so that the HTML pages it creates
don''''t get out of hand. If a machine does not have
WMI 1.5, then a lot of info might be missing. You will get similar
results if you don''''t have administrator rights on
the remote box. This script will not work on any Windows 9x operating
systems.






The Code






You can download this script as DesktopChecker.vbs
from the O''''Reilly web site at http://www.oreilly.com/catalog/winsvrhks/:





''''**************************************************************
''''*                                                            *
''''*  Desktop Checker - This script will ATTEMPT to gather      *
''''*  various OS attributes and diplay them in a coherent       *
''''*  way to assist in troubleshooting.  I highly suggest       *
''''*  modifying the customization variables located 2 sections  *
''''*  below.  Please read the comments for different sections   *
''''*  to make the tool viable for your organization.  This      *
''''*  tool was intended to use only standard API calls and      *
''''*  nothing from 3rd party COM objects.  This keeps the       *
''''*  tool lightwieght and portable as only a text file.        *
''''*  I suggest putting the tool into a directory by itself     *
''''*  so that the HTML pages it creates don''''t get out of hand.  *
''''*  If a machine does not have WMI 1.5 then lots of info may  *
''''*  be missing.                                               *
''''*                                                            *
''''*  Dennis Abbott                                             *
''''*  speckled_trout@hotmail.com                                *
''''*                                                            *
''''**************************************************************
On Error Resume Next
Dim WshShell,WshFso,WshNet,WshSysEnv,IE,wmi,ADSIobj,OutPutFile,DumpFile
Dim PathToScript,ComSpec,Cnt,CompName,Company,Title,LogoLink,SelectServices, _
Domain,Progress,Instance,CurLine
Set WshShell = CreateObject("Wscript.Shell")
Set WshFso = CreateObject("Scripting.FileSystemObject")
Set WshNet = CreateObject("Wscript.Network")
Set WshSysEnv = WshShell.Environment("SYSTEM")
PathToScript = Left(WScript.ScriptFullName,(Len(WScript.ScriptFullName) - _ 
(Len(WScript.ScriptName) + 1)))
ComSpec = WshSysEnv("COMSPEC")
Cnt = 0
'''' grab contents of clipboard
'''' This allows you to work a LIST of boxes by cut-n-paste
Set IE = CreateObject("InternetExplorer.Application")
IE.Navigate("about:<script language=" & Chr(34)
& "vbscr" & "ipt" & Chr(34) & ">function go( ):document.all.it2.select"
& "( ):document.execCommand " & 
Chr(34) & "Paste" & Chr(34) & ":en" & "d function</script><body 
onload=go( )>
<input type=t" & "ext value=" & Chr(34) & "start" & Chr(34) & " 
id=it2></body>")
While IE.ReadyState <> 4:Wend
CompName = IE.document.all.it2.value
IE.quit( )
Set IE = Nothing
'''' SET CUSTOMIZATION VARIABLES
Company = "myITforum"
Title = Company & " - Helpdesk Diagnostic Tool"
LogoLink = "http://www.myitforum.com/img/logo_final.gif"
'''' The next line alows you to query a variety of NT
 services of your choosing
'''' Make sure you enter the service NAME not the
 DISPLAY NAME, they can be
different names
SelectServices = Array("WinMgmt","Norton Antivirus 
Server","DefWatch","clisvc","Dhcp")
Domain = "amd"  ''''Your NT domain
Progress = True   
''''causes pop-up boxes when set to True it is silent when
 set to False
CompName = InputBox("Enter the name of the remote
 computer",Title,CompName)
If CompName = " Then MsgBox "No machine name was
 entered.....goodbye" : _ Wscript.Quit(0)
Set wmi = GetObject("winmgmts:{impersonationLevel=
impersonate}!//" & _ CompName)
Set ADSIobj = GetObject("WinNT://" & CompName
 & ",Computer")
Call PrepHTML(CompName)  ''''create an HTML file
If Progress Then
WshShell.Popup "Getting OS information",2,Title, vbokonly + _
vbsystemmodal
End If
Call GetOS(CompName)
If Progress Then
WshShell.Popup "Getting NT administrators",2,Title, vbokonly + _
vbsystemmodal
End If
Call GetAdmins(CompName)
If Progress Then
WshShell.Popup "Checking Vital Services",2,Title, vbokonly + _
vbsystemmodal
End If
Call Services(CompName,SelectServices)
If Progress Then
WshShell.Popup "Checking Admin shares",2,Title, vbokonly + vbsystemmodal
End If
Call AdminShares(CompName)
If Progress Then
WshShell.Popup "Getting date/time stamp",2,Title, vbokonly + _
vbsystemmodal
End If
Call GetTime(CompName)
If Progress Then
WshShell.Popup "Getting NetBIOS information",2,Title, vbokonly + _
vbsystemmodal
End If
Call GetNBTstat(CompName)
If Progress Then
WshShell.Popup "Pinging computer",2,Title, vbokonly + vbsystemmodal
End If
Call Ping(CompName)
If Progress Then
WshShell.Popup "Getting Registry Quota",2,Title, vbokonly + _
vbsystemmodal
End If
Call GetRegQuota(CompName)
If Progress Then
WshShell.Popup "Getting Hardware information",2,Title, vbokonly + _
vbsystemmodal
End If
Call GetHW(CompName)
If Progress Then
WshShell.Popup "Getting Network Card information",2,Title, vbokonly + _
vbsystemmodal
End If
Call GetNIC(CompName)
If Progress Then
WshShell.Popup "Getting Software information",2,Title, vbokonly + _
vbsystemmodal
End If
Call GetSW(CompName)
If Progress Then
WshShell.Popup "Getting Critical NT Events",2,Title, vbokonly + _
vbsystemmodal
End If
Call GetEvents(CompName)
Call ExitScript
Function PrepHTML(CompName)
Set OutPutFile = WshFso.CreateTextFile(PathToScript & "\" & CompName _
& "l")
OutPutFile.WriteLine "<body>"
OutPutFile.WriteLine "<h1><center>" & Title & "</center></h1>"
OutPutFile.WriteLine "<p><IMG SRC=" & Chr(34) & LogoLink & Chr(34) _
& "</img></p>"
OutPutFile.WriteLine "</p><p>" & "Account running this script is " _
& WshNet.UserDomain & "\" & WshNet.UserName & " @ " _
& Now & " from workstation " & WshNet.ComputerName & "</p>"
OutPutFile.WriteLine "<p>Information on remote machine <b>\\" _
& UCase(CompName) & "</b></p>"
OutPutFile.WriteLine "<p><font color=red>To see information as it " _ 
loads hit the REFRESH button on your web browser.</font></p>"
OutPutFile.WriteLine "<hr>"
WshShell.Run PathToScript & "\" & CompName & "l"
End Function
Function GetOS(CompName)
OutPutFile.WriteLine "<h3>1 - Operating System</h3>"
OutPutFile.WriteLine "Operating System Version = " _
& ADSIobj.OperatingSystem & " " & ADSIobj.OperatingSystemVersion & "<br>"
For Each Instance in wmi.ExecQuery("Select * From Win32_OperatingSystem")
OutPutFile.WriteLine "Operating System Caption = " _
& Instance.Caption & "<br>"
OutPutFile.WriteLine "Operating System Service Pack = " _
& Instance.CSDVersion & "<br>"
OutPutFile.WriteLine "Operating System LastBootUpTime = " _
& StrDateTime(Instance.LastBootUpTime) & "<br>"
OutPutFile.WriteLine "Operating System Directory = " _
& Instance.WindowsDirectory & "<br>"
Next
OutPutFile.WriteLine "<hr>"
End Function
Function GetAdmins(CompName)
Dim Admins,Admin
Dim AdsInfo
Set Admins = GetObject("WinNT://" & CompName & "/Administrators")
OutPutFile.WriteLine "<h3>2 - Members of the local " _
& "administrators group</h3>"
OutPutFile.WriteLine "<table border=1><tr><td><b>Name</
b></td><td><b>Type</b></td><td><b>
Description</b></td></tr>"
For Each Admin in Admins.Members
Set AdsInfo = GetObject(Admin.adspath)
OutPutFile.WriteLine "<tr><td>" & AdsInfo.Name & "</td><td>" _
& AdsInfo.Class & "</td><td>" & AdsInfo.Description & "</td></tr>"
Next
OutPutFile.WriteLine "</table>"
OutPutFile.WriteLine "<hr>"
End Function
Function Services(CompName,SelectServices)
Dim Service,srvc,State,Strg
OutPutFile.WriteLine "<h3>3 - Status of vital services</h3>"
OutPutFile.WriteLine "<table border=1><tr><td><b>Service 
Name</b></td><td><b>Display Name</b></td><td>
<b>Status</b></td></tr>"
For Each Service in SelectServices
Strg = "<tr><td>" & Service & "</td><td></
td><td><b><font color=FF0000>NOT PRESENT</font></b></
td></tr>"
ADSIobj.Filter = Array("Service")
For Each srvc in ADSIobj
Select Case srvc.Status
Case 1 State = "<font color=FF0000>STOPPED</font>"
Case 2 State = "<font color=FF0000>START_PENDING</font>"
Case 3 State = "<font color=FF0000>STOP_PENDING</font>"
Case 4 State = "RUNNING"
Case 5 State = "<font color=FF0000>CONTINUE_PENDING</font>"
Case 6 State = "<font color=FF0000>PAUSE_PENDING</font>"
Case 7 State = "<font color=FF0000>PAUSED</font>"
Case Else State = "<font color=FF0000>ERROR</font>"
End Select
If LCase(srvc.Name) = LCase(Service) Then Strg = _
"<tr><td>" & srvc.Name & "</td><td>" &
srvc.DisplayName _
& "</td><td>" & State & "</tr></td>"
Next
OutPutFile.WriteLine Strg    
Next
OutPutFile.WriteLine "</table>"
OutPutFile.WriteLine "<hr>"
End Function
Function AdminShares(CompName)
Dim Shares
OutPutFile.WriteLine "<h3>4 - Status of administrative shares</h3>" 
Shares = True
If WshFso.FolderExists("\\" & CompName & "\c$") = True Then
OutPutFile.WriteLine "C$ share exists<br>"
Else
Shares = False
OutPutFile.WriteLine "<font color=red>C$ share is not " _
& "accessible</font><br>"
End If
If WshFso.FolderExists("\\" & CompName & "\admin$") = True Then
OutPutFile.WriteLine "admin$ share exists<br>"
Else
Shares = False
OutPutFile.WriteLine "<font color=red>admin$ share is not " _
& "accessible</font><br>"
End If
If Shares = False Then
OutPutFile.WriteLine "<br>"
OutPutFile.WriteLine "<font color=red>Shares made not be " _
& "accessible due to the folowing reasons:</font><br>"
OutPutFile.WriteLine "<font color=red>a - You do not have " _
& "admin rights on this box</font><br>"
OutPutFile.WriteLine "<font color=red>b - box is offline</font><br>"
OutPutFile.WriteLine "<font color=red>c - Server service is not " _
& "running</font><br>"
OutPutFile.WriteLine "<font color=red>d - Shares have been " _
& "disabled</font><br>"
OutPutFile.WriteLine "<font color=red>e - remote machine''''s " _
& "operating system is not NT-based</font><br>"
End If
OutPutFile.WriteLine "<hr>"
End Function
Function GetTime(CompName)
OutPutFile.WriteLine "<h3>5 - Current date and time</h3>" 
OutPutFile.WriteLine "Current date and time of a domain controller<br>"
WshShell.Run ComSpec & " /c net time /DOMAIN:" & Domain & " >" _
& PathToScript & "\time.txt",6,True 
Set DumpFile = WshFso.OpenTextFile(PathToScript & "\time.txt", 1, True)
Do While DumpFile.AtEndOfStream <> True
CurLine = DumpFile.ReadLine
If InStr(CurLine,"Current") <> 0 Then
OutPutFile.WriteLine CurLine & "<br>"
End If
Loop
DumpFile.Close
OutPutFile.WriteLine "Current date and time of computer you are " _
& "troubleshooting<br>"
WshShell.Run ComSpec & " /c net time \\" & CompName " _
& " >" & PathToScript & "\time.txt",6,True 
Set DumpFile = WshFso.OpenTextFile(PathToScript & "\time.txt", 1, True)
Do While DumpFile.AtEndOfStream <> True
CurLine = DumpFile.ReadLine
If InStr(CurLine,"Current") <> 0 Then
OutPutFile.WriteLine CurLine & "<br>"
End If
Loop
DumpFile.Close
OutPutFile.WriteLine "<hr>"
End Function
Function Ping(CompName)
OutPutFile.WriteLine "<h3>7 - Ping test (DNS name resolution)</h3>"
OutPutFile.WriteLine "<h4>If you get no reply on the ping yet other data is 
retrieved on this page then there is most likely a problem with a static DNS entry.  
This needs to be fixed before anything else.  You MUST VERIFY the machine is running 
DHCP before 
you modify the static DNS entry!!!!</h4>"
WshShell.Run ComSpec & " /c ping " & CompName & " >" & 
PathToScript & _
"\ping.txt",6,True 
Set DumpFile = WshFso.OpenTextFile(PathToScript & "\ping.txt", 1, True)
Do While DumpFile.AtEndOfStream <> True
OutPutFile.WriteLine DumpFile.ReadLine & "<br>"
Loop
Set DumpFile = Nothing
OutPutFile.WriteLine "<hr>"
End Function
Function GetNBTstat(CompName)
Dim User
User = "Nobody Logged On"    
WshShell.Run ComSpec & " /c nbtstat -a " & CompName & " >" & 
PathToScript & "\nbt.txt",6,True 
Set DumpFile = WshFso.OpenTextFile(PathToScript & "\nbt.txt", 1, True)
Do While DumpFile.AtEndOfStream <> True
CurLine = DumpFile.ReadLine
If InStr(CurLine,"---") <> 0 Then
CurLine = DumpFile.ReadLine
CompName = Trim(Left(CurLine,InStr(CurLine,"<")-1))
End If
If InStr(CurLine,"<03>") <> 0 Then
If Trim(Left(CurLine,InStr(CurLine,"<03>")-1)) <> _
UCase(CompName) and _
Trim(Left(CurLine,InStr(CurLine,"<03>")-1)) <> _
UCase(CompName) & "$" Then
User = Trim(Left(CurLine,InStr(CurLine,"<03>")-1))
End If
End If
If InStr(CurLine,"<1E>") <> 0 Then
If Trim(Left(CurLine,InStr(CurLine,"<1E>")-1)) <> UCase(CompName) 
and Trim(Left(CurLine,InStr(CurLine,"<1E>")-1)) <> UCase(CompName) & "$" 
Then
Domain = Trim(Left(CurLine,InStr(CurLine,"<1E>")-1))
End If
End If
Loop
OutPutFile.WriteLine "<h3>6 - NetBIOS Info</h3>"
OutPutFile.WriteLine "Current User Logged on = " & User & " (this value may 
not be accurate, it depends on the box''''s messenger service)<br>"
OutPutFile.WriteLine "Domain machine is joined to = " & Domain & "<br>"
DumpFile.Close
OutPutFile.WriteLine "<hr>"
End Function
Function GetNIC(CompName)
OutPutFile.WriteLine "<h3>9 - Network Card Configuration</h3>"
For Each Instance in wmi.ExecQuery("Select * From Win32_" & _
"NetworkAdapterConfiguration Where IPenabled = ''''True''''")
OutPutFile.WriteLine "<table border=1><tr><td><b>" & _
"Attribute</b></td><td><b>Value</b></td></tr>"
OutPutFile.WriteLine "<tr><td>Name of card</td><td>" _
& Instance.Caption & "</td></tr>"
OutPutFile.WriteLine "<tr><td>DHCP Enabled</td><td>" _
& Instance.DhcpEnabled & "</td></tr>"
OutPutFile.WriteLine "<tr><td>IP address</td><td>" _
& Instance.IPAddress(0) & "</td></tr>"
OutPutFile.WriteLine "<tr><td>Subnet Mask</td><td>" _
& Instance.IPSubnet(0) & "</td></tr>"
OutPutFile.WriteLine "<tr><td>MAC Address</td><td>" _
& Instance.MACAddress & "</td></tr>"
OutPutFile.WriteLine "<tr><td>DNS HostName</td><td>" _
& Instance.DNSHostname & "</td></tr>"
OutPutFile.WriteLine "<tr><td>DNS Servers(in order)</td><td>" _
& Instance.DNSServerSearchOrder(0) & " : " _
& Instance.DNSServerSearchOrder(1) & "</td></tr>"
OutPutFile.WriteLine "<tr><td>Primary WINS</td><td>" _
& Instance.WINSPrimaryServer & "</td></tr>"
OutPutFile.WriteLine "<tr><td>Secondary WINS</td><td>" _
& Instance.WINSSecondaryServer & "</td></tr>"
OutPutFile.WriteLine "</table>"
Next
OutPutFile.WriteLine "<hr>"
End Function
Function GetRegQuota(CompName)
OutPutFile.WriteLine "<h3>8 - Registry size information</h3>"
For each Instance in wmi.InstancesOf("Win32_Registry")
OutPutFile.WriteLine "Current Registry size is " _
& Instance.CurrentSize & " MB''''s.<br>"
OutPutFile.WriteLine "Maximum Registry size is " _
& Instance.MaximumSize & " MB''''s.<br>"
If Instance.MaximumSize - Instance.CurrentSize < 8 Then
OutPutFile.WriteLine "<font color=red><b>The Registry quota on " _
& CompName & " may need to be increased!!!</font></b><br>"
End If
Next
OutPutFile.WriteLine "<hr>"
End Function
Function GetHW(CompName)
Dim stuff
OutPutFile.WriteLine "<h3>10 - Hardware Information</h3>"
For Each Instance in wmi.ExecQuery("Select * From Win32_" & _
"LogicalDisk Where DeviceID = ''''C:''''")
OutPutFile.WriteLine "Total Drive space available on C: is " &  Left(Instance.
FreeSpace/1000000,InStr(Instance.FreeSpace/1000000, ".")-1) & " Megabytes.<br>"
stuff = ((Instance.Size - Instance.FreeSpace)/Instance.Size)*100
OutPutFile.WriteLine "The C: drive is " _
& Left(stuff,InStr(stuff, ".")-1) & "% full.<br>"
Next
For Each Instance in wmi.ExecQuery("Select * From Win32_ComputerSystem")
OutPutFile.WriteLine "Computer Manufacturer = " _
& Instance.Manufacturer & "<br>"
OutPutFile.WriteLine "Computer Model = " & Instance.Model & "<br>"
OutPutFile.WriteLine "Total Physical Memory = " & Left
(Instance.TotalPhysicalMemory/1000000,InStr(Instance.TotalPhysicalMemory/1000000,".")-1) 
& " MB''''s" & "<br>"
Next
For Each Instance in wmi.ExecQuery("Select * From Win32_" & _
"SystemEnclosure")
OutPutFile.WriteLine "Asset Tag = " & Instance.SMBIOSassettag " _
& "<br>"
OutPutFile.WriteLine "Serial Number = " & Instance.serialnumber " _
& "<br>"
Next
For Each Instance in wmi.ExecQuery("Select * From Win32_Processor")
OutPutFile.WriteLine "Processor Name = " & Instance.Name & "<br>"
OutPutFile.WriteLine "Processor Clock Speed = " _
& Instance.CurrentClockSpeed & " MHz<br>"
OutPutFile.WriteLine "Processor Voltage = " _
& Instance.CurrentVoltage & " Volts<br>"
OutPutFile.WriteLine "Current Processor Load = " _
& Instance.LoadPercentage & "%<br>"
Next
OutPutFile.WriteLine "<hr>"
End Function
Function GetSW(CompName)
Dim oReg
Dim NavParent,PatternDate,NavDir,NavVer,IEVersion,program,installed,
Version,ProgramName
OutPutFile.WriteLine "<h3>11 - Software Information</h3>"
Set oReg=GetObject("winmgmts:{impersonationLevel=impersonate}!//" _
& CompName & "/root/default:StdRegProv")
oReg.getstringvalue 2147483650,"SOFTWARE\INTEL\LANDesk
VirusProtect6\CurrentVersion\",
"Parent",NavParent
oReg.getstringvalue 2147483650,"SOFTWARE\Symantec\SharedDefs\", _
& "NAVCORP_70",PatternDate
oReg.getstringvalue 2147483650,"SOFTWARE\Symantec\InstalledApps\" & _
","NAV",NavDir
If UCase(Left(NavDir,1)) = "C" Then
NavVer = WshFso.GetFileVersion("\\" & CompName & "\c$\" _
& Right(NavDir,Len(NavDir)-3) & "\vpc32.exe")
OutPutFile.WriteLine "Norton Antivirus Version = " &  NavVer  _
& "<br>"
End If
PatternDate = Right(PatternDate,12)
OutPutFile.WriteLine "Norton Antivirus Parent Server = " & NavParent _
& "<br>"
OutPutFile.WriteLine "Norton Antivirus Definition Date = " _
& Mid(PatternDate,5,2) & "/" & Mid(PatternDate,7,2) & "/" & 
Mid(PatternDate,1,4) & " Revision " & Right(PatternDate,3) & "<br>"
oReg.getstringvalue 2147483650,"SOFTWARE\Microsoft\Internet Explorer\" & _
","Version",IEVersion
OutPutFile.WriteLine "<p>Internet Explorer Version = " & IEVersion
OutPutFile.WriteLine "<p>Installed Programs(from Add/Remove Programs applet)</
p>"
OutPutFile.WriteLine "<table border=1><tr><td><b>Program 
Name</b></td><td><b>Version(if available)</b></td></
tr>"
oReg.EnumKey 2147483650, "SOFTWARE\Microsoft\Windows\CurrentVersion\" & _
"Uninstall", installed
For each program in installed
oReg.getstringvalue 2147483650,"SOFTWARE\Microsoft\Windows\" & _
"CurrentVersion\Uninstall\" & program & "\","DisplayName",ProgramName
oReg.getstringvalue 2147483650,"SOFTWARE\Microsoft\Windows\" & _
"CurrentVersion\Uninstall\" & program & "\","DisplayVersion",Version
If ProgramName <> " Then
OutPutFile.WriteLine "<tr><td>" & ProgramName & "</
td><td>" & Version & "</td></tr>"
End If
Next
OutPutFile.WriteLine "</table>"
OutPutFile.WriteLine "<hr>"
End Function
Function GetEvents(CompName)
OutPutFile.WriteLine "<h3>12 - First 25 Errors from the system event log</h3>"
OutPutFile.WriteLine "<table border=1><tr><td><b>DateTimeStamp
</b></td><td><b>EventSource</b></td><td><b>
Message</b></td></tr>"
For Each Instance in wmi.ExecQuery("Select * From Win32_NTLogEvent Where Type = 
''''Error'''' and LogFile = ''''System''''")
Cnt = Cnt + 1
If Cnt = 25 Then Exit For
OutPutFile.WriteLine "<tr><td>" & Mid(Instance.TimeGenerated,5,2) " _
& "-" & Mid(Instance.TimeGenerated,7,2) & "-" _
& Left(Instance.TimeGenerated,4) & "</td><td>" _
& Instance.SourceName & "</td><td>" & Instance.Message & "</td></tr>"
Next
OutPutFile.WriteLine "</table>"
End Function
Function StrDateTime(d)
Dim strVal,strDate,strTime
strVal = CStr(d)
strDate = DateSerial(Left(strVal, 4), _
Mid(strVal, 5, 2), _
Mid(strVal, 7, 2))
strTime = TimeSerial(Mid(strVal, 9, 2), _
Mid(strVal, 11, 2), _
Mid(strVal, 13, 2))
StrDateTime = strDate + strTime
End Function
Function ExitScript
OutPutFile.WriteLine "</body>"
OutPutFile.Close
WshShell.Run PathToScript & "\" & CompName & "l"
If Progress Then 
MsgBox "The " & Title & " script is done.",vbokonly + _
vbsystemmodal,Title
End If
Set WshShell = Nothing
Set WshFso = Nothing
Set WshNet = Nothing
Set OutPutFile = Nothing
Wscript.Quit(0)
End Function


Running the Hack






To run this hack, simply double-click on the
DesktopChecker.vbs file in Windows Explorer (or
on a shortcut to the file on your desktop). Then, type the name of
the remote computer you want to query using either its NetBIOS name,
DNS name, or IP address. At this point, Internet Explorer will open
and display a page titled "myITforum Helpdesk
Diagnostic Tool," followed by a series of dialog
boxes that show the progress of the script (you
don''''t need to click OK to close these dialog boxes,
because they close automatically). Once the final dialog box
appears"The myITforum Helpdesk Diagnostic
Tool script is done"click OK and refresh the
web page to view the information.





Here''''s some sample output generated when the script
was run on a workstation using Domain Admin credentials. The target
machine is a Windows Server 2003 machine named
SRV230. The output of the script is in the form
of an HTML page named srv230, which is
created in the same directory where the script itself resides, but
the output has been reformatted here as text to make it easier to
include in this book.






myITforum - Helpdesk Diagnostic Tool
Account running this script is MTIT2\administrator @ 12/3/2003 11:40:37 AM from 
workstation
SRV235
Information on remote machine \\SRV230
To see information as it loads hit the REFRESH button on your web browser.
----------------------------------------------------------------------------
1 - Operating System
Operating System Version = Windows NT 5.2
Operating System Caption = Microsoft(R) Windows(R) Server 2003, Enterprise Edition
Operating System Service Pack = 
Operating System LastBootUpTime = 12/3/2003 11:26:42 AM
Operating System Directory = C:\WINDOWS
----------------------------------------------------------------------------
2 - Members of the local administrators group
Name               Type   Description 
Administrator      User   Built-in account for administering the computer/domain 
Enterprise Admins  Group  Designated administrators of the enterprise 
Domain Admins      Group  Designated administrators of the domain 
----------------------------------------------------------------------------
3 - Status of vital services
Service Name             Display Name                        Status 
winmgmt                  Windows Management Instrumentation  RUNNING 
Norton Antivirus Server                                      NOT PRESENT 
DefWatch                                                     NOT PRESENT 
clisvc                                                       NOT PRESENT 
Dhcp                     DHCP Client                         RUNNING 
----------------------------------------------------------------------------
4 - Status of administrative shares
C$ share exists
admin$ share exists
----------------------------------------------------------------------------
5 - Current date and time
Current date and time of a domain controller
Current date and time of computer you are troubleshooting
----------------------------------------------------------------------------
6 - NetBIOS Info
Current User Logged on = Nobody Logged On (this value may not be accurate, it depends on 
the box''''s messenger service)
Domain machine is joined to = amd
----------------------------------------------------------------------------
7 - Ping test (DNS name resolution)
If you get no reply on the ping yet other data is retrieved on this page then there is 
most likely a problem with a static DNS entry. This needs to be fixed before anything 
else. 
You MUST VERIFY the machine is running DHCP before you modify the static DNS entry!!!!
----------------------------------------------------------------------------
8 - Registry size information
Current Registry size is 1 MB''''s.
Maximum Registry size is 88 MB''''s.
----------------------------------------------------------------------------
10 - Hardware Information
Total Drive space available on C: is 1776 Megabytes.
The C: drive is 58% full.
Computer Manufacturer = System Manufacturer
Computer Model = System Name
Total Physical Memory = 536 MB''''s
Asset Tag = Asset-1234567890
Serial Number = Chassis Serial Number
Processor Name = Intel(R) Pentium(R) III processor
Processor Clock Speed = 501 MHz
Processor Voltage = 29 Volts
Current Processor Load = 2%
----------------------------------------------------------------------------
9 - Network Card Configuration
Attribute              Value 
Name of card           [00000001] 3Com EtherLink XL 10/100 PCI For Complete PC Management 
NIC (3C905C-TX) 
DHCP Enabled           False 
IP address             172.16.11.230 
Subnet Mask            255.255.255.0 
MAC Address            00:01:02:FC:92:FC 
DNS HostName           srv230 
DNS Servers(in order)  172.16.11.230 :  
Primary WINS  
Secondary WINS  
----------------------------------------------------------------------------
11 - Software Information
Norton Antivirus Parent Server = 
Norton Antivirus Definition Date = // Revision 
Internet Explorer Version = 6.0.3790.0 
Installed Programs(from Add/Remove Programs applet)
Program Name                                                     Version(if available) 
FullShot V6  
Windows Media Player Hotfix [See wm819639 for more information]  
Remote Administration Tools                                      5.2.3790.0 
----------------------------------------------------------------------------
12 - First 25 Errors from the system event log
DateTimeStamp  EventSource  Message 
11-21-2003     W32Time      The time provider NtpClient is configured to acquire time 
from one or more time sources, however none of the sources are currently accessible. No 
attempt to contact a source will be made for 15 minutes. NtpClient has no source of 
accurate time.  
11-13-2003     DCOM         The server {A9E69610-B80D-11D0-B9B9-00A0C922E750} did not 
register with DCOM within the required timeout.  
etc...





Dennis Abbott






/ 163