Forum

Bildirimler
Hepsini Temizle

Sccm rapor hk.

2 Yazılar
2 Üyeler
0 Reactions
850 Görüntüleme
(@tahir.karaabali)
Gönderiler: 9
Active Member
Konu başlatıcı
 

Merhaba,


 


CM üzerinde Domain'deki clientların toplu halde hangileri local administrator olduğunu nasıl görebileceğim bir raporu varmıdır? Yoksa bunu başka bir yoldan nasıl raporlarım?


 


Tşkr.

 
Gönderildi : 23/06/2009 19:11

(@bugrakeskin)
Gönderiler: 5088
Illustrious Member
 

Evet tabiki vardır, ancak en doğru sonucu elde etmek için advertisment yaparken mof u editlemeniz ve altta ki scripti kullanmanız gerekir.

 

Ward Lange's original mof edit works
great for 2000 and xp; but for Windows 2003 servers and Vista, the
"BUILTIN" needed to be replaced with the local computer's name. 
Unfortunately, I have yet to hear of a way to use a dynamic variable in
the MOF.

With his permission I've used it to show a different method to gather the contents of the local Administrators group.

  • Edit inboxes\clifiles.src\hinv\sms_def.mof.  At the very bottom,
    add these lines.  These are identical to Ward Lange's mof edit, so if
    you've already implemented that one, no need to change anything.
    [ SMS_Report (TRUE),SMS_Group_Name ("LocalAdmins"),SMS_Class_ID ("MICROSOFT|LocalAdmins|1.0")]
    class Win32_LocalAdmins : SMS_Class_Template
    {
    [SMS_Report(TRUE), key] string AccountName;
    [SMS_Report(TRUE), key] string GroupName;
    };
  • Do not add anything to Configuration.mof.  If you've previously
    implemented Ward Lange's, remove the section from configuration.mof. 
    If you are on SMS2003 (not configMgr) and have already implemended Ward
    Lange's edit, you will want to remove the data section, leaving just
    the reporting section (the section above).
  • Attached is a .txt file; rename it to .vbs.  Place it in a Source
    folder, and create a package/program for it, to run whether or not user
    logged in. 
  • The Collection Query I suggest using for the advertisement is
    this, I'd set it to be recurring every few days so if a machine loses
    the WMI information somehow, it gets it back.

    select SMS_R_SYSTEM.ResourceID
    from SMS_R_System
    where
    SMS_R_System.ResourceId not in
     (select SMS_R_System.ResourceId
      from  SMS_R_System
      inner join SMS_G_System_LOCALADMINS on SMS_G_System_LOCALADMINS.ResourceID = SMS_R_System.ResourceId
      where SMS_G_System_LOCALADMINS.AccountName is not null)

So, what does this combination do?  The sms_def.mof edit will set
your hardware inventory policy to report on local administrators group
membership.  The vbscript advertisement will create the WMI data entry
using the computer name.  It doesn't really matter if configuration.mof
built it or something else built it--once it's there, Hardware
Inventory policy will be able to use it.

A sample report to use once you have this data:

select distinct Name0 as 'Computer Name',
substring(AccountName0,charindex('Domain=',Accountname0)+8,(charindex('Name=',Accountname0)-charindex('Domain=',Accountname0)-10))
as 'Domain Name',
substring(AccountName0,len(AccountName0)-charindex('"',reverse(AccountName0),2)+2,charindex('"',reverse(AccountName0),2)-2)
as 'User Name'
from v_GS_SYSTEM INNER JOIN v_GS_LocalAdmins ON
v_GS_SYSTEM.ResourceID = v_GS_LocalAdmins.ResourceID where
(AccountName0 not like '%Administrator%' AND AccountName0 not like
'%Domain Admins%')

Note 1: The vbscript specifically looks for members of the
'Administrators' group.  If you have alternate groups you need to look
for, like Administrateurs, or Administraten, modify the script.

Note 2: If the vbscript was run, and since then the computer has
been renamed, the script will need to run again to update to the new
name.

 

 
Gönderildi : 24/06/2009 12:22

Paylaş: