Get Symantec Version from Registry - Remote machines

# to read registry and output Symantec version

# you can also use this script to get any registry from machines

$HKLM = 2147483650 #HKEY_LOCAL_MACHINE

# Attribute declaration 

$SERVERS = get-content "C:\temp\Hosts.txt"

# place your machines IP or names on this file

foreach($Serv in $SERVERS)

{

         $reg = [wmiclass]'\\'+$Serv+'\root\default:StdRegprov'

         $key = "SOFTWARE\Symantec\Symantec Endpoint Protection\CurrentVersion" | Select                   productversion"

        $value = "productversion"

       

        $reg.GetStringValue($HKLM, $key, $value)  

## REG_SZ
}

Working with VBScript Variable

Description

Most modern programming languages use the concept of variables, items that are used as placeholders or storage for values and information, VBScript is no different.
Naming Restrictions

VBScript enforces some standard rules that apply to variable names:

• They must begin with an alpha character (A...Z)
• The must be less than 256 characters in length
• They can not contain embedded periods (".")
• They are case sensitive (i.e. "String", "STRING" and "string" all refer to different variables)
• Must be unique in the scope in which it is declared

Variable Types

Since not all data is the same VBScript includes a range of variable types for storing different types of data. The table below summarizes the types available.

Subtype
Boolean ==> Contains either True or False
Byte ==> Contains integer in the range 0 to 255
Currency ==> Floating-point number in the range -922,337,203,685,477.5808 to 922,337,203,685,477.5807
Date(Time) ==> Contains a number that represents a date between January 1, 100 to December 31, 9999
Double ==> Contains a double-precision, floating-point number in the range -1.79769313486232E308 to -4.94065645841247E-324 for negative values; 4.94065645841247E-324 to 1.79769313486232E308 for positive values
Empty ==> Uninitialized Variant
Error ==> Contains an error number used with runtime errors
Integer ==> Contains integer in the range -32,768 to 32,767
Long ==> Contains integer in the range -2,147,483,648 to 2,147,483,647
Null ==> A variant containing no valid data
Object ==> Contains an object reference
Single ==> Contains a single-precision, floating-point number in the range -3.402823E38 to -1.401298E-45 for negative values; 1.401298E-45 to 3.402823E38 for positive values
String ==> Contains a variable-length string that can be up to approximately 2 billion characters in length

Declaring Variables

VBSCript supports both explicit and implicit variable declarations. To declare a variable explicitly you use the Dim keyworrd, for example:

Dim strVariable
strVariable = "This is a string"

You can also declare multiple variables by separating each variable name with a comma. For example:

Dim name, url, email

You can declare a variable implicitly by simply using its name in a script, without first using the Dim keyword.

Although declaring a variable implicitly may seem simpler it can lead to problems if one or more variables are misspelled. This could lead to unexpected results when the script was run, because the variable names would not be checked to make sure they are valid.

The use of the Option Explicit statement forces all variables to be explicitly declared before use.

Example

Option ExplicitDim strVariable 'declare the variablestrVariable = "This is a string" 'assign a valueWScript.echo strVariable 'display the variable

Get System Properties of Remote machines from CSV

On error resume Next

Set WshNetwork = WScript.CreateObject("WScript.Network")
strFileName = "C:\" & WshNetwork.ComputerName & "_Software_Details.xls"
strComputer = "."
Set objWMIService = GetObject("winmgmts:\\" & strComputer & "\root\cimv2")
Set objfso = CreateObject("Scripting.FileSystemObject")
set sf = objfso.OpenTextFile("C:\" & WshNetwork.ComputerName & "_Software_Details.csv",2,True)
Set colSoftware = objWMIService.ExecQuery ("Select * from Win32_Product")'
Set colSettings = objWMIService.ExecQuery ("Select * from Win32_OperatingSystem")
'Software Information'
'sf.WriteLine("SOFTWARE LIST")
'sf.WriteLine("=============")
For Each objSoftware in colSoftware
sf.WriteLine(objSoftware.Caption)
Next


Wscript.sleep 30000

Dim objOutl
Set objOutl = CreateObject("Outlook.Application")
Set objMailItem = objOutl.CreateItem(olMailItem)
'comment the next line if you do not want to see the outlook window
objMailItem.Display
strEmailAddr  = "shankar.sahu@tcs.com"
objMailItem.Recipients.Add strEmailAddr
objMailItem.Body = "Details of Machines"
objMailItem.Subject = "Daily Report"
objMailItem.Attachments.Add "C:\" & WshNetwork.ComputerName & "_Software_Details.csv"
'objMailItem.Attachments.Add "C:\" & WshNetwork.ComputerName & "_Hardware_Details.xls"
objMailItem.Send
Set objMailItem = nothing
Set objOutl = nothing

Script to list users of local computer with last logon date/time - sorted

Details - Sometime you need to list of users with last login time to system. It is bit difficult to get with security events/audit. This script will list all users who has logged on system and their last login time. 

Catch - NTUSER.DAT file is created with every profile once user login. Script check modified date of this file and then use bubble sort to arrange it and present.

'''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''
' File - Check_User.vbs
' Author - Shankar Sahu
' Date - 09/06/2015
' Description - To Check users of local computer with last logon date/time
''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''

'Option Explicit
'===============================================================
'To check the OS version
'===============================================================

Dim strComputer, objWMIService, objItem,colItems, OSVersion, Shell, OSName, FPath, sysdrive
Set Shell = CreateObject("Wscript.Shell")
sysdrive = Shell.ExpandEnvironmentStrings("%SYSTEMDRIVE%")
strComputer = Shell.ExpandEnvironmentStrings("%computername%")
Set objWMIService = GetObject("winmgmts:\\" & strComputer & "\root\CIMV2")
Set colItems = objWMIService.ExecQuery("SELECT * FROM Win32_OperatingSystem",,48)
For Each objItem in colItems
OSVersion = Left(objItem.Version,3
'Case to convert number to Name

Select Case OSVersion
Case "6.2"
OSName = "Windows 8"
FPath = sysdrive+"\Users"
Case "6.1"
OSName = "Windows 7"
FPath = sysdrive+"\Users"'WScript.Echo FPath
Case "6.0"
OSName = "Windows 2008"
FPath = sysdrive+"\Users"
Case "5.2"
OSName = "Windows 2003"
FPath = sysdrive+"\Documents and Settings"
Case "5.1"
OSName = "Windows XP"
FPath = sysdrive+"\Documents and Settings"
Case "5.0"
OSName = "Windows 2000"
FPath = sysdrive+"\Documents and Settings"
Case "4.0"
OSName = "Windows NT 4.0" 
FPATH = sysdrive+"\Documents and Settings"
Case Else
OSName = "Newer/Old Version"
FPath = sysdrive+"\Users"
End Select
Next

'===============================================================
'To Find the Recent Modified file in Folders and Sub Folders
'===============================================================
Dim strFolder, objFolder, objFile, dtmDate , objFSO , recentFile, ModifiedDate
Dim strLog, objLog , fc, Fusers , FSOpath , File , ModDate
Dim Day,today, indexi ,index
Dim fordisp

'Iteration Through the Sub Folders
strFolder = FPath
Set recentFile = Nothing

Set objFSO = CreateObject("Scripting.FileSystemObject")
Set objFolder = objFSO.GetFolder(strFolder)
Set fc = objFolder.SubFolders 
indexi = 0
For Each Fusers in fc
indexi=indexi+1
Next

Redim arr(indexi,1)
indexy = 0


For Each Fusers in fc
objFolder= FPath & "\" & Fusers.Name
'WScript.Echo ObjFolderSet
objFSO = CreateObject("Scripting.FileSystemObject")
Set FSOpath = objFSO.GetFolder(objFolder)
File = FSOpath + "\NTUSER.DAT"'
WScript.Echo " " & File
If(objFSO.FileExists(File)) then
Set objFile = objFSO.GetFile(File+"")
arr(indexy,0)=objFile.DateLastModified
arr(indexy,1)=Fusers.Name
indexy=indexy+1
End If
Next

'===============================================================
'Sorting 
'===============================================================
'Sorting Multidimensional array in Descending order

Dim i , j , Temp, Temp1
For i=0 to indexi
For j=1 to indexi-1
if arr(i,0) > arr(j,0) then
Temp=arr(j,0)
Temp1=arr(j,1)
arr(j,0)=arr(i,0)
arr(j,1)=arr(i,1)
arr(i,0)=Temp
arr(i,1)=Temp1
End If
Next
Next
j=indexi
For i=0 to indexi-1
Wscript.Echo "OK: The user " & arr(i,1) &" had logged this machine at "& formatDate(arr(i,0)) 
' Displaying Data
j=j-1
Next


'===============================================================
'Custom Sub to check the latest file in the Folders & Sub Folders - Not Used
'===============================================================
Sub EnumFiles(ByVal objParent)
Dim objChild , recentFile 
recentFile=False
For Each objFile in objParent.Files
If not recentFile Then
recentFile = False
ElseIf (objFile.DateLastModified > recentFile.DateLastModified) Then
Set recentFile = True
End If
If not recentFile Then
WScript.Echo recentFile & " " & recentFile.DateLastModified
Else
WScript.Echo recentFile & " " & recentFile.DateLastModified
End If
Next
For Each objChild in objParent.SubFolders
Call EnumFiles(objChild)
Next
End Sub

'===============================================================
'As No built function to customize Date & Time Format
'===============================================================
Public Function formatDate(sDate)
Dim String2, indexNum, sDay, sMonthYear, sMonth, sYear, sHour ,sMinute,sSec
sYear = Year(sDate) 
sMonth = LPad(Month(sDate), "0", 2) 
String2 = FormatDateTime(sDate, vbShortDate)
indexNum = inStr(String2, "/")
'sDay = Left(sDate, indexNum - 1) 
sHour = LPad(Hour(sDate), "0", 2)
sDay = LPad(DatePart("d", sDate), "0", 2) 
sMinute = LPad(Minute(sDate), "0", 2)
sSec = LPad(Second(sDate), "0", 2) 
formatDate = sYear & "-" & sMonth & "-" + sDay + " " & sHour & ":" & sMinute & ":" & sSec 
End Function

Function LPad (str, pad, length)
LPad = String(length - Len(str), pad) & str
End Function

Windows Powershell Workflow

A Powershell Workflow is the Powershell implementation of the WWF (Windows workflow FrameWork). It brings a cool set of functionalities such as the possibilities to execute code in parallel, to create scripts that are persist to reboot, and lot’s of other neat things.

A workflow comprises a series of programming steps called activities. Workflows are integrated into Windows PowerShell thorough a set of extensions to the Windows PowerShell scripting language. One of these extensions is the workflow keyword. A workflow is defined by the workflow keyword followed by the name and the body of the workflow. In addition, Windows PowerShell provides a built-in library of activities.

A script workflow is a workflows written in the Windows PowerShell language.

Windows Workflow Foundation make life easier, it used simple and easy techniques to automate things that take a long time, it work to simplify operation against a very large scale, and that require the coordination of multiple steps across multiple machines.

Powershell Workflow works with robust multi-machine commands(Remote Commands). For Devops and administrators workflow is chance to get ride of all repetitive tasks.

Microsoft has integrated Workflow with powershell on March, 2012.

With WPW(Windows Powershell Workflow), Microsoft tried to bring an influence and new way to handle multiple computers via remote scripting on large scale. Powershell Workflow can help you to execute to action on computers where with failed network connections, reboots, and system crashes. It reduces complexity to manage large environment where administrator find very difficult to handle repetitive task.

Workflow is implemented with such an ease that users would be able to achieve simple cmdlets which will do their jobs in quick and on flow implementation.With PW, administrations will achieve performance as well as scalability without imposing a lot of complexity on the user.It Provides workflow hosting and execution functionality and it is considered as one of extensible point.

With existing PS Administrators/Devops( PS 3.0 and Above), Workflow is available with following :

* Workflow management through job cmdlets
* Provide a built in library of management tasks
* workflow as scripts and hosting on your environment

Workflow are defined by using workflow command, Examples

Workflow Awesome_WF
{
# Awesome Commands
}

With workflow commands you can write workflow, but some of the other commands are also useful to complete you job.

• PsPersist
• Parallelism
  • Parallel
  • Foreach -Parallel
• Sequence
• InlineScript

Also, workflows have particular scoping possibilities

• $Using
• $Workflow

With parallel process command and checkpoint you can off course use various things and make life easier.

#The following workflow will move text files in parallel from one specific location to another.WorkFlow Move-Files
{
Param($Source,$Destination)
$Files=Get-ChildItem $Source-Filter"*.txt"
Foreach-parallel($Filein$Files)
{
Move-Item $file.FullName -Destination $Destination
}
}

# Execution Remote computer
Move-Files -PSComputerName "CORE-SVR-1" -AsJob