Life of a techno-guru
Thursday, May 18, 2006
  Adding Time Servers to Windows XP
Windows XP normally only has two time servers configured. Actually, on the fresh installation of XP Media Center Edition that came on my new Inspiron e1705 had a few additional ones as well, but nonetheless, I was curious to know if there was a way to permanently add additional time servers. While I was working on a completely unrelated project this morning, however, I found a registry key that would allow you to do just this. If you're looking for the DNS addresses of additional time servers, I recommend doing a Google search for time servers, or try here or here. Following below are the directions you'll need to add these DNS addresses to your computer to synchronize with:

  1. Open the Registry Editor by choosing Start --> Run ... --> type "regedit" in the prompt, and press OK
  2. Navigate your way through the registry tree to this location: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\DateTime\Servers
  3. Create a new REG_SZ (string value) by right-clicking in the right-hand pane, select New --> String Value and make sure to use a integer as its name. The way this works is that the lowest numbered value shows up at the top of the NTP time server list in the Windows Date/Time utility
  4. Open the reg key and type in the Fully Qualified Domain Name (FQDN) of the NTP server you'd like to use
  5. Open the Date/Time Windows utility by right-clicking the systray and click "Adjust Date/Time"
  6. Go to the Internet Time tab and select the new NTP server you added to the registry
As you can see, there are quite a few things that you may not normally think of sitting in the registry, you just have to find them. Later on when you do happen across them, you think ... hey I always wondered how to do that! :)
 
Tuesday, May 16, 2006
  Enumerate Administrators
Well, here's a script that pulls a list of computers from your Active Directory domain, connects to each computer, and enumerates a list of users, groups, or computer accounts that have local administrative permissions. When I wrote this script, I had in mind security auditing, as I wanted to make sure that no one who didn't need Administrator privileges, didn't have them. The script will also echo out the user currently logged onto each computer. For terminal servers, this will only show one user, but it was designed with single-logon XP clients after-all, so don't be picky :)

If you have any trouble running this script, feel free to let me know. I designed it be cross-domain compatible so that I could post it up here and anyone could use it. I welcome any comments, questions, and constructive criticism; I'm always looking for ideas on how to make some cool new script. Anyway, without further to do, here is the script:


'Computers array
dim computers
'Computers that weren't accessible
dim bad

set objAD = GetObject("LDAP://RootDSE")
domain = objAD.Get("DefaultNamingContext")
set objAD = GetObject("LDAP://" & domain)
objAD.filter = array("computer","organizationalUnit")

getComputers(objAD)
computerlist = split(computers)

for i = 0 to ubound(computerlist)-1
if isAlive(computerlist(i)) then enumAdmins(computerlist(i))
next

'==================FUNCTION==================
'Name/Params: getComputers(pcname)
'Purpose: Connect to computer, grab local Administrators group, and echo out members
'==============================================
function getComputers(objAD)
for each adobj in objAD
if adobj.class = "organizationalUnit" then
'The replace here fixes up any OUs that might have slashes in the names
set ou = GetObject("LDAP://" & replace(adobj.distinguishedName,"/","\/"))
getComputers(ou)
elseif adobj.class = "computer" then
pcname = right(adobj.name,len(adobj.name)-3)
computers = computers & pcname & " "
end if
next
end function

'==================FUNCTION==================
'Name/Params: enumAdmins(pcname)
'Purpose: Connect to computer, grab local Administrators group, and echo out members
'==============================================
function enumAdmins(pcname)
on error resume next
set computer = GetObject("WinNT://" & pcname & "/Administrators")
if err.number <> 0 then
bad = bad & pcname & " "
else
set users = computer.Members()
wscript.echo "##### " & pcname & " (" & getLoggedOnUser(pcname) & ") #####"

for each user in users
wscript.echo user.name
next
end if

Err.clear
end function

'==================FUNCTION==================
'Name/Params: getLoggedOnUser(pcname)
'Purpose: Connect to computer, grab currently logged on user and return value
'==============================================
function getLoggedOnUser(pcname)
on error resume next
set objWMI = GetObject("winmgmts:\\" & pcname & "\root\cimv2:win32_computersystem")

if err.number = 0 then
set results = objWMI.Instances_
for each obj in results
getLoggedOnUser = obj.username
next
end if
err.clear
end function

'==================FUNCTION==================
'Name/Params: isAlive(pcname)
'Purpose: Ping computer to pre-test for IP connectivity. Returns true if resolved IP address is pingable
'==============================================
function isAlive(pcname)
isAlive = false
set objWMI = GetObject("winmgmts:\\.\root\cimv2")
sQuery = "select * from win32_pingstatus where address='" & pcname & "' and timeout=1000"
set results = objWMI.ExecQuery(sQuery)

for each result in results
if result.statuscode = 0 then
isAlive = true
end if
next
end function

badmachines = split(bad)
wscript.echo vbcrlf & "The following computers were unable to be contacted. Please audit these individually"
wscript.echo "===================================================================================="
for i = 0 to badmachines - 1
wscript.echo badmachines(i)
next
 
My life of learning various things about technology including network administration, development, and 3D design

Name:
Location: Chicago, Illinois, United States
ARCHIVES
January 2006 / February 2006 / March 2006 / May 2006 / June 2006 / July 2006 / August 2006 / September 2006 / October 2006 / November 2006 / December 2006 / January 2007 / February 2007 / March 2007 / April 2007 / May 2007 / June 2007 / August 2007 / December 2007 / January 2008 / March 2008 / April 2008 / June 2008 / July 2008 / September 2008 / December 2008 / January 2009 / February 2009 / March 2009 / May 2009 /


Powered by Blogger