Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

Register Log in
  • Congratulations MikeeOK on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

WMI Experts!!!

Status
Not open for further replies.
CharlieIT

CharlieIT

MIS
Apr 9, 2003
157
US
When I run the script below, I get all the names of all the profiles on a remote computer. However, I only get "LastLogon" for Local Users (e.g. "Administrator" and "AspNet"). I do not get "LastLogon" for any domain users who have logged into the remote computer. There is no error message--the result is simply blank.

I am running this script from my own computer--and I am the Domain Admin. My domain username is also part of the administrators group on the remote computer as well.

Does anyone know what might be going wrong?

On Error Resume Next
strComputer = "REMOTECOMPUTER
Set objWMIService = GetObject("winmgmts:\\" & strComputer & "\root\cimv2")
Set colItems = objWMIService.ExecQuery("Select * from Win32_NetworkLoginProfile")
For Each objItem in colItems

Wscript.Echo "name: " & objItem.name
Wscript.Echo "LastLogon: " & objItem.LastLogon

Next
 
Sort by date Sort by votes
Hello CharlieIT,

There may be a conceptual matter here. A domain user log on to DC rather than the remote computer. When that domain user requests a particular service on certain remote computer, the latter establishes a session for this particular service and it is reflected with the session variable.

Have you tried to remote to the DC?

If an adsi solution is acceptible, check out Meuller's:

regards - tsuji
 
Upvote 0 Downvote
Tsuji--

Thank you for your response. The reason why I think it might be some sort of security issue is--if I run the above script on the remote computer itself (with the script pointing at the same computer), it enumerates all of the users and LastLogon--regardless of whether they are local users or domain users. So if it works locally, I SHOULD be able to get it to work remotely (unless there is some security measure put in place to prevent it).

The reason I did not want to query the Domain Controller is: If a user logs into Remote Computer #1, and then a couple of hours later logs into Remote Computer #2, then if I query the Domain Controller for "LastLogon", I will get the time they logged into Remote Computer #2. I want to make sure that I am getting the time they logged into a specific Remote computer.

 
Upvote 0 Downvote
If it works locally but not remotely, I am thinking that you may be able to use impersonation level but not sure of the syntax or applicability in this case.
 
Upvote 0 Downvote
I have tried running a script with impersonation (see below). I get the same results--works fine for all users when I run it on the computer locally, but I only get "LastLogon" times for local users when run against the same computer over the network.

Set LoginProfiles = GetObject("winmgmts:_
{impersonationLevel=Impersonate}!//REMOTECOMPUTER_
/root/cimv2").InstancesOf ("Win32_NetworkLoginProfile")
for each Profile in LoginProfiles
WScript.Echo Profile.Name
WScript.Echo Profile.LastLogon
next
 
Upvote 0 Downvote
CharlieIT,

I am thinking about asserting the (restore) or (remote) privilege see what it gives. Try both of them?
Code: 
Set LoginProfiles = GetObject("winmgmts:_
{impersonationLevel=Impersonate, (restore)}!//REMOTECOMPUTER_
/root/cimv2").InstancesOf ("Win32_NetworkLoginProfile")
- tsuji
 
Upvote 0 Downvote
I tried "restore" and got the same results.
I tried "Delegate" and got an "unspecified error".

I also tried passing the Domain Admin's username and password, as well as passing the Local Administrator's username and password. I still only get "LastLogon" times for local users and not for Domain Users logged into the remote computer. I ran the above scripts on the local computer, and received "LastLogon" for all users--local and domain.

Code: 
strComputer = "REMOTECOMPUTER"
Set SWbemLocator = CreateObject("WbemScripting.SWbemLocator")
Set SWbemServices = SWbemLocator.ConnectServer _
(strComputer, "root\cimv2",_ "REMOTECOMPUTER\Administrator","PASSWORD").InstancesOf_("Win32_NetworkLoginProfile") 
  for each Profile in SWbemServices
      WScript.Echo Profile.Name
      WScript.Echo Profile.LastLogon
   next
 
Upvote 0 Downvote
One other thing to add to this discussion: I ran the above scripts as the domain admin against the domain controller. The scripts work perfectly giving "lastlogon" for the only user who ever logged onto the domain controller server itself (my domain admin account).

I half expected to see "lastlogon" for all the accounts logging into the domain from other computers--but it did not find any. I also did not expect to see the scripts work against the domain controller for that one account. If they work remotely against the DC, if they work when run locally, why won't they work when run remotely against a domain computer with domain accounts?
 
Upvote 0 Downvote
Status
Not open for further replies.

Similar threads

Leozack
  • Locked
  • Question
WMI pagefile check on remote PC fails where local PC works
Replies
17
Views
626
markdmac
markdmac
cluM02
  • Locked
  • Question
WMI Disk Number and Moint Point
Replies
0
Views
175
cluM02
cluM02
Hun9865
  • Locked
  • Question
How to get the count from WMI class listed values...
Replies
1
Views
187
Geates
Geates
1ncubu5
  • Locked
  • Question
VBS/WMI Newbie, help needed...nearly working 1
Replies
2
Views
177
1ncubu5
1ncubu5
DigitalVariance
  • Locked
  • Question
Unable to access WMI when getting “Windows cannot connect to the domain” Error message 1
Replies
3
Views
199
guitarzan
guitarzan

Part and Inventory Search

Sponsor

Back
Top