Jump to content

Recommended Posts

Posted

I slightly modified code from this post by Guinness so I can display a computer's network configuration.

#AutoIt3Wrapper_Au3Check_Parameters=-d -w 1 -w 2 -w 3 -w 4 -w 5 -w 6

#cs
    This program displays specific info about a PC's NIC configuration (see For/next loop below for details)
    If you click OK it will then display a matrix view of the same info in case you want to copy this info to the clipboard
    Clicking Cancel will skip the matrix view
#ce

#include <Array.au3>

Global $aArray = _IPDetails(), $sData

For $A = 1 To $aArray[0][0]
    $sData &= "Description: " & $aArray[$A][0] & @CRLF & _
            "Connection Name: " & _GetNetworkID($aArray[$A][0]) & @CRLF & _
            "IP Address: " & $aArray[$A][1] & @CRLF & _
            "MAC: " & $aArray[$A][2] & @CRLF & _
            "Default Gateway: " & $aArray[$A][3] & @CRLF & _
            "DNS Servers: " & $aArray[$A][4] & @CRLF & _
            "Obtain DNS Automatically: " & $aArray[$A][5] & @CRLF & _
            "Auto IP: " & $aArray[$A][6] & @CRLF & @CRLF
Next

$sData = StringTrimRight($sData, 4)

If MsgBox (1,"Results (Cancel to skip arrayview)",$sData) = $IDCANCEL then Exit

_ArrayDisplay($aArray,"Active Network Adapters","1:7",16,"","Description|IP Address|MAC|Gateway|DNS|ADNS|DHCP")

Exit

Func _IPDetails()
    Local $iCount = 0
    Local $oWMIService = ObjGet("winmgmts:{impersonationLevel = impersonate}!\\" & "." & "\root\cimv2")
    Local $oColItems = $oWMIService.ExecQuery("Select * From Win32_NetworkAdapterConfiguration Where IPEnabled = True", "WQL", 0x30), $aReturn[1][7] = [[0, 7]]
    If IsObj($oColItems) Then
        For $oObjectItem In $oColItems
            $aReturn[0][0] += 1
            $iCount += 1

            If $aReturn[0][0] <= $iCount + 1 Then
                ReDim $aReturn[$aReturn[0][0] * 2][$aReturn[0][1]]
            EndIf

            $aReturn[$iCount][0] = _IsString($oObjectItem.Description)
            $aReturn[$iCount][1] = _IsString($oObjectItem.IPAddress(0))
            $aReturn[$iCount][2] = _IsString($oObjectItem.MACAddress)
            $aReturn[$iCount][3] = _IsString($oObjectItem.DefaultIPGateway(0))
            $aReturn[$iCount][4] = _WMIArrayToString($oObjectItem.DNSServerSearchOrder(), " - ")
            $aReturn[$iCount][5] = _WMIRegRead($oObjectItem.SettingID)
            $aReturn[$iCount][6] = _IsString($oObjectItem.DHCPEnabled)
        Next
        ReDim $aReturn[$aReturn[0][0] + 1][$aReturn[0][1]]
        Return $aReturn
    EndIf
    Return SetError(1, 0, $aReturn)
EndFunc   ;==>_IPDetails

Func _WMIRegRead($iGUID)
    If RegRead("HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\" & $iGUID & "\", "NameServer") = "" Then
        Return True
    EndIf
    Return False
EndFunc   ;==>_WMIRegRead

Func _GetNetworkID($sAdapter)
    Local $oWMIService = ObjGet("winmgmts:{impersonationLevel = impersonate}!\\" & "." & "\root\cimv2")
    Local $oColItems = $oWMIService.ExecQuery('Select * From Win32_NetworkAdapter Where Name = "' & $sAdapter & '"', "WQL", 0x30)
    If IsObj($oColItems) Then
        For $oObjectItem In $oColItems
            Return $oObjectItem.NetConnectionID
        Next
    EndIf
    Return SetError(1, 0, "Unknown")
EndFunc   ;==>_GetNetworkID


Func _IsString($sString)
    If IsString($sString) Or IsBool($sString) Then
        Return $sString
    EndIf
    Return "Not Available"
EndFunc   ;==>_IsString

Func _WMIArrayToString($aArray, $sDelimeter = "|")  ; Guinness' own version of ArrayToString()
    If IsArray($aArray) = 0 Then
        Return SetError(1, 0, "Not Available")
    EndIf
    Local $iUbound = UBound($aArray) - 1, $sString
    For $A = 0 To $iUbound
        $sString &= $aArray[$A] & $sDelimeter
    Next
    Return StringTrimRight($sString, StringLen($sDelimeter))
EndFunc   ;==>_WMIArrayToString

Now I'd like to get this same information about other computers in the workgroup. I thought it would be as simple as making the following change:

Local $oWMIService = ObjGet("winmgmts:{impersonationLevel = impersonate}!\\" & "." & "\root\cimv2")
to
Local $oWMIService = ObjGet("winmgmts:{impersonationLevel = impersonate}!\\" & "othercomputer" & "\root\cimv2")

But that throws the following error.

"Get active Network Adapter info.au3" (68) : ==> Variable must be of type "Object".:
Local $oColItems = $oWMIService.ExecQuery('Select * From Win32_NetworkAdapter Where Name = "' & $sAdapter & '"', "WQL", 0x30)
Local $oColItems = $oWMIService^ ERROR

  I've verified that I can perform remote ops like "PSexec \\othercomputer" and "shutdown /M \\othercomputer" on the remote PC so I don't think it's a problem external to my code. What am I doing wrong? 

Thank you.

Posted

Sounds like your ObjGet command failed and that is why the subsequent .ExeQuery fails with "Object" error.  When you run psexec successfully, are you specifying the remote machine\username and password? 

If the creds are the same on both machines, perhaps you could try forcing the script to elevate by adding #RequireAdmin to the top of your script;

Posted

Sounds like your ObjGet command failed and that is why the subsequent .ExeQuery fails with "Object" error.  When you run psexec successfully, are you specifying the remote machine\username and password? 

If the creds are the same on both machines, perhaps you could try forcing the script to elevate by adding #RequireAdmin to the top of your script;

Thank you for replying, spudw2k! I very much appreciate your helpful response.

Not that I know what I'm doing but I inserted a "COM error handler" found in the forum here and it gave me two hints that might help someone point me to a solution.

We intercepted a COM Error!

err.windescription: Access is denied

err.number is: 80070005

and...

err.windescription: Variable must of type 'Object'.

err.number is: 000000A9

The PC I'm running it on has the same un/pw as the target. And no, i am not supplying un/pw with shutdown or any of the pstools. Plus, I can open both of the following paths in File Explorer.

\\TargetPCName\C$
\\TargetPCName\ADMIN$

Any suggestions?

Posted

Variable must of type 'Object' I imagine would be you are using Autoit Variable inside an Object which it doesnt like. If you use your Autoit Variable before the Object it would be fine.

 

I know I get access denied unless I am using an elevated access, so the #requireadmin sounds ideal or if its a network admin ID depending on your network would be the next step imo. :)

Posted

Variable must of type 'Object' I imagine would be you are using Autoit Variable inside an Object which it doesnt like. If you use your Autoit Variable before the Object it would be fine.

 

I know I get access denied unless I am using an elevated access, so the #requireadmin sounds ideal or if its a network admin ID depending on your network would be the next step imo. :)

Thank you, tweakster2010. Can you point out where in the OP code I'm using an Autoit Variable inside an Object?

Posted

Sadly I am not at the point where I could identify it like that. I can only go off of what happened with mine, which tied to arrays writing to an object but each array item was its own variable. So I had to delcare the array before hitting the object >.>

Posted

Probably you don't have the permission on remote system or WMI is not running properly.

You can try to provide login credentials (found in my WMI snippets folder):

Global Const $oErrorHandler = ObjEvent("AutoIt.Error", "ObjErrorHandler")

Global $aNetInfo = WMI_GetInfoFromActiveNetworkCard()
Global $fCDriveFreeSpace = WMI_GetCDriveFreeSpace()

MsgBox(0, "Test", "Adapter:" & @TAB & $aNetInfo[0] & @CRLF & _
                  "MAC:" & @TAB & $aNetInfo[1] & @CRLF & _
                  "IP:" & @TAB & $aNetInfo[2] & @CRLF & _
                  "Subnet:" & @TAB & $aNetInfo[3] & @CRLF & _
                  "Gateway:" & @TAB & $aNetInfo[4] & @CRLF & @CRLF & _
                  "Free space on C drive: " & $fCDriveFreeSpace & " GB")

Func WMI_GetInfoFromActiveNetworkCard($sHost = @ComputerName, $sUserID = "", $sPWD = "")
    Local $objWMILocator = ObjCreate("WbemScripting.SWbemLocator")
    If @error Then Return SetError(1, 0, 0)
    Local $objWMIService = $objWMILocator.ConnectServer($sHost, "\root\cimv2", $sUserID, $sPWD, "", "", 0x80)
    If @error Then Return SetError(2, 0, 0)
    Local $iInterfaceIndex, $objItem, $colItems2, $objItem2
    Local $colItems = $objWMIService.ExecQuery("SELECT * FROM Win32_IP4RouteTable WHERE Destination='0.0.0.0'", "WQL", 0x30)
    If IsObj($colItems) Then
        Local $aActiveNetworkAdapter[5]
        For $objItem in $colItems
            $colItems2 = $objWMIService.ExecQuery("SELECT * FROM Win32_NetworkAdapterConfiguration WHERE InterfaceIndex = " & $objItem.InterfaceIndex, "WQL", 0x30)
            For $objItem2 in $colItems2
                $aActiveNetworkAdapter[0] = $objItem2.Description
                $aActiveNetworkAdapter[1] = $objItem2.MACAddress
                $aActiveNetworkAdapter[2] = $objItem2.IPAddress[0]
                $aActiveNetworkAdapter[3] = $objItem2.IPSubnet[0]
                $aActiveNetworkAdapter[4] = $objItem2.DefaultIPGateway[0]
                Return $aActiveNetworkAdapter
            Next
        Next
    Else
        Return SetError(3, 0, 0)
    EndIf
EndFunc

Func WMI_GetInfoFromActiveNetworkCard2($sHost = @ComputerName)
    Local $objWMIService = ObjGet("winmgmts:{impersonationLevel=impersonate}!\\" & $sHost & "\root\cimv2")
    If @error Then Return SetError(1, 0, 0)
    Local $iInterfaceIndex, $objItem, $colItems2, $objItem2
    Local $colItems = $objWMIService.ExecQuery("SELECT * FROM Win32_IP4RouteTable WHERE Destination='0.0.0.0'", "WQL", 0x30)
    If IsObj($colItems) Then
        Local $aActiveNetworkAdapter[5]
        For $objItem in $colItems
            $colItems2 = $objWMIService.ExecQuery("SELECT * FROM Win32_NetworkAdapterConfiguration WHERE InterfaceIndex = " & $objItem.InterfaceIndex, "WQL", 0x30)
            For $objItem2 in $colItems2
                $aActiveNetworkAdapter[0] = $objItem2.Description
                $aActiveNetworkAdapter[1] = $objItem2.MACAddress
                $aActiveNetworkAdapter[2] = $objItem2.IPAddress[0]
                $aActiveNetworkAdapter[3] = $objItem2.IPSubnet[0]
                $aActiveNetworkAdapter[4] = $objItem2.DefaultIPGateway[0]
                Return $aActiveNetworkAdapter
            Next
        Next
    Else
        Return SetError(2, 0, 0)
    EndIf
EndFunc

Func WMI_GetCDriveFreeSpace($sHost = @ComputerName, $sUserID = "", $sPWD = "")
    Local $objWMILocator = ObjCreate("WbemScripting.SWbemLocator")
    If @error Then Return SetError(1, 0, 0)
    Local $objWMIService = $objWMILocator.ConnectServer($sHost, "\root\cimv2", $sUserID, $sPWD, "", "", 0x80)
    If @error Then Return SetError(2, 0, 0)
    Local $colItems = $objWMIService.ExecQuery("SELECT * FROM Win32_PerfFormattedData_PerfDisk_LogicalDisk WHERE Name = 'C:'", "WQL", 0x30), $objItem
    If IsObj($colItems) Then
        For $objItem in $colItems
            Return Round($objItem.FreeMegabytes / 1024, 2)
        Next
    Else
        Return SetError(2, 0, 0)
    EndIf
EndFunc

Func WMI_GetCDriveFreeSpace2($sHost = @ComputerName)
    Local $objWMIService = ObjGet("winmgmts:{impersonationLevel=impersonate}!\\" & $sHost & "\root\cimv2")
    If @error Then Return SetError(1, 0, 0)
    Local $colItems = $objWMIService.ExecQuery("SELECT * FROM Win32_PerfFormattedData_PerfDisk_LogicalDisk WHERE Name = 'C:'", "WQL", 0x30), $objItem
    If IsObj($colItems) Then
        For $objItem in $colItems
            Return Round($objItem.FreeMegabytes / 1024, 2)
        Next
    Else
        Return SetError(2, 0, 0)
    EndIf
EndFunc

Func ObjErrorHandler()
    ConsoleWrite(   "A COM Error has occured!" & @CRLF  & @CRLF & _
                                "err.description is: "    & @TAB & $oErrorHandler.description    & @CRLF & _
                                "err.windescription:"     & @TAB & $oErrorHandler & @CRLF & _
                                "err.number is: "         & @TAB & Hex($oErrorHandler.number, 8)  & @CRLF & _
                                "err.lastdllerror is: "   & @TAB & $oErrorHandler.lastdllerror   & @CRLF & _
                                "err.scriptline is: "     & @TAB & $oErrorHandler.scriptline     & @CRLF & _
                                "err.source is: "         & @TAB & $oErrorHandler.source         & @CRLF & _
                                "err.helpfile is: "       & @TAB & $oErrorHandler.helpfile       & @CRLF & _
                                "err.helpcontext is: "    & @TAB & $oErrorHandler.helpcontext & @CRLF _
                            )
EndFunc

 

Please don't send me any personal message and ask for support! I will not reply!

Selection of finest graphical examples at Codepen.io

The own fart smells best!
Her 'sikim hıyar' diyene bir avuç tuz alıp koşma!
¯\_(ツ)_/¯  ٩(●̮̮̃•̃)۶ ٩(-̮̮̃-̃)۶ૐ

Posted

Probably you don't have the permission on remote system or WMI is not running properly.

You can try to provide login credentials (found in my WMI snippets folder):

Thank you for replying, UEZ.  Your code, while different from the Guinness's code, yields the same result on my computer, except that it provides variables for supplying a UserID and Password. However, it still refers to @

Computername (my local PC). I added the remote computer's credentials to your code and changed the two instances of $sHost = @ComputerName to $sHost = remote computer's name, but it failed with the following error message in the Console.

err.description is:  Access is denied.
err.windescription: 
err.number is:  80020009
err.lastdllerror is:  0
err.scriptline is:  19
err.source is:  SWbemLocator
err.helpfile is:  
err.helpcontext is:  0

Did you intend to suggest that this code could be used to fetch the desired info from other workgroup PCs, and if so where should the changes go? (I could not find your "WMI snippets folder", but it looks like this code already has the ability to supply login credentials.)

Posted

My WMI snippets folder is on my local disk. ;)

Just to be sure - can you try these steps to find out whether WMI works properly?: http://blogs.technet.com/b/askperf/archive/2007/06/22/basic-wmi-testing.aspx

 

Anyhow, the error description is clear: access is denied. What kind of user is starting the script? You need probably admin rights!

Please don't send me any personal message and ask for support! I will not reply!

Selection of finest graphical examples at Codepen.io

The own fart smells best!
Her 'sikim hıyar' diyene bir avuç tuz alıp koşma!
¯\_(ツ)_/¯  ٩(●̮̮̃•̃)۶ ٩(-̮̮̃-̃)۶ૐ

Posted
I will visit the page you suggest after an errand, but to answer your question: I have admin rights on my computer and have the same username and pwd and rights on the remote PC. I've always thought the simple act of trying to open \\RemotePC\C$ or \\RemotePC\Admin$ was a valid test. Well, that is AFTER making the following registry edit. Without it, trying shutdown or PStools on other PCs in the workgroup never works.
 
1.Open RegEdit on the target computer
2.Navigate to HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System
3.Add a new DWORD value called LocalAccountTokenFilterPolicy
4.Set its value to 1
5.Reboot or logoff/login on the target computer.
Posted

Are you refusing to try #RequireAdmin or just refusing to reveal the results of using it?

Just because you have admin rights does not mean every program is executed with them.

I apologize for not replying previously after adding #RequireAdmin and seeing no change in the results.

Posted (edited)

   Just to be sure - can you try these steps to find out whether WMI works properly?: 

http://blogs.technet.com/b/askperf/archive/2007/06/22/basic-wmi-testing.aspx

 

I downloaded and put WMIDiag.vbs on both my PC and the target W7 box.  I ran it on the target PC first. After WMIDiag ran it said, "WARNING: WMIDiag determined that WMI works CORRECTLY. However, some issues were detected", and it pointed to the actual log file from which the excerpt below came. I'm hoping what's listed below are these issues.

............................................................... ENABLED.
29504 20:35:12 (0) ** => This will prevent any WMI remote connectivity to this computer except
29505 20:35:12 (0) **    if the following three inbound rules are ENABLED and non-BLOCKING:
29506 20:35:12 (0) **    - 'Windows Management Instrumentation (DCOM-In)'
29507 20:35:12 (0) **    - 'Windows Management Instrumentation (WMI-In)'
29508 20:35:12 (0) **    - 'Windows Management Instrumentation (ASync-In)'
29509 20:35:12 (0) **    Verify the reported status for each of these three inbound rules below.
29510 20:35:12 (0) **
29511 20:35:12 (0) ** Windows Firewall 'Windows Management Instrumentation (WMI)' group rule: ............................................. DISABLED.
29512 20:35:12 (0) ** => This will prevent any WMI remote connectivity to/from this machine.
29513 20:35:12 (0) **    - You can adjust the configuration by executing the following command:
29514 20:35:12 (0) **    i.e. 'NETSH.EXE ADVFIREWALL FIREWALL SET RULE GROUP="Windows Management Instrumentation (WMI)" NEW ENABLE=YES'
29515 20:35:12 (0) ** Note: With this command all inbound and outbound WMI rules are activated at once!
29516 20:35:12 (0) **       You can also enable each individual rule instead of activating the group rule.
29517 20:35:12 (0) **
29518 20:35:12 (0) ** Windows Firewall 'Windows Management Instrumentation (DCOM-In)' rule: ............................................... DISABLED.
29519 20:35:12 (0) ** => This will prevent any DCOM WMI inbound connectivity to this machine.
29520 20:35:12 (0) ** Note: The rule 'Windows Management Instrumentation (DCOM-In)' rule must be ENABLED to allow incoming DCOM WMI connectivity.
29521 20:35:12 (0) **    - You can adjust the configuration of this rule by executing the following command:
29522 20:35:12 (0) **    i.e. 'NETSH.EXE ADVFIREWALL FIREWALL SET RULE NAME="Windows Management Instrumentation (DCOM-In)" NEW ENABLE=YES'
29523 20:35:12 (0) **
29524 20:35:12 (0) ** Windows Firewall 'Windows Management Instrumentation (WMI-In)' rule: ................................................ DISABLED.
29525 20:35:12 (0) ** => This will prevent any WMI inbound connectivity to this machine.
29526 20:35:12 (0) ** Note: The rule 'Windows Management Instrumentation (WMI-In)' rule must be ENABLED to allow incoming WMI connectivity.
29527 20:35:12 (0) **    - You can adjust the configuration of this rule by executing the following command:
29528 20:35:12 (0) **    i.e. 'NETSH.EXE ADVFIREWALL FIREWALL SET RULE NAME="Windows Management Instrumentation (WMI-In)" NEW ENABLE=YES'
29529 20:35:12 (0) **
29530 20:35:12 (0) ** Windows Firewall 'Windows Management Instrumentation (WMI-Out)' rule: ............................................... DISABLED.
29531 20:35:12 (0) ** => This will prevent any WMI asynchronous outbound connectivity from this machine.
29532 20:35:12 (0) **    - You can adjust the configuration of this rule by executing the following command:
29533 20:35:12 (0) **    i.e. 'NETSH.EXE ADVFIREWALL FIREWALL SET RULE NAME="Windows Management Instrumentation (WMI-Out)" NEW ENABLE=YES'
29534 20:35:12 (0) **
29535 20:35:12 (0) ** Windows Firewall 'Windows Management Instrumentation (ASync-In)' rule: .............................................. DISABLED.
29536 20:35:12 (0) ** => This will prevent any WMI asynchronous inbound connectivity to this machine.
29537 20:35:12 (0) **    - You can adjust the configuration of this rule by executing the following command:
29538 20:35:12 (0) **    i.e. 'NETSH.EXE ADVFIREWALL FIREWALL SET RULE NAME="Windows Management Instrumentation (ASync-In)" NEW ENABLE=YES'
29539 20:35:12 (0) **
29540 20:35:12 (0) ** ----------------------------------------------------------------------------------------------------------------------------------

The log lists three rules that need to be enabled and non-blocking. I opened Windows Firewall and don't know how to reconcile the recommendations in the log to what I see. For example, the log says to enable WMI (DCOM-In) but the Firewall lists two versions Domain category and Private/Public category. Which one is applicable in this situation?   Maybe that's a moot point because the log then proceeds to list 5 commands that use NETSH.EXE, the first of which includes a warning "With this command all inbound and outbound WMI rules are activated at once!"  

So, should I use the NETSH commands, including the group one? If I should instead limit the changes to just the 3 listed at first, and enable them in Windows Firewall, should I enable the private/public or domain rule?  BTW, this is a basic workgroup; there is no domain server.

This is all foreign territory to me and I don't want to degrade the network's security.

Edited by timmy2
Posted

These aren't issues - rather information what would cause a WMI problem.

 

Can you try this?:  HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\LSA\ForceGuest = 0

Please don't send me any personal message and ask for support! I will not reply!

Selection of finest graphical examples at Codepen.io

The own fart smells best!
Her 'sikim hıyar' diyene bir avuç tuz alıp koşma!
¯\_(ツ)_/¯  ٩(●̮̮̃•̃)۶ ٩(-̮̮̃-̃)۶ૐ

Posted

These aren't issues - rather information what would cause a WMI problem.

 

Can you try this?:  HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\LSA\ForceGuest = 0

Are you saying the section of the report I thought was specific to the tested system is really just general purpose documentation?  Nonetheless, the 3 items cited are disabled in Windows Firewall so I think my questions are still valid, if indeed they could be causing the WMI access denied problem.

Regarding your registry suggestion: the key is already present, with the value of 0.

Posted

what do you need to enable on the remote computer for this script to work? I tried it on my laptop from my PC but get an rpc error

A COM Error has occured!

err.description is:     The RPC server is unavailable.
err.windescription:    
err.number is:     80020009
err.lastdllerror is:     0
err.scriptline is:     16
err.source is:     SWbemLocator
err.helpfile is:     
err.helpcontext is:     0
A COM Error has occured!

 

Posted

Please don't send me any personal message and ask for support! I will not reply!

Selection of finest graphical examples at Codepen.io

The own fart smells best!
Her 'sikim hıyar' diyene bir avuç tuz alıp koşma!
¯\_(ツ)_/¯  ٩(●̮̮̃•̃)۶ ٩(-̮̮̃-̃)۶ૐ

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
×
×
  • Create New...