Posts Tagged ‘script’

How to Remove Old Cached Roaming Profiles from Workstations

June 3rd, 2009 Wayne Zimmerman

Earlier this year I was tasked with cleaning up the workstations on our network to help reduce the amount of time needed for our daily virus scan to complete. One of the issues I took on was cleaning up old cached profiles from the use of roaming profiles. This was not something I wanted to do manually for the 150 PCs that we have across our building, so I made a script that would look for profiles that had not been modified in the last 90 days and wasn’t a system account (localservice, networkservice, default user, all users). Also, an advantage of using a script to do this is it can produce a report of what it will remove without actually doing it. That way you can be sure that you are not deleting things that you do want to keep.

This script does depending on file and print sharing being turned on for the workstation so the script can access the administrative shares on each computer. It does make the assumption that your profiles are saved in the default windows location C:\Documents and Settings\%username% and that you are the administrator for the domain.

Configuration

  1. Be sure to update the LDAP string 'LDAP://OU=workstations,DC=subdomain,DC=domain,DC=com' to match your Active Directory structure. The script needs to know where all the workstation are in Active Directory
  2. Find objConnection.Open "DomainController" and modify the put your Domain Controller in place of DomainController
  3. Find OldProfile objRecordSet.Fields("Name").Value, "C:\deletedprofiles.csv" and modify the filename to save the file where you and and named what you want, just be sure to leave the extension as CSV so it will open properly with your spreadsheet application.
  4. Most Importantly – Comment out fsoFolder.DeleteFolder objSubfolder, TRUE if you just want a report of what it will delete when run, if not it is currently setup to remove the unwanted profiles
?Download RemoveOldCachedProfiles.vbs
Const ADS_SCOPE_SUBTREE = 2
 
Set objConnection = CreateObject("ADODB.Connection")
Set objCommand =   CreateObject("ADODB.Command")
objConnection.Provider = "ADsDSOObject"
objConnection.Open "shs-login"
 
Set objCOmmand.ActiveConnection = objConnection
objCommand.CommandText = _
    "Select Name, Location from 'LDAP://OU=workstations,DC=subdomain,DC=domain,DC=com' " _
        & "Where objectClass='computer'"  
objCommand.Properties("Page Size") = 1000
objCommand.Properties("Searchscope") = ADS_SCOPE_SUBTREE 
Set objRecordSet = objCommand.Execute
objRecordSet.MoveFirst
 
Do Until objRecordSet.EOF
	OldProfile objRecordSet.Fields("Name").Value, "C:\deletedprofiles.csv"
    objRecordSet.MoveNext
Loop
 
Sub OldProfile(strComputer, strFilename)
	On Error Resume Next
	Set StdOut = WScript.StdOut
 
	Set objFSO = CreateObject("scripting.filesystemobject")
	Set logStream = objFSO.opentextfile(strFilename, 8, True)
 
	Set oReg=GetObject("winmgmts:{impersonationLevel=impersonate}!\\" & strComputer & "\root\default:StdRegProv")
	If Err.Number Then
	      logStream.writeline(strComputer & ",Offline")
	      Err.Clear
	Else
		On Error Resume Next
		Set objShell = CreateObject("Shell.Application")
		Set fsoFolder = CreateObject("Scripting.FileSystemObject")
 
		root = "\\" & strComputer &"\C$\Documents and Settings"
 
		Set objFolder = fsoFolder.GetFolder(root)
		Set colSubfolders = objFolder.Subfolders
 
			For Each objSubfolder in colSubfolders
				If (lcase(objSubfolder.Name) <> "localservice" AND lcase(objSubfolder.Name) <> "networkservice"_
					AND lcase(objSubfolder.Name) <> "default user" AND lcase(objSubfolder.Name) <> "all users") then
 
						If (DateDiff("D", objSubfolder.DateLastModified, Date()) > 90) then
							logStream.writeline(strComputer & ",Online,Delete," & objSubfolder & "," & objSubfolder.DateLastModified)
							fsoFolder.DeleteFolder objSubfolder, TRUE
						else
							logStream.writeline(strComputer & ",Online,Active," & objSubfolder & "," & objSubfolder.DateLastModified)
						End If
 
				else
					logStream.writeline(strComputer & ",Online,System," & objSubfolder & "," & objSubfolder.DateLastModified)
				End If
			Next
	End If
	logStream.Close
End Sub
Posted in Code Tags: , , , , , , , , 4 Comments »

Passing Parameters to VB Script to Map Network Drives

May 4th, 2009 Wayne Zimmerman

The other day I got an instant message from a fellow network administrator asking for a script that would map drives to by simply passing parameters from command line. This caused me to go into Google mode checking how parameters are passed in to Visual Basic Script and then applying the basic network drive mapping script. Now I feel that only the proper thing to do is share it with everyone out there that is looking for the same thing he was. This is a very simple script that does something equally simple. Hopefully this will simply some of the group policies that are out there.

Usage: mapme.vbs Z //server/share
This would result in passing Z as the drive letter and mapping it to the UNC path of //server/share

?Download mapme.vbs
Set objArgs = WScript.Arguments
Set objNetwork = WScript.CreateObject("WScript.Network")
objNetwork.MapNetworkDrive  objArgs(0) & ":" , objArgs(1)
Posted in Code Tags: , , , , , , No Comments »

List Local Accounts from Computers in Active Directory

April 1st, 2009 Wayne Zimmerman

When you finally take the plunge and decided that the only way to take your business to the next level is to setup a true client/server environment, here is a script to help you clean up those old accounts. When you convert to an Active Directory structure, you need to remove all the old local user accounts. This will reduce the security risks by removing accounts that you can’t force to conform to the rules setup by Group Policy. Also, if you were running these users as Administrators or Power Users and now have limited them down to a Standard user, without removing their old local accounts they may have elevated rights that they don’t need. Using this script you can query every computer in you Active Directory and get a list in CSV that you can use to know where that accounts are that need to be removed. In this script you can modify the output file so you can save the file where you want. You will also need to modify the Active Directory information to match your Domain configuration.

Tip: You can remotely connect other computers on your domain using “compmgmt.msc /computer:[remote computer]” from there you can manage user accounts in Local Users and Groups.

?Download getlocalaccts.vbs
Const ADS_SCOPE_SUBTREE = 2
 
Set objConnection = CreateObject("ADODB.Connection")
Set objCommand =   CreateObject("ADODB.Command")
objConnection.Provider = "ADsDSOObject"
objConnection.Open "MYDomainController" 'put domain controller here

Set objCOmmand.ActiveConnection = objConnection
objCommand.CommandText = _
    "Select Name, Location from LDAP://DC=subdomain,DC=zim,DC=local' " _  'update this with your AD information
        & "Where objectClass='computer'"  
objCommand.Properties("Page Size") = 1000
objCommand.Properties("Searchscope") = ADS_SCOPE_SUBTREE 
Set objRecordSet = objCommand.Execute
objRecordSet.MoveFirst
 
Do Until objRecordSet.EOF
	LocalUsers objRecordSet.Fields("Name").Value, "C:\localaccounts.csv" 'adjust output file name as needed
    objRecordSet.MoveNext
Loop
 
Sub LocalUsers(strComputer, strFilename)
	On Error Resume Next
	Set StdOut = WScript.StdOut
 
	Set objFSO = CreateObject("scripting.filesystemobject")
	Set logStream = objFSO.opentextfile(strFilename, 8, True)
 
	Set oReg=GetObject("winmgmts:{impersonationLevel=impersonate}!\\" & strComputer & "\root\default:StdRegProv")
	If Err.Number Then
	      logStream.writeline(strComputer & ",Offline")
	      Err.Clear
	Else
		Set colAccounts = GetObject("WinNT://" & strComputer)
		colAccounts.Filter = Array("user")
 
		For Each objUser In colAccounts
		        logStream.writeline(strComputer & ",Online," & objUser.Name & "," & objUser.AccountDisabled) 
		Next
	End If
 
	logStream.Close
End Sub
Posted in Code Tags: , , , , , , , , , , No Comments »

Remove Old Windows Updates Automatically using Logoff Script

March 31st, 2009 Wayne Zimmerman

This is a great script that helps you keep those patched boxes on your network running longer and faster. This script checks to see how old the Microsoft Windows Update Uninstall folders are and deletes them based on a parameter in the script. This reduces clutter on your PC and reduces one of the major disk hogs in a corporate environment. This script should be included in the Computers Group Policy so it has Administrative access to the PC so it can actually remove the files.

?Download cleanwu.vbs
Set oShell = CreateObject("Wscript.Shell")
strWindows = oShell.ExpandEnvironmentStrings("%WINDIR%")
 
On Error Resume Next
Set fsoFolder = CreateObject("Scripting.FileSystemObject")
 
Set objFolder = fsoFolder.GetFolder(strWindows)
Set colSubfolders = objFolder.Subfolders
 
For Each objSubfolder in colSubfolders
	If (DateDiff("D", objSubfolder.DateCreated, Date()) > 90) AND ((Left(objSubfolder.Name,3)) = "$Nt") then
		fsoFolder.DeleteFolder strWindows & "\" & objSubfolder.Name, TRUE
	End If
Next
Posted in Code Tags: , , , , , , , , No Comments »
Twitter Delicious Facebook Digg Stumbleupon Favorites More