C++/VB - enumerating all of the services using the <fill-in-the-blank> Account for credentials (aka: StartName)
Asked By Cary Shultz
07-Feb-10 08:38 PM
Good evening.
I am trying to determine what - if any - services are running under the
context of the 'Administrator account. I have the following VERY basic
script:
'==================================================================================================
'
' VBScript Source File
'
' NAME: Services-Admin.VBS
' VERSION: 1.0
' COMPANY: outsourceIT
' CREATE DATE : 02/05/2010
' LAST MODIFIED : n/a
'==================================================================================================
' COMMENT: This script will list all Services running under the context of
the Administrator on the local Server
'==================================================================================================
strComputer = "."
Set objWMIService = GetObject("winmgmts:" _
& "{impersonationLevel=impersonate,authenticationLevel=Pkt}!\\" &
strComputer & "\root\cimv2")
Set colServices = objWMIService.ExecQuery("SELECT * FROM Win32_Service WHERE
StartName = '.\\administrator'",,48)
Set objFSO = CreateObject("Scripting.FileSystemObject")
Set objTS = objFSO.CreateTextFile("C:\temp\#Services.txt")
objTS.WriteLine "........................................................"
objTS.WriteLine "....................SERVICES RUNNING...................."
objTS.WriteLine "........................................................"
objTS.WriteLine ()
objTS.WriteLine ()
For Each objService in colServices
objTS.WriteLine "Service name: " & objService.Displayname
objTS.WriteLine "Start Mode: " & objService.StartMode
objTS.WriteLine "Service State: " & objService.State
objTS.WriteLine "Credentials: " & objService.StartName
objTS.WriteLine ()
objTS.WriteLine ()
Next
This does not run correctly. What does that mean? It means that the output
file has the top five lines ("Services Running") but nothing underneath it
(no services listed).
If I change the following line:
Set colServices = objWMIService.ExecQuery("SELECT * FROM Win32_Service WHERE
StartName = '.\\administrator'",,48)
to
Set colServices = objWMIService.ExecQuery("SELECT * FROM Win32_Service WHERE
StartName = 'MYDOMAIN\\administrator'",,48)
it is golden. I get the five services listed (with the four lines from the
script) that are using the Administrator account.
However, we have management software on all of the servers in all of the
environments that we manage. I would prefer to have something 'generic'
that will work in all environments.
How do I accomplish this?
Thank you!
Cary
ObjWMIService
(1)
VBScript
(1)
ObjFSO
(1)
CreateObject
(1)
OutsourceIT
(1)
GetObject
(1)
StartName
(1)
ObjTS
(1)
LikeToCode replied to Cary Shultz
Will this work for you? You could add an "Input Box" to this script to charge
the variable "strDomain" with what ever domain you will be running it in.\
Option Explicit
Dim objWMIService, colServices, objFSO, objTS, objService, strComputer,
strDomain
strDomain = "MYDOMAIN"
strComputer = "."
Set objWMIService =
GetObject("winmgmts:{impersonationLevel=impersonate,authenticationLevel=Pkt}!\\" & strComputer & "\root\cimv2")
Set colServices = objWMIService.ExecQuery("SELECT * FROM Win32_Service")
Set objFSO = CreateObject("Scripting.FileSystemObject")
Set objTS = objFSO.CreateTextFile("C:\Services.txt")
objTS.WriteLine "........................................................"
objTS.WriteLine "....................SERVICES RUNNING...................."
objTS.WriteLine "........................................................"
objTS.WriteBlankLines(2)
For Each objService in colServices
If objService.StartName = ".\Administrator" Then
objTS.WriteLine "Service name: " & objService.Displayname
objTS.WriteLine "Start Mode: " & objService.StartMode
objTS.WriteLine "Service State: " & objService.State
objTS.WriteLine "Credentials: " & objService.StartName
objTS.WriteBlankLines(2)
ElseIf objService.StartName = strDomain & "\Administrator" Then
objTS.WriteLine "Service name: " & objService.Displayname
objTS.WriteLine "Start Mode: " & objService.StartMode
objTS.WriteLine "Service State: " & objService.State
objTS.WriteLine "Credentials: " & objService.StartName
objTS.WriteBlankLines(2)
End If
Next
objTS.Close()
Set objFSO = Nothing
Set colServices = Nothing
Cary Shultz replied to LikeToCode
LikeToCode,
Normally, yes - it would work....Thank you for the tip.
But, we install a small piece of software on all of the machines (servers
and workstations) that we manage and we have a "Scripting" center which
allows us to upload scripts that can then be run against all machines (if
desired). Thus, the need for a generic script that does not require
specifics (we manage a lot of environments...).
Thanks,
Cary
LikeToCode replied to Cary Shultz
Try replacing your query statement with the following.
Set colServices = objWMIService.ExecQuery("SELECT * FROM Win32_Service WHERE
StartName LIKE '%Administrator'",,48)
Cary Shultz replied to LikeToCode
That did it....thank you very much. I just learned something today....
LikeToCode replied to Cary Shultz
WMI queries can use limited SQL syntax.
Sorry my first post was off base, it was late and post Super Bowl. I should
have gone to bed!!
--
have been talking." ??? Aristotle
Cary Shultz replied to LikeToCode
No worries....I did not disclose all details (my posts are long enough!) so
your first answer was a good one. Your second answer was - for my
purposes - even better!
Thank you again.
installed on my machine. I was using the code below StrComputer = "." Function DispList(StrComputer) DIM objFSO, objWMIService, colSoftware, objSoftware Set objFSO = CreateObject("Scripting.FileSystemObject") DIM OutputFile DIM objFile OutputFile = "D: \ output.txt" Set objFile = objFSO.CreateTextFile(OutputFile) objFile.WriteLine "Software list for " & StrComputer Set objWMIService = GetObject("winmgmts: \ " & StrComputer & " \ root \ cimv2") Set colSoftware objWMIService.ExecQuery ("Select * from Win32_Product where Name like 'Microsoft Office%'") objFile.WriteLine "Name " & vbtab & "Version " For Each objSoftware in colSoftware objFile.WriteLine objSoftware.Name & ", " & objSoftware.Version & Next Set objFile = Nothing Set objFSO = Nothing End function When running the code i get error at RegOwner and RegCompany which says Code: 800A01B6 Please let me know how can i get the details VBScript Discussions Windows XP (1) Windows Server 2003 (1) Office (1) Vista (1) Error (1) ObjWMIService
Does exist a search-function in wmi or vb? thank u for your help mark VBScript Discussions ObjWMIService (1) ObjFileLOG (1) VBScript (1) ObjFSO (1) CreateObject (1) McManigle (1) GetObject (1) StrCompnm (1) It is fairly easy to create VBScript code to use the File System Object (FSO) to recurse through a drive or some you won't find the word link in the help file's index. -Paul Randall '################################################################### '###VBScript written to search the local computer for file ######### '###extension set by strextension. it assumes local strExtension &"_srch.csv" Dim strtmparg ' Checking for logfile, if there, append, if not, create Set objFSO = CreateObject("Scripting.FileSystemObject") If objFSO.FileExists(logfile) Then Call Errlog(logfile, objFileLOG) Else Set objFileLOG = objFSO.CreateTextFile(logfile) End If
VBScript not running C++ / VB I wrote a VBSCRIPT to take a backup & clear the event log as per our needs, The script is win2000 server boxes. Please some one help me to isolate this problem. Thanks in advance VBScript Discussions WshNetwork.RemoveNetworkDrive (1) WshNetwork.MapNetworkDrive (1) Scripting.FileSystemObject (1) ObjWMIService.ExecQuery (1) WScript.CreateObject (1) Office (1) ObjLogFile.BackupEventLog (1) ObjLogFile.ClearEventLog (1) Can't CreateObject("WScript.Network") WshNetwork.MapNetworkDrive "Z:", " \ chnwsora14 \ eventlog" 'Create Hostname folder strRoot = "Z: \ " & GetComputerName Set objFSO = CreateObject("Scripting.FileSystemObject") If objFSO.FolderExists(strRoot) then WScript.Echo "Folder " & strRoot &_ Else objFSO.CreateFolder("Z: \ " & GetComputerName) End If 'removing mapped dirve set WshNetwork = WScript.CreateObject("WScript.Network") WshNetwork WScript.Network") WshNetwork.MapNetworkDrive "Z:", " \ chnwsora14 \ eventlog" & " \ " & GetComputerName 'Create Year folder strRoot = "Z: \ " & Y Set objFSO = CreateObject("Scripting.FileSystemObject") If objFSO.FolderExists(strRoot) then WScript.Echo "Folder " & strRoot &_ Else objFSO
the other attributes but not compression. Shouldn't it be as easy as: Dim objFolder, objFSO Set objFSO = CreateObject("Scripting.FileSystemObject") Set objFolder = objFSO.GetFolder("C: \ Scripts") objFolder.Attributes = 2048 I don't get any errors, just nothing happens I can hide the folder and turn on the archive flag using this method. VBScript Discussions Scripting.FileSystemObject (1) ObjWMIService.ExecMethod (1) ObjFSO.GetFolder (1) ObjWMIService (1) ObjFSO (1) ObjFolder.Attributes (1) ObjOutParams (1) CreateObject (1) This vb program (easily found with google
How to execute remote vbscript C++ / VB First things first. . . . . . . I'm trying to get a list of network mapped script runs and tries to execute a script on each workstation - -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- Function findprinters(strcomputer) Set objFSO = CreateObject("Scripting.FileSystemObject") objFSO.CopyFile "C: \ Scripts \ printers_local.vbs", " \ " & strcomputer & Set objWMIService = GetObject ("winmgmts: \ " & ' Set objWMIService = GetObject("winmgmts:" & objWMIService.Create "cscript.exe c: \ admin \ printers_local.vbs", null, null, intProcessID wscript.sleep(2000) End Function local vbs script on workstations that puts printers into a file - -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- strComputer = "." Set objFSO = CreateObject("Scripting.FileSystemObject") Set objTextFile = objFSO.OpenTextFile(" \ nywpsmsm03 \ printer_logs \ " & Set objWMIService = GetObject("winmgmts:" & Set colPrinters = objWMIService.ExecQuery("Select * From Win32_Printer") For