Re: Inventory script question
- From: "Matthew Curiale" <thisisnot@xxxxxxxxxxxx>
- Date: Tue, 12 May 2009 10:14:09 -0400
Well, I ended up writing a VERY simple script to call the program that writes the inventory to the database (read: 3 lines of code or so).
We've put it into the test group, and applied it as a GPO... The problem now is that, after starting up the machine itself, it doesn't query/write to the database. If I run a rsop and gpresult on the test machine, it says that the script has been applied ... Yet my inventory doesn't update. Conversely, if I run the script "as is" on a machine, it updates the inventory just fine.
Is there a way to test the startup script to see if it actually runs? Like, anything that I can put into the code to keep the console window open before it gets to the login screen?
TIA, again :)
Matt
"Richard Mueller [MVP]" <rlmueller-nospam@xxxxxxxxxxxxxxxxxxxx> wrote in message news:uVoWTbCyJHA.3476@xxxxxxxxxxxxxxxxxxxxxxx
"Pegasus [MVP]" <news@xxxxxxxxxxxxx> wrote in message news:OhbtPpAyJHA.3968@xxxxxxxxxxxxxxxxxxxxxxx
"Matthew Curiale" <thisisnot@xxxxxxxxxxxx> wrote in message news:7D2880AC-FE50-40DC-A2D9-7D7DDAC72797@xxxxxxxxxxxxxxxx
"Pegasus [MVP]" <news@xxxxxxxxxxxxx> wrote in message news:uT%2360aAyJHA.1712@xxxxxxxxxxxxxxxxxxxxxxx
"Matthew Curiale" <thisisnot@xxxxxxxxxxxx> wrote in message news:4C7B92EE-E3C3-4F93-8583-3E799EDF0889@xxxxxxxxxxxxxxxxThanks for the replies Richard and Pegasus.
As an aside, we have a program called "agent.exe" that already does the polling of machines on the network... Our problem right now is where to place the call to the program. If we have it run at login, imagine 10 logins per computer, per day ... Thousands of computers across 40 buildings ... The load on the server would be ridiculous.
The script is definitely something that we'll look at in the very near future, but for the moment, would we be able to call the agent.exe program through the same methods (ie: using a semaphore file, through computer startup scripts, or even a top level GPO)?
TIA ... again!
Matthew Curiale
If you want the load spread over the days and the weeks then you probably have to trigger each audit from the server itself. You would need to maintain a database of computer names and dates last polled. A poll would be initiated in one of two ways:
a) When the poll is due and if the machine is online, or
b) If the poll is overdue and when the machine logs on.
We do have a database that's been started, though I'm not sure if the last date polled is in there; I'd have to go check. The program resides on a seperate server from the DC.
This polling can be scripted into the logon script of the machines themselves, then? And possibly with a time field that checks "if last logon
> 30 days, execute agent.exe" ?
Matthew Curiale
If you script the polling into the logon script then you get a whopper of a load every morning when people report for work, which is exactly what you said you wanted to avoid.
If you run an inventory script remotely to query all computers in bulk, it can be run from a client. The script will take a long time to run and will generate some network traffic, but it will not burden any servers. Also, it provides a snapshot taken in a short time span. You know when the inventory is complete, and you can run it on demand whenever you wish. The only downside is that some clients may be offline at the time, but even that can be noted in the inventory. The example script I posted pings each computer before attempting to connect. You could devise a scheme to run the script repeatedly, but only query computers missed before.
If you use logon or startup scripts instead, you want a mechanism to make sure the inventory is done once per time period. That's the purpose of the semaphore file referred to. The trick is where to store it. Best would be to save it somewhere where you can easily delete all the files, to trigger a new inventory (assuming you want to run it periodically). I used to use files named after the client computer saved in a shared folder on the network. When the logon or startup script starts, it retrieves the NetBIOS name of the local computer, then checks for the existance of a file with that name (and *.txt extension) in the shared folder. If the file exists, the script quits. Otherwise the inventory runs, the information is saved somewhere on the network, and the file is created in the shared folder to prevent a repeat of the inventory.
Remember that logon scripts run with the credentials of the user. You could give the group "Domain Users" read/write permissions in the shared folder (and where ever the inventory data is to be saved). However, make sure users have permissions to retrieve the information you are collecting. If you use Startup scripts, they run with the credentials of the local computer, which has System privileges on the local computer and the credentials of the computer object elsewhere in the domain. You can give the group "Domain Computers" read/write permission in the shared folder (and where ever the inventory data is to be saved).
One downside of logon/startup scripts is collecting the information retrieved, which might be in separate files, one for each computer. Also, you have no control over when the inventory script runs on each computer.
--
Richard Mueller
MVP Directory Services
Hilltop Lab - http://www.rlmueller.net
--
.
- Follow-Ups:
- Re: Inventory script question
- From: Pegasus [MVP]
- Re: Inventory script question
- Prev by Date: Re: Kix---Programming | Need help to read out textboxes
- Next by Date: Re: Inventory script question
- Previous by thread: Stop windows service copy data and then start service
- Next by thread: Re: Inventory script question
- Index(es):
Relevant Pages
|
