Collect information about workstations via Powershell
the Collection of information about workstations in Powershell.
This post will be dedicated to the work of writing scripts in Powershell. Next, I assume that the reader is already experienced with writing scripts in windows environment. So:
I had a task to collect some information on the user workstations in your organization. All of the stations in AD and the users that simplifies the task. Have a container where all the stations, so you need to walk at all, taking the information of interest, and display the result. If so, then I write the script. When writing, I try to do the script in parts. IMHO for me it's easier and clearer.
1. Need a list of stations. It is easy to take from this AD here's the team:
Get-ADComputer -filter * -SearchBase "OU=Computers,ou=some-OU,dc=some-dc,dc=ru"
It returns all objects from the container with all the properties etc. I didn't need everything and I picked out those that are not disabled (Diasabled). Put in the pipeline the cmdlet
Where-Object {$_.enabled-eq $true}
which will select objects where the enable is true, that is, they are included. Further, I don't need all the properties of each object, so I will only select the Name property (Name), put in the pipeline the cmdlet
Select-Object-Property Name
The list is still useful, so create from it an array $enablePCs. The final command will be like this
$enablePCs = Get-ADComputer -filter * -SearchBase "OU=Computers,ou=ru-moscow,ou=cee,dc=alico,dc=corp" | Where-Object {$_.enabled-eq $true} | Select-Object-Property Name
Now, if you type in the console $enablePCs, then the output will be a list of names of all the computers.
Next, you would think that with this list it is already possible to work, but no. Part of these computers is long gone, part off. So, we need to handle to sort the list on. I went in the following way: If the workstation name cannot be resolved into an ip address, so this station is already there, if you can, it can be pinging. If not pinged, it is likely that the station is off. Thus, it is possible to make a list of the currently active stations not to trytalking to the wall to refer to an inactive host. To resolve I used a method resolve for [System.net.dns]. Got this line:
$dnsresult = [System.Net.Dns]::resolve("$computername")
About $computername will be written next. After, you need to actually extract the ip address from the result
$ipaddress = $dnsresult.AddressList
Next, check your address for availability using standard system function [system.net.networkinformation.ping] applying the method send. The command is the following:
$pingfunc = (New-Object system.net.networkinformation.ping).send("$ipaddress")
The command returns a result, and if its status is success, the workstation is available, and it is possible to handle it. There is already to your taste, any available actions within your admin's powers. For example, I will show how I checked on what workstations installed Chrome:
$chrome = dir "\\$ipaddress\C$\Program Files (x86)\Google\Chrome\Application\chrome.exe"
if ($chrome ne $null) {write-host "Host $computername is reacheble, use Chrome, and have the ip $ipaddress"
$sumchrome++}
else {write-host "$computername is reacheble, do not use Chrome, and have the ip $ipaddress"
$pcwithoutchrome++}
Variables $sumchrome and $pcwithoutchrome need to count the total number of those or other stations. Now first look at the logic of the whole script.
<img src="
" alt="image"/>
Now the full script with comments.
$enablePCs = Get-ADComputer -filter * -SearchBase "OU=Computers,ou=someou,dc=somedomain,dc=corp" | Where-Object {$_.enabled-eq $true} | Select-Object-Property Name
$sumunresolvePC = 0
$sumchrome = 0
$sumreacheblePC = 0
$sumunreacheblePC = 0
$pcwithoutchrome = 0
foreach ( $i in $enablePCs ) #begin a series of processing objects in the array $enablePCs
{
$error.Clear() #clear the buffer of error Powershell
$erroractionpreference = "silentlycontinue" #suppress error output in the console
$dnsresult = 0
$computername = $i.name #extract the name of the station
$dnsresult = [System.Net.Dns]::resolve("$computername")
if (!$error) #condition, if the previous command was not completed with error
{
$ipaddress = $dnsresult.AddressList
$pingfunc = (New-Object system.net.networkinformation.ping).send("$ipaddress") #ping
{
$sumreacheblepc++ #plyusuem the total number of available stations
$chrome = dir \\$ipaddress\C$\Program Files (x86)\Google\Chrome\Application\chrome.exe #checking Chrome
If ($chrome ne $null) {write-host "Host $computername is reachable, use Chrome, and have the ip $ipaddress"
$sumchrome++ #plyusuem number of stations with Chrome
}
else {
Write-host "$computername is reachable, do not use Chrome, and have the ip $ipaddress"
$pcwithoutchrome++ #plyusuem number of stations without Chrome
}
}
else {
$sumunreacheblePC++ #plyusuem not all stations
Write-Host "Host $computername is unreachable now, and have the ip $ipaddress"
}
}
else
{$sumunresolvePC++ #plyusuem the number of unauthorized stations
write " I cannot resolve $computername :("}
}
Write-Host "Total enabled PC =" $enablePCs.count
Write-Host "Total PC with Chrome = $sumchrome"
Write-Host "Total reachable PC = $sumreacheblePC"
Write-Host "Total Unreachable PC = $sumunreacheblePC"
Write-Host "Total PC Without Chrome = $pcwithoutchrome"
write-host "Total unresolved PC = $sumunresolvepc"
Well, that's all. Check Chrome I described for an example. There you can include many checks, and other useful things, you cannot register in the logonscript. Powershell itself I just started to learn, if you have ideas on optimization, write, discuss.
Article based on information from habrahabr.ru
This post will be dedicated to the work of writing scripts in Powershell. Next, I assume that the reader is already experienced with writing scripts in windows environment. So:
I had a task to collect some information on the user workstations in your organization. All of the stations in AD and the users that simplifies the task. Have a container where all the stations, so you need to walk at all, taking the information of interest, and display the result. If so, then I write the script. When writing, I try to do the script in parts. IMHO for me it's easier and clearer.
1. Need a list of stations. It is easy to take from this AD here's the team:
Get-ADComputer -filter * -SearchBase "OU=Computers,ou=some-OU,dc=some-dc,dc=ru"
It returns all objects from the container with all the properties etc. I didn't need everything and I picked out those that are not disabled (Diasabled). Put in the pipeline the cmdlet
Where-Object {$_.enabled-eq $true}
which will select objects where the enable is true, that is, they are included. Further, I don't need all the properties of each object, so I will only select the Name property (Name), put in the pipeline the cmdlet
Select-Object-Property Name
The list is still useful, so create from it an array $enablePCs. The final command will be like this
$enablePCs = Get-ADComputer -filter * -SearchBase "OU=Computers,ou=ru-moscow,ou=cee,dc=alico,dc=corp" | Where-Object {$_.enabled-eq $true} | Select-Object-Property Name
Now, if you type in the console $enablePCs, then the output will be a list of names of all the computers.
Next, you would think that with this list it is already possible to work, but no. Part of these computers is long gone, part off. So, we need to handle to sort the list on. I went in the following way: If the workstation name cannot be resolved into an ip address, so this station is already there, if you can, it can be pinging. If not pinged, it is likely that the station is off. Thus, it is possible to make a list of the currently active stations not to try
$dnsresult = [System.Net.Dns]::resolve("$computername")
About $computername will be written next. After, you need to actually extract the ip address from the result
$ipaddress = $dnsresult.AddressList
Next, check your address for availability using standard system function [system.net.networkinformation.ping] applying the method send. The command is the following:
$pingfunc = (New-Object system.net.networkinformation.ping).send("$ipaddress")
The command returns a result, and if its status is success, the workstation is available, and it is possible to handle it. There is already to your taste, any available actions within your admin's powers. For example, I will show how I checked on what workstations installed Chrome:
$chrome = dir "\\$ipaddress\C$\Program Files (x86)\Google\Chrome\Application\chrome.exe"
if ($chrome ne $null) {write-host "Host $computername is reacheble, use Chrome, and have the ip $ipaddress"
$sumchrome++}
else {write-host "$computername is reacheble, do not use Chrome, and have the ip $ipaddress"
$pcwithoutchrome++}
Variables $sumchrome and $pcwithoutchrome need to count the total number of those or other stations. Now first look at the logic of the whole script.
<img src="
" alt="image"/>Now the full script with comments.
$enablePCs = Get-ADComputer -filter * -SearchBase "OU=Computers,ou=someou,dc=somedomain,dc=corp" | Where-Object {$_.enabled-eq $true} | Select-Object-Property Name
$sumunresolvePC = 0
$sumchrome = 0
$sumreacheblePC = 0
$sumunreacheblePC = 0
$pcwithoutchrome = 0
foreach ( $i in $enablePCs ) #begin a series of processing objects in the array $enablePCs
{
$error.Clear() #clear the buffer of error Powershell
$erroractionpreference = "silentlycontinue" #suppress error output in the console
$dnsresult = 0
$computername = $i.name #extract the name of the station
$dnsresult = [System.Net.Dns]::resolve("$computername")
if (!$error) #condition, if the previous command was not completed with error
{
$ipaddress = $dnsresult.AddressList
$pingfunc = (New-Object system.net.networkinformation.ping).send("$ipaddress") #ping
{
$sumreacheblepc++ #plyusuem the total number of available stations
$chrome = dir \\$ipaddress\C$\Program Files (x86)\Google\Chrome\Application\chrome.exe #checking Chrome
If ($chrome ne $null) {write-host "Host $computername is reachable, use Chrome, and have the ip $ipaddress"
$sumchrome++ #plyusuem number of stations with Chrome
}
else {
Write-host "$computername is reachable, do not use Chrome, and have the ip $ipaddress"
$pcwithoutchrome++ #plyusuem number of stations without Chrome
}
}
else {
$sumunreacheblePC++ #plyusuem not all stations
Write-Host "Host $computername is unreachable now, and have the ip $ipaddress"
}
}
else
{$sumunresolvePC++ #plyusuem the number of unauthorized stations
write " I cannot resolve $computername :("}
}
Write-Host "Total enabled PC =" $enablePCs.count
Write-Host "Total PC with Chrome = $sumchrome"
Write-Host "Total reachable PC = $sumreacheblePC"
Write-Host "Total Unreachable PC = $sumunreacheblePC"
Write-Host "Total PC Without Chrome = $pcwithoutchrome"
write-host "Total unresolved PC = $sumunresolvepc"
Well, that's all. Check Chrome I described for an example. There you can include many checks, and other useful things, you cannot register in the logonscript. Powershell itself I just started to learn, if you have ideas on optimization, write, discuss.
Комментарии
Отправить комментарий