0

I am trying to write a script that will pull computer names from a text file, then query the remote registrys for any subkeys under hkey_users\SID\network. Then translate the SIDs into the username and output the results to a text file named after the user.

'Define variables, constants and objects 

'define text file and username 

Const ForAppending = 8 
Const OverwriteExisting = TRUE 

dim WSHNetwork, UserString 
set WSHNetwork = CreateObject("WScript.Network") 
UserString = WSHNetwork.UserName 

Set objFSO = CreateObject("Scripting.FileSystemObject") 
Set objTextFile = objFSO.OpenTextFile _ 
    ("" & UserString & ".txt", ForAppending, True) 

' rest 

strComputer="localhost" 
Const HKEY_USERS = &H80000003 
Set objWbem = GetObject("winmgmts:") 
Set objRegistry = GetObject("winmgmts://" & strComputer & "/root/default:StdRegProv") 
Set objWMIService = GetObject("winmgmts:"  & "{impersonationLevel=impersonate}!\\" & strComputer & "\root\cimv2") 

'Go and get the currently logged on user by checking the owner of the Explorer.exe process.  

Set colProc = objWmiService.ExecQuery("Select Name from Win32_Process" & " Where Name='explorer.exe' and SessionID=0") 

If colProc.Count > 0 Then 
   For Each oProcess In colProc 
       oProcess.GetOwner sUser, sDomain 
   Next 
End If 

'Loop through the HKEY_USERS hive until (ignoring the .DEFAULT and _CLASSES trees) until we find the tree that 
'corresponds to the currently logged on user. 
lngRtn = objRegistry.EnumKey(HKEY_USERS, "", arrRegKeys)    

For Each strKey In arrRegKeys 
   If UCase(strKey) = ".DEFAULT" Or UCase(Right(strKey, 8)) = "_CLASSES" Then 
   Else 

       Set objSID = objWbem.Get("Win32_SID.SID='" & strKey & "'") 

'If the account name of the current sid we're checking matches the accountname we're looking for Then 
'enumerate the Network subtree 
       If objSID.accountname = sUser Then 
           regpath2enumerate = strkey & "\Network" 'strkey is the SID 
           objRegistry.enumkey hkey_users, regpath2enumerate, arrkeynames 

'If the array has elements, go and get the drives info from the registry 
           If Not (IsEmpty(arrkeynames)) Then 
               For Each subkey In arrkeynames 
                   regpath = strkey & "\Network\" & subkey 
                   regentry = "RemotePath" 
                   objRegistry.getstringvalue hkey_users, regpath, regentry, dapath 
                   objTextFile.WriteLine subkey & ":" & vbTab & dapath 
        Next 
                objTextFile.Close 
           End If 
       End If 
   End If 
Next 

Set objFSO = CreateObject("Scripting.FileSystemObject") 
objFSO.CopyFile "" & UserString & ".txt" , "\\servername\foldername\subfolder", OverwriteExisting
Zoredache
  • 130,897
  • 41
  • 276
  • 420
user75236
  • 11
  • 3

1 Answers1

1

You'll pull a lot of old stuff this way and, as you're finding, it won't be that easy. Why not just make it part of the login script(s) for your domain(s)? That way, you're only pulling current stuff for currently-logging-in users from HKCU, and the username is much easier to find.

mfinni
  • 36,144
  • 4
  • 53
  • 86
  • I agree, we have users that have shares mapped to servers that don't exist anymore. :-) – Scott Keck-Warren Mar 21 '11 at 14:20
  • Okay. I am testing this scipt (added above ^^) but Iam getting an error at line 52 char 16 saying "object not a collection". Also, the output isn't saving to the subfolder on the share. Any ideas? – user75236 Mar 21 '11 at 14:21
  • No idea. You're still trying to figure out SIDs and enumerate all users instead of just hitting HKCU, which is what I suggested you *don't* do. – mfinni Mar 21 '11 at 14:27
  • http://stackoverflow.com/questions/2085744/how-to-get-current-username-in-windows-powershell – mfinni Mar 21 '11 at 14:29
  • Sorry but I am not following....I am going to make this a login scipt and it will pull the drives from the currently logged in user. Could you elaborate more on your idea? – user75236 Mar 21 '11 at 14:32
  • Use the Codesample so that i can actually try to test your code. – mfinni Mar 21 '11 at 14:37