Active Directory : Script IP, Hostname, Login
Hoje estamos trazendo um script que será rodado via GPO, que no final é uma mão na roda quando é necessário fazer um rastreamento (Auditoria). quando um usuário logou, quantas vezes, em que desktop logou, quantos usuários logaram em um desktop ou vários desktops.
Qual o principal objetivo desse Script
Ilustrar informações detalhadas dos desktops corporativos, no que tange: Ip-Hostname-Login;
Qual os benefícios desse Script
- Uma auditoria mais detalhada a qualquer momento do: Ip, Hostname ou Login;
- Informações a qualquer momento sobre: Ip, Hostname ou Login;
- Informações consolidadas a qualquer momento sobre: Ip, Hostname ou Login;
- Logs armazenados por uma grande quantidade de tempo;
Scripts
IP_HOSTNAME_LOGIN_WINVISTA_WIN7_WIN8_WIN10)
@set computername >> "\SRVAD2012R201\IP_HOSTNAME_LOGIN$\computername% %date:~6,4%-%date:~3,2%-%date:~0,2% %TIME:~0,2%h%TIME:~3,2%min.txt"
@set username >> "\SRVAD2012R201\IP_HOSTNAME_LOGIN$\username% %date:~6,4%-%date:~3,2%-%date:~0,2% %TIME:~0,2%h%TIME:~3,2%min.txt"
@ipconfig | findstr "Endereço IP" >> "\SRVAD2012R201\IP_HOSTNAME_LOGIN$\username% %date:~6,4%-%date:~3,2%-%date:~0,2% %TIME:~0,2%h%TIME:~3,2%min.txt"
@ipconfig | findstr "Endereço IP" >> "\SRVAD2012R201\IP_HOSTNAME_LOGIN$\computername% %date:~6,4%-%date:~3,2%-%date:~0,2% %TIME:~0,2%h%TIME:~3,2%min.txt"
@date /T >> "\SRVAD2012R201\IP_HOSTNAME_LOGIN$\username% %date:~6,4%-%date:~3,2%-%date:~0,2% %TIME:~0,2%h%TIME:~3,2%min.txt"@time /T >> "\SRVAD2012R201\IP_HOSTNAME_LOGIN$\username% %date:~6,4%-%date:~3,2%-%date:~0,2% %TIME:~0,2%h%TIME:~3,2%min.txt"
@date /T >> "\SRVAD2012R201\IP_HOSTNAME_LOGIN$\computername% %date:~6,4%-%date:~3,2%-%date:~0,2% %TIME:~0,2%h%TIME:~3,2%min.txt"
@time /T >> "\SRVAD2012R201\IP_HOSTNAME_LOGIN$\computername% %date:~6,4%-%date:~3,2%-%date:~0,2% %TIME:~0,2%h%TIME:~3,2%min.txt"
Script IP_HOSTNAME_LOGIN_WINXP
@set computername >> "\\SRVAD2012R201\IP_HOSTNAME_LOGIN$\%computername% %date:~4,2%-%date:~7,2%-%date:~10,4% %TIME:~0,2%h%TIME:~3,2%min.txt"
@set username >> "\SRVAD2012R201\IP_HOSTNAME_LOGIN$\username% %date:~4,2%-%date:~7,2%-%date:~10,4% %TIME:~0,2%h%TIME:~3,2%min.txt"
@ipconfig | findstr "Endereço IP" >> "\SRVAD2012R201\IP_HOSTNAME_LOGIN$\username% %date:~4,2%-%date:~7,2%-%date:~10,4% %TIME:~0,2%h%TIME:~3,2%min.txt"
@ipconfig | findstr "Endereço IP" >> "\SRVAD2012R201\IP_HOSTNAME_LOGIN$\computername% %date:~4,2%-%date:~7,2%-%date:~10,4% %TIME:~0,2%h%TIME:~3,2%min.txt"
@date /T >> "\SRVAD2012R201\IP_HOSTNAME_LOGIN$\username% %date:~4,2%-%date:~7,2%-%date:~10,4% %TIME:~0,2%h%TIME:~3,2%min.txt"
@time /T >> "\SRVAD2012R201\IP_HOSTNAME_LOGIN$\username% %date:~4,2%-%date:~7,2%-%date:~10,4% %TIME:~0,2%h%TIME:~3,2%min.txt"
@date /T >> "\SRVAD2012R201\IP_HOSTNAME_LOGIN$\computername% %date:~4,2%-%date:~7,2%-%date:~10,4% %TIME:~0,2%h%TIME:~3,2%min.txt"
@time /T >> "\SRVAD2012R201\IP_HOSTNAME_LOGIN$\computername% %date:~4,2%-%date:~7,2%-%date:~10,4% %TIME:~0,2%h%TIME:~3,2%min.txt"
Filtros WMI
WINXP64
select * from Win32_OperatingSystem
WHERE (Version like "5.1%" or Version like "5.2%") AND ProductType="1" WINVISTA
SELECT version
FROM Win32_OperatingSystem
WHERE Version LIKE "6.0%" and ProductType = "1" AND OSArchitecture = "64-bit" WIN7
SELECT version
FROM Win32_OperatingSystem
WHERE Version LIKE "6.1%" and ProductType = "1" AND OSArchitecture = "64-bit" WIN8.1
SELECT version
FROM Win32_OperatingSystem
WHERE Version LIKE "6.3%" and ProductType = "1" AND OSArchitecture = "64-bit" WIN10
select * from Win32_OperatingSystem where Version like "10.%"