How can I go about creating a custom inventory item that tracks if SMB v1 is enabled and also another for seeing all local users on a machine?
RESOLVED by rkernan
SMB v1 Custom Inventory Field
Microsoft has this script for listing if SMBv1 is enabled:
Get-SmbServerConfiguration | Format-List EnableSMB1Protocol
Just unsure how to use it as part of a custom inventory software. The script I tried is this and I do not see the new Custom Inventory Field.
ShellCommandTextReturn(cmd /c type C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe "Get-SmbServerConfiguration | Format-List EnableSMB1Protocol")
What am I doing wrong here?
RESOLVED
Local Users Custom Inventory Field
For this one I used a script I found in another ITNinja post but it doesn't work and I do not see the Inventory Field listed under Custom Inventory Fields.
This is the script I am using:
ShellCommandTextReturn(cmd.exe /c net.exe user)
Why does this not work?
Any assistance with this would be appreciated.
Thanks.
Answers (5)
Top Answer
Not sure if this helps...
I created a custom inventory rule under Inventory > Software
ShellCommandTextReturn(PowerShell.exe -command "$SMB1 = Get-SmbServerConfiguration | Select-Object EnableSMB1Protocol ; $SMB1.EnableSMB1Protocol.ToString()")
From here I can run a report that shows me the returned value for all the machines this rule runs against.
You can do the same thing for something like PowerShell execution policy too to audit that as well.
ShellCommandTextReturn(PowerShell.exe -Command Get-ExecutionPolicy)
Hope this helps!
Comments:
-
This worked like a charm for SMBv1. Thank you sir! You wouldn't happen to have a script that works for pulling the Local Users on machines as well, would you? - ronni3 1 year ago
-
Not off hand but I know you should be able to obtain this information in the same way I demonstrated with the custom inventory rule.
Just use the ShellCommandTextReturn() and use PowerShell to get a list of local users.
https://learn.microsoft.com/en-us/powershell/module/microsoft.powershell.localaccounts/get-localuser?view=powershell-5.1
Maybe something like Get-LocalUser -Name* and play around with the PowerShell command from there to get the desired output. - rkernan 1 year ago
This worked for me although the output is clustered together. Any way to break each user out per line?
Working Script:
ShellCommandTextReturn(cmd /q /c for /f "tokens=* skip=4" %a in ('net user ^| find /V "The command completed successfully."') do echo %a)
Output:
| 3) Local Window User Accounts: | C***** De*******unt DisabledGuest W*********ount The command completed with one or more errors. [string] |
Credit to @PaulGibson
https://www.itninja.com/question/inventory-rule-to-see-who-is-a-member-of-the-local-administrator-group
A better Powershell option would be this script but unsure how to get it to properly resolve via Custom Inventory script. Just fails with no output or hangs up and requires inventory process to timeout.
Any ideas on how to script this in Kace?
get-ciminstance win32_useraccount | Select Name,Description,Status,Disabled,AccountType | sort Status | format-table -groupby Status -Property Name,Description,Disabled
Comments:
-
That worked. Assume. Appreciate you. - ronni3 1 year ago
Maybe this?
ShellCommandTextReturn(PowerShell.exe -command "get-ciminstance win32_useraccount | Select Name,Description,Status,Disabled,AccountType | sort Status | format-table -groupby Status -Property Name,Description,Disabled")
the scripts look good.
Please let inventory a test machine and check if it is done.
If not, check the logs for an error message