Paging Sherry.... help
From: [email protected] [mailto:[email protected]] On Behalf Of Krueger, Jeff Sent: Wednesday, April 22, 2015 2:05 PM To: [email protected] Subject: [mssms] Configuration Item to check printer connections in each profile on a PC Hoping someone has done something like this before where you need to loop through the user profiles and look for something in their registry hive. I've made Configuration Item that runs a powershell script that checks for connections to a particular print server. It does a reg load on each user's profile and then checks for reg keys pointing to the server we're interested in. I'm getting inconsistent results, the configuration item is checking for a Boolean value returned by the script, if it's false then the machine is compliant. But I'm getting non-compliant results for machines I know shoul d evaluate as compliant. The script is below, if anyone has a simpler way to accomplish this, that would be super helpful. #Create New PS Drive to access the user Keys New-PSDrive -PSProvider Registry -Name HKU -Root HKEY_USERS | Out-Null Set-Location HKU: #Create empty array to which we will add our list of wrong printer connections $BadPrinters = @() #Gets the current user's SID to look for printers $strCurrentUser = (Get-WmiObject Win32_ComputerSystem -Computer ".").UserName $objCurrentUser = New-Object System.Security.Principal.NTAccount($strCurrentUser) $strCurrentUserSID = ($objCurrentUser.Translate([System.Security.Principal.SecurityIdentifier])).Value $PrintServer = '*PrintServer01*' #Lookup the printer in the current user hive $GetKey = Test-Path .\$strCurrentUserSid\Printers\Connections IF ($GetKey -eq $true) { $BadPrintServer = Get-ChildItem -Path .\$strCurrentUserSid\Printers\Connections | Where-Object {$_.Name -like $Printserver} Foreach ($badconnects in $BadPrintServer) { $BadPrinters += "$badconnects" } } #Exclude users from list of profiles we will load $strUserName = ((Get-WmiObject Win32_ComputerSystem -Computer ".").UserName).Split('\')[1] $ExcludedUsers = @($strUserName, 'ADMINI~1', 'Public') #Reg load each user profile and check for the printers $GetUsersToLoad = Get-ChildItem -path "$env:SystemDrive\Users" -Exclude $ExcludedUsers $UserList = @() Foreach ($user in $GetUsersToLoad) { $UserList += $user.Name } Foreach ($profile in $UserList) { &Reg.exe Load HKU\$Profile c:\users\$Profile\ntuser.dat | Out-Null Start-Sleep -s 3 $TempGetKey = Test-Path HKU:\$Profile\Printers\Connections IF ($TempGetKey -eq $true) { $TempBadPrintServer = Get-ChildItem -Path HKU:\$Profile\Printers\Connections | Where-Object {$_.Name -like $PrintServer} Foreach ($connection in $TempBadPrintServer) { IF ($connection -ne $Null) { $BadPrinters += $connection.ToString() Remove-Variable connection } } Remove-Variable TempBadPrintServer } Remove-Variable TempGetKey [gc]::Collect() Try{ & cmd /c Reg.exe Unload HKU\$Profile 2>&1 | Out-Null } Catch{} Start-Sleep -s 3 cd HKU: } cd c: Remove-PSDrive HKU $BadPrinters.count -gt '0' Jeff Krueger [email protected]<mailto:[email protected]> IT - Henry Ford Health System 248.853.4466 ________________________________ CONFIDENTIALITY NOTICE: This email contains information from the sender that may be CONFIDENTIAL, LEGALLY PRIVILEGED, PROPRIETARY or otherwise protected from disclosure. This email is intended for use only by the person or entity to whom it is addressed. If you are not the intended recipient, any use, disclosure, copying, distribution, printing, or any action taken in reliance on the contents of this email, is strictly prohibited. If you received this email in error, please contact the sending party by reply email, delete the email from your computer system and shred any paper copies. Note to Patients: There are a number of risks you should consider before using e-mail to communicate with us. See our Privacy & Security page on www.henryford.com<http://www.henryford.com> for more detailed information as well as information concerning MyChart, our new patient portal. If you do not believe that our policy gives you the privacy and security protection you need, do not send e-mail or Internet communications to us.
