Doc
Thu Oct 23 15:45:14 CDT 2003
Hey Ray:
Benn a freakin nutty ass couple of days here as I try to figure some stuff
out.
I found a nifty little utility called schtasks. Now, work with me on
this one and if you heard of it, tell me to f-- off.
The link to this nifty thing is
http://www.microsoft.com/technet/treeview/default.asp?url=/technet/prodtechnol/winxppro/proddocs/schtasks.asp
Right, this thing will apparently allow me to remotely execute a vb script
version of the AT command, or something that does essentially what I want it
to do, now, the script that I pulled out of the script resource kit was (and
I refer to it because you may be having the same type of day that I have
had - e.g. brainfart):
strComputer = "."
Set objWMIService = GetObject("winmgmts:" _
& "{impersonationLevel=impersonate,(Shutdown)}!\\" & _
strComputer & "\root\cimv2")
Set colOperatingSystems = objWMIService.ExecQuery _
("SELECT * FROM Win32_OperatingSystem")
For Each objOperatingSystem in colOperatingSystems
objOperatingSystem.shutdown()
Next
This thing will shut down the computer when you run it, unless, of course,
something pesky like outlook.exe is running, but I believe that the schtasks
utility gives you the ability to kill an application.
Now, assuming (arguendo of course) that there are no other such applications
that require your exit thereof before shutting down a machine (e.g. that the
freakin user actually has to shut down the applications - and of course
there WILL be one, just have to figure out if its a legit application or
some third party piece of shit, ten year-old, DOS wanna be GUI program thats
doing it), okay, so then we have an at 2100 hours command that says log off,
exit programs, shut your muther fucking third ass party app shit down
moe-foe, and then at, lets say 21:25 hours another one saying hey, see that
script in that thar shared folder on that thar server? Well run it then, it
should, in effect and theory shut the bloody ass wipes down.
It works fine in theory, in practice its a totally different story
altogether. The way I see this utility, its nothing more than a remote way
of running the AT command - now this is really driving me up a freakin wall.
I mean, to encapsulate it, then have a bunch of windows xp machines call to
that bat file or whatever.vbs file,. . . oh man, I am in a loop, literally.
At this windows xp box I simply typed the following in a notepad file and
then turned it into a .bat and even a .exe file, supposedly, its supposed to
delete all tasks from the local computer.
schtasks / delete /tn * /f
Only thing the darn thing did it loop, literally as a .bat file and as an
.exe file it just hung there. No, I have to look at the bloody event log to
see if I really need check up on permissions switches and shit.
Okay, I have been trying to fire this one out to you for about an hour now
while trying to figure this thing out. I know that I am so close, so
freakin close and that there has to be a simpler way of doing this than
writing up oodles of code. Ultimately, its simple and, well, here is a dumb
ass question
Using the AT command, what is its syntax to run something only once with
admin privileges. My brain is totally, totally, totally fried and all I
know is that I cannot have these monkeys having any sorts of permissions
whatsoever. Dude, there are people here with full admin permissions who
dont know the difference between a netbios name and a cookie. CDW has a
"dear fred" book series, which I suggest you ask your CDW rep, if not, send
me contact info somehow and I will get same to you quickly, its a
compilation of stories, half of which I could have written. Hopefully, the
next time its released it will have several of my little stories in there.
In your debt,
Walt.
P.S. I downloaded and visited all the sites you spoke of, no sweat had been
to many of them there and have all the necessary resources. Now if all it
takes is learning visual basic. . .
It looks like it may just be what the doctor ordered. Of course, there are
issues, such as outlook being open and then
"Ray at <%=sLocation%>" <myfirstname at lane34 dot com> wrote in message
news:eqiTiYNmDHA.2068@TK2MSFTNGP09.phx.gbl...
>
> "Doc Wally" <notimeforspam@spam.com> wrote in message
> news:Mtzlb.41175$6j.7561806@news4.srv.hcvlny.cv.net...
> >
> > > Will reply more from work tomorrow. Off to bed.
> > >
> > > Ray at home
> >
> > Ray, I desperately seek your guidance and wisdom. I cannot tell you how
> > appreciative I am. It is likely that I will end up diving into
scripting,
> > at least using them from a systems standpoint of view. However, I need
a
> > primer - I have the Windows 2000 Scripting Guide, but I really need to
get
> > to speed on this whole matter so that I don't end up asking stupid
> questions
> > and returning favors for beer.
>
>
> That's my favorite book! Most of the scripting stuff I do is all in ASP.
> That's why many of the posts in this group are over my head. But, the WSH
> documentation is completely priceless. If you do not have that, download
it
> at once!
>
http://www.microsoft.com/downloads/details.aspx?FamilyId=01592C48-207D-4BE1-8A76-1C4099D7BBB9&displaylang=en
>
>
>
> > Can you recommend any good books/programs
> > similar to the Sams collection, with regards to scripting of course. I
> want
> > to master this stuff if, at the very least, for systems administration
as
> I
> > see a tremendous amount of power in it.
>
> !!!!
http://www.microsoft.com/technet/scriptcenter/ !!!!
>
> >
> > Now I know why all those scripting guru's drive expensive cars. . .
>
> I drive a 1988 Chevy Celebrity station wagon with 180,000 miles on it.
>
> > actually, it was because they were embezzling company funds, I read that
> > somewhere.
>
> That's how I got my car!
>
>
> >
> > Warmest regards and cold beers on me.
>
> I'd be more than happy to drink the beers.
>
>
> Okay, back to the task at hand. Before you'll be able to get any of this
> shutdown stuff to work, the machines have to have the server service
> running. It sounds like they are not. How can you enable that service if
> you cannot access the machines remotely? There aren't too many options.
> The simplest option is to use sc.exe from the Resource Kit or just merge a
> .reg file in a logon script. The problem with this though is that for
this
> to work, the person logging on needs administrative rights. Unless you
have
> other domain groups added to the local admin groups on the machines, the
> only way you can do this is to add your users to the domain admin groups.
> I've had to do that before. But, what you can do for safety's sake is
> something like this, in a .bat file in netlogon:
>
>
>
> regedit /s %logonserver%\startserver.reg
> %logonserver%\shutdown /c /r /t:1
>
>
>
> You'd want to put shutdown.exe in your netlogon share for this to work.
And
> the contents of startserver.reg would look like this (2000+)
>
> Windows Registry Editor Version 5.00
>
> [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\lanmanserver]
> "Start"=dword:00000002
>
>
>
> What this logon script will do is silently merge that registry data and
> update the startup type to 2, which is automatic. It will then execute
> shutdown.exe and force a reboot after 1 second. (The default is 30. If
you
> leave it at that, a crafty user can use shutdown.exe to abort his own
> shutdown and continue on the rest of the day with domain admin rights.)
>
> You won't be able to do anything on those machines without the server
> service running. Fire the person who stopped the service. :]
>
> Ray at work
>
>
>
>