Forum
Merhaba,
CM üzerinde Domain'deki clientların toplu halde hangileri local administrator olduğunu nasıl görebileceğim bir raporu varmıdır? Yoksa bunu başka bir yoldan nasıl raporlarım?
Tşkr.
Evet tabiki vardır, ancak en doğru sonucu elde etmek için advertisment yaparken mof u editlemeniz ve altta ki scripti kullanmanız gerekir.
Ward Lange's original mof edit works
great for 2000 and xp; but for Windows 2003 servers and Vista, the
"BUILTIN" needed to be replaced with the local computer's name.
Unfortunately, I have yet to hear of a way to use a dynamic variable in
the MOF.
With his permission I've used it to show a different method to gather the contents of the local Administrators group.
-
Edit inboxes\clifiles.src\hinv\sms_def.mof. At the very bottom,
add these lines. These are identical to Ward Lange's mof edit, so if
you've already implemented that one, no need to change anything.
[ SMS_Report (TRUE),SMS_Group_Name ("LocalAdmins"),SMS_Class_ID ("MICROSOFT|LocalAdmins|1.0")]
class Win32_LocalAdmins : SMS_Class_Template
{
[SMS_Report(TRUE), key] string AccountName;
[SMS_Report(TRUE), key] string GroupName;
}; -
Do not add anything to Configuration.mof. If you've previously
implemented Ward Lange's, remove the section from configuration.mof.
If you are on SMS2003 (not configMgr) and have already implemended Ward
Lange's edit, you will want to remove the data section, leaving just
the reporting section (the section above). -
Attached is a .txt file; rename it to .vbs. Place it in a Source
folder, and create a package/program for it, to run whether or not user
logged in. -
The Collection Query I suggest using for the advertisement is
this, I'd set it to be recurring every few days so if a machine loses
the WMI information somehow, it gets it back.select SMS_R_SYSTEM.ResourceID
from SMS_R_System
where
SMS_R_System.ResourceId not in
(select SMS_R_System.ResourceId
from SMS_R_System
inner join SMS_G_System_LOCALADMINS on SMS_G_System_LOCALADMINS.ResourceID = SMS_R_System.ResourceId
where SMS_G_System_LOCALADMINS.AccountName is not null)
So, what does this combination do? The sms_def.mof edit will set
your hardware inventory policy to report on local administrators group
membership. The vbscript advertisement will create the WMI data entry
using the computer name. It doesn't really matter if configuration.mof
built it or something else built it--once it's there, Hardware
Inventory policy will be able to use it.
A sample report to use once you have this data:
select distinct Name0 as 'Computer Name',
substring(AccountName0,charindex('Domain=',Accountname0)+8,(charindex('Name=',Accountname0)-charindex('Domain=',Accountname0)-10))
as 'Domain Name',
substring(AccountName0,len(AccountName0)-charindex('"',reverse(AccountName0),2)+2,charindex('"',reverse(AccountName0),2)-2)
as 'User Name'
from v_GS_SYSTEM INNER JOIN v_GS_LocalAdmins ON
v_GS_SYSTEM.ResourceID = v_GS_LocalAdmins.ResourceID where
(AccountName0 not like '%Administrator%' AND AccountName0 not like
'%Domain Admins%')
Note 1: The vbscript specifically looks for members of the
'Administrators' group. If you have alternate groups you need to look
for, like Administrateurs, or Administraten, modify the script.
Note 2: If the vbscript was run, and since then the computer has
been renamed, the script will need to run again to update to the new
name.