I don't honestly know if it would be inherent or if you'd have to write a script and get SMS to deliver/run it for you. I suspect the latter but I'm not an SMS type either. Be interesting to hear if anyone who has SMS knows that answer.
________________________________ From: [EMAIL PROTECTED] on behalf of Phil Renouf Sent: Wed 8/10/2005 5:42 PM To: ActiveDir@mail.activedir.org Subject: Re: [ActiveDir] 2 quick favors I'm not an SMS guy, but would SMS have that information (or the ability to gather it with the SMS agent)? Not too useful if you don't already have SMS... Phil On 8/10/05, Al Mulnick <[EMAIL PROTECTED]> wrote: > Scripts to enumerate users on the workstations and member servers, would > likely take you enumerating that class and then iterating through each one > (connecting and gathering the information). Chock full of reasons why that > might not work. That said, I think a pretty good approach would be to use a > logon script for the workstations and use a centralized script for the member > servers. > > Something like: > http://groups-beta.google.com/group/microsoft.public.scripting.wsh/browse_frm/thread/e97b62e4801a877b/58e383209f49a891?lnk=st&q=vbscript+enumerate+groups+site:technet.com&rnum=2&hl=en#58e383209f49a891 > > Or > http://www.microsoft.com/technet/scriptcenter/scripts/ad/computer/default.mspx > > http://groups-beta.google.com/group/microsoft.public.scripting.vbscript/browse_frm/thread/272360ec34f8ae9b/649cc13d7c44b99f?lnk=st&q=vbscript+list+administrators+group+membership+local+site:microsoft.com&rnum=1&hl=en#649cc13d7c44b99f > > > -----Original Message----- > From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Tom Kern > Sent: Wednesday, August 10, 2005 2:47 PM > To: ActiveDir@mail.activedir.org > Subject: Re: [ActiveDir] 2 quick favors > > > everything is locked down in this enviorment. there's 802.1x security on the > switchport,etc so its a major pain to introduce any new machine. i have an xp > laptop that i can't plug in without going thru 5 diff people so in the end i > just thought this might be done thru win2k somehow via vbscript or some third > party tool. > > if no one can figure out a solution to this query, how 'bout my second one- > enumerate every local account/group(non-default) on every local machine sam > in the domain? > > Thanks for all your help guys! > > > On 8/10/05, Phil Renouf <[EMAIL PROTECTED]> wrote: > > Upgrade your workstation to XP and run it from there? Install a VPC > > that is running XP and run it from there? > > > > Phil > > > > On 8/10/05, Tom Kern <[EMAIL PROTECTED]> wrote: > > > yeah, unfortunately, i'm saying there is not one xp box to be > > > seen... > > > > > > can this be done from a win2k box somehow? > > > thanks > > > > > > On 8/10/05, Grillenmeier, Guido <[EMAIL PROTECTED]> wrote: > > > > > the enviorment i work in is all win2k pro/server so GPMC is out. > > > > > > > > Are you saying you don't even have a single WinXP box in this > > > > environment? > > > > > > > > If you have one, you could still install GPMC on the XP client - > > > > this will work fine against a win2k AD. Then execute the > > > > "GetReportsForAllGPOs.wsf" script that comes with GPMC (typically > > > > in the "C:\Program Files\GPMC\Scripts" folder). > > > > > > > > This will dump all settings of all GPOs in a domain including the > > > > links where the GPOs are applied. > > > > > > > > /Guido > > > > > > > > > > > > -----Original Message----- > > > > From: [EMAIL PROTECTED] > > > > [mailto:[EMAIL PROTECTED] On Behalf Of Tom Kern > > > > Sent: Mittwoch, 10. August 2005 19:26 > > > > To: ActiveDir@mail.activedir.org > > > > Subject: Re: [ActiveDir] 2 quick favors > > > > > > > > Ok, I think i'm finding it impossible to create a VBScript or use > > > > a tool to enumerate all the settings which are enabled in all or a > > > > specific gpo in a win2k domain from a win2k workstation. > > > > > > > > am i correct? > > > > > > > > On 8/10/05, Tom Kern <[EMAIL PROTECTED]> wrote: > > > > > I get errors with this script- "the active directory property > > > > > cannot be found in the cache" > > > > > > > > > > I'm running win2k native mode domain. > > > > > > > > > > thanks. sorry to bother. > > > > > > > > > > On 8/10/05, Alain Lissoir <[EMAIL PROTECTED]> wrote: > > > > > > For 1/, try this one below. For 2/ I don't have one close but > > > > > > I'm > > > > sure some > > > > > > folks here can feed you ... > > > > > > > > > > > > The script doesn't dump in a text file, but that's an easy > > > > > > addition. > > > > HTH > > > > > > > > > > > > ' FindGPOLinks v1.04.vbs - Version 1.04 - Alain Lissoir ' > > > > > > ' WSH Script browsing the 'DefaultNamingContext' and the > > > > > > 'configurationNamingContext' > > > > > > ' to retrieve the Group Policies linked to AD objects. > > > > > > ' This should facilitate the search of created policies in the > > > > Active > > > > > > Directory. > > > > > > ' > > > > > > ' The script is using a basic LDAP access in the current user > > > > context, > > > > > > ' so, you should have enough rights to access AD objects. ' > > > > > > ' Change in version 1.04 > > > > > > ' > > > > > > ' - Add an error Handler in the "ShowMemberInfo" Private Sub > > > > > > ' > > > > > > ' Change in version 1.02 > > > > > > ' > > > > > > ' - Query the schema to get the property list associated to the > > > > > > 'groupPolicyContainer' class. > > > > > > ' - Display only the defined properties for that class. > > > > > > ' - For the defined properties, the scripts shows the syntax to be > > > > used by > > > > > > the property. > > > > > > ' - Take in account the fact that more than one policy can be > > > > defined at the > > > > > > container level. > > > > > > ' > > > > > > ' Change in version 1.01 > > > > > > ' > > > > > > ' - Add some code to bind to the GPLink LDAP Pointer to > > > > > > extract some properties. ' > > > > > > ' Any comments or questions: EMail:[EMAIL PROTECTED] > > > > > > > > > > > > Option Explicit > > > > > > > > > > > > Dim ObjRoot > > > > > > Dim Object > > > > > > Dim ObjMember > > > > > > > > > > > > ' > > > > > > > > > > ------------------------------------------------------------------ > > > > ------ > > > > ---- > > > > > > ------- > > > > > > WScript.Echo > > > > > > WScript.Echo "Looking inside 'configurationNamingContext'" Set > > > > > > objRoot = GetObject("LDAP://RootDSE") Object = > > > > > > objRoot.Get("configurationNamingContext") > > > > > > > > > > > > Call LookInsideObject (Object) > > > > > > > > > > > > Set Object = Nothing > > > > > > Set objRoot = Nothing > > > > > > > > > > > > ' > > > > > > > > > > ------------------------------------------------------------------ > > > > ------ > > > > ---- > > > > > > ------- > > > > > > WScript.Echo > > > > > > WScript.Echo "Looking inside 'DefaultNamingContext'" Set > > > > > > objRoot = GetObject("LDAP://RootDSE") Object = > > > > > > objRoot.Get("DefaultNamingContext") > > > > > > > > > > > > Call LookInsideObject (Object) > > > > > > > > > > > > Set Object = Nothing > > > > > > Set objRoot = Nothing > > > > > > > > > > > > WScript.Quit (0) > > > > > > > > > > > > ' > > > > > > > > > > ------------------------------------------------------------------ > > > > ------ > > > > ---- > > > > > > ------- > > > > > > Private Sub LookInsideObject (Object) > > > > > > > > > > > > Dim objMember > > > > > > Dim Member > > > > > > > > > > > > Set objMember = GetObject ("LDAP://" & Object) > > > > > > > > > > > > if objMember.Class <> "sitesContainer" And _ > > > > > > objMember.Class <> "container" And _ > > > > > > objMember.Class <> "configuration" _ > > > > > > Then Call ShowMemberInfo (objMember) > > > > > > > > > > > > For Each Member in objMember > > > > > > If Member.Class = "domainDNS" Or _ > > > > > > Member.Class = "organizationalUnit" Or _ > > > > > > Member.Class = "sitesContainer" Or _ > > > > > > Member.Class = "site" Or _ > > > > > > Member.Class = "container" _ > > > > > > Then Call LookInsideObject (Member.Name & "," & Object) > > > > > > Next > > > > > > > > > > > > Set objMember = Nothing > > > > > > > > > > > > End Sub > > > > > > > > > > > > ' > > > > > > > > > > ------------------------------------------------------------------ > > > > ------ > > > > ---- > > > > > > ------- > > > > > > Private Sub ShowMemberInfo (Object) > > > > > > > > > > > > Dim longStartPolicyPath > > > > > > Dim longEndPolicyPath > > > > > > Dim strPolicyPathSource > > > > > > Dim strPolicyPath > > > > > > > > > > > > Dim objPolicy > > > > > > Dim objPolicyClassDef > > > > > > Dim objPolicyProperty > > > > > > > > > > > > Dim strPropertyName > > > > > > > > > > > > Object.GetInfo > > > > > > > > > > > > If Object.GPLink = "" Then > > > > > > WScript.Echo Object.Name & " (" & Object.Class & ")" > > > > > > WScript.Echo "(No Group Policy Defined)" > > > > > > WScript.Echo > > > > > > End If > > > > > > > > > > > > strPolicyPathSource = Object.GPLink > > > > > > > > > > > > While (strPolicyPathSource <> "") > > > > > > > > > > > > WScript.Echo Object.Name & " (" & Object.Class & ")" > > > > > > > > > > > > ' Extract each LDAP pointer from the GPLink. > > > > > > longStartPolicyPath = InStr(1, strPolicyPathSource, "[", > > > > > > vbTextCompare) > > > > > > longEndPolicyPath = InStr(1, strPolicyPathSource, "]", > > > > vbTextCompare) > > > > > > strPolicyPath = Mid(strPolicyPathSource, > > > > > > longStartPolicyPath + > > > > 1, > > > > > > longEndPolicyPath - 4) > > > > > > strPolicyPathSource = Mid(strPolicyPathSource, > > > > longEndPolicyPath + 1) > > > > > > > > > > > > Set objPolicy = GetObject(strPolicyPath) > > > > > > > > > > > > objPolicy.GetInfo > > > > > > > > > > > > WScript.Echo "Found an existing Policy: '" & > > > > > > objPolicy.Get("displayName") & "' (" & objPolicy.Class & ")" > > > > > > WScript.Echo " GPLink=" & strPolicyPath > > > > > > > > > > > > Set objPolicyClassDef = GetObject (objPolicy.Schema) > > > > > > > > > > > > On error Goto ErrorHandler > > > > > > > > > > > > For Each strPropertyName In > > > > objPolicyClassDef.MandatoryProperties > > > > > > Set objPolicyProperty = GetObject > > > > (objPolicyClassDef.Parent > > > > > > + "/" + strPropertyName) > > > > > > WScript.Echo " " & strPropertyName & "=" & > > > > > > objPolicy.Get(strPropertyName) & " (" & > > > > > > objPolicyProperty.Syntax & > > > > ")" > > > > > > Set objPolicyProperty = Nothing > > > > > > Next > > > > > > > > > > > > For Each strPropertyName In > > > > objPolicyClassDef.OptionalProperties > > > > > > Set objPolicyProperty = GetObject > > > > (objPolicyClassDef.Parent > > > > > > + "/" + strPropertyName) > > > > > > WScript.Echo " " & strPropertyName & "=" & > > > > > > objPolicy.Get(strPropertyName) & " (" & > > > > > > objPolicyProperty.Syntax & > > > > ")" > > > > > > Set objPolicyProperty = Nothing > > > > > > Next > > > > > > > > > > > > Set objPolicyClassDef = Nothing > > > > > > > > > > > > Set objPolicy = Nothing > > > > > > > > > > > > WScript.Echo > > > > > > > > > > > > Wend > > > > > > > > > > > > Exit Sub > > > > > > > > > > > > ErrorHandler: > > > > > > > > > > > > WScript.Echo Err.Description & "(" & Err.Number & ")" > > > > > > Resume Next > > > > > > > > > > > > End Sub > > > > > > > > > > > > -----Original Message----- > > > > > > From: [EMAIL PROTECTED] > > > > > > [mailto:[EMAIL PROTECTED] On Behalf Of Tom > > > > > > Kern > > > > > > Sent: Wednesday, August 10, 2005 6:19 AM > > > > > > To: activedirectory > > > > > > Subject: [ActiveDir] 2 quick favors > > > > > > > > > > > > Does anyone know of a tool to enumerate all GPO's in a domain > > > > listing all > > > > > > the specific settings enabled that i can spit out to text > > > > > > file. the enviorment i work in is all win2k pro/server so GPMC > > > > > > is out. Also, gpotool doesn't seem to show specific links and > > > > > > what settings > > > > are > > > > > > enabled. > > > > > > > > > > > > Second question is, does anyone have a script that can > > > > > > enumerate all > > > > the > > > > > > local accounts and groups on domain memeber servers and > > > > workstations? > > > > > > > > > > > > Thanks a lot. > > > > > > I apologize for being so needy. > > > > > > List info : http://www.activedir.org/List.aspx > > > > > > List FAQ : http://www.activedir.org/ListFAQ.aspx > > > > > > List archive: > > > > http://www.mail-archive.com/activedir%40mail.activedir.org/ > > > > > > > > > > > > List info : http://www.activedir.org/List.aspx > > > > > > List FAQ : http://www.activedir.org/ListFAQ.aspx > > > > > > List archive: > > > > http://www.mail-archive.com/activedir%40mail.activedir.org/ > > > > > > > > > > > > > > > List info : http://www.activedir.org/List.aspx > > > > List FAQ : http://www.activedir.org/ListFAQ.aspx > > > > List archive: > > > > http://www.mail-archive.com/activedir%40mail.activedir.org/ > > > > List info : http://www.activedir.org/List.aspx > > > > List FAQ : http://www.activedir.org/ListFAQ.aspx > > > > List archive: > > > > http://www.mail-archive.com/activedir%40mail.activedir.org/ > > > > > > > List info : http://www.activedir.org/List.aspx > > > List FAQ : http://www.activedir.org/ListFAQ.aspx > > > List archive: > > > http://www.mail-archive.com/activedir%40mail.activedir.org/ > > > > > List info : http://www.activedir.org/List.aspx > > List FAQ : http://www.activedir.org/ListFAQ.aspx > > List archive: > > http://www.mail-archive.com/activedir%40mail.activedir.org/ > > > List info : http://www.activedir.org/List.aspx > List FAQ : http://www.activedir.org/ListFAQ.aspx > List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/ > List info : http://www.activedir.org/List.aspx > List FAQ : http://www.activedir.org/ListFAQ.aspx > List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/ > List info : http://www.activedir.org/List.aspx List FAQ : http://www.activedir.org/ListFAQ.aspx List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/
<<winmail.dat>>
