I'm trying to get data from wmic (I have to detect the interface ID of the one having a specific primary DNS)
The line I'm looking for is:
ArpAlwaysSourceRoute ArpUseEtherSNAP Caption DatabasePath DeadGWDetectEnabled DefaultIPGateway DefaultTOS DefaultTTL Description DHCPEnabled DHCPLeaseExpires DHCPLeaseObtained DHCPServer DNSDomain DNSDomainSuffixSearchOrder DNSEnabledForWINSResolution DNSHostName DNSServerSearchOrder DomainDNSRegistrationEnabled ForwardBufferMemory FullDNSRegistrationEnabled GatewayCostMetric IGMPLevel Index InterfaceIndex IPAddress IPConnectionMetric IPEnabled IPFilterSecurityEnabled IPPortSecurityEnabled IPSecPermitIPProtocols IPSecPermitTCPPorts IPSecPermitUDPPorts IPSubnet IPUseZeroBroadcast IPXAddress IPXEnabled IPXFrameType IPXMediaType IPXNetworkNumber IPXVirtualNetNumber KeepAliveInterval KeepAliveTime MACAddress MTU NumForwardPackets PMTUBHDetectEnabled PMTUDiscoveryEnabled ServiceName SettingID TcpipNetbiosOptions TcpMaxConnectRetransmissions TcpMaxDataRetransmissions TcpNumConnections TcpUseRFC1122UrgentPointer TcpWindowSize WINSEnableLMHostsLookup WINSHostLookupFile WINSPrimaryServer WINSScopeID WINSSecondaryServer
[00000005] TP-LINK Gigabit Ethernet USB Adapter %SystemRoot%\System32\drivers\etc TP-LINK Gigabit Ethernet USB Adapter FALSE {} FALSE BACCHINB {"8.8.8.8", "8.8.4.4"} FALSE TRUE 5 17 {"192.168.200.210", "fe80::c156:9171:8b58:ac61"} 25 TRUE FALSE {} {} {} {"255.255.255.0", "64"} 50:3E:AA:D3:94:F5 rtux64w10 {CD6DF33E-637E-446A-B589-7A9F1FF9F86D} 0 TRUE
My query would be like
WMIC NICCONFIG where DNSServerSearchOrder[0]=8.8.8.8 get Index,description
Now I get Invalid Query.
When I expect something like:
TP-LINK Gigabit Ethernet USB Adapter 5
You can try something like that :
WMIC nicconfig where (IPEnabled=TRUE and DHCPEnabled=False) get Index,description
EDIT : In Powershell
Get-WmiObject Win32_NetworkAdapterConfiguration | ForEach-Object {if ($_.DNSServerSearchOrder -EQ '8.8.8.8'){Write-Host "$($_.index),$($_.Description)"}}
Related
I am working on an fax grabber, for a fax in our building only Samsung provides the software "Samsung Easy Printer Manager" the program sends an SNMPGET to the Printer as I saw in Wireshark
Frame 133: 89 bytes on wire (712 bits), 89 bytes captured (712 bits) on interface bridge102, id 5
Ethernet II, Src: Parallel_53:1e:29 (Mac), Dst: SamsungE_69:6f:fe (Mac)
Internet Protocol Version 4, Src: 192.168.178.125, Dst: 192.168.178.38
User Datagram Protocol, Src Port: 55160, Dst Port: 161
Simple Network Management Protocol
version: version-1 (0)
community: Test
data: get-request (0)
get-request
request-id: 10944
error-status: noError (0)
error-index: 0
variable-bindings: 1 item
1.3.6.1.4.1.236.11.5.11.81.12.16.1.2.1: Value (Null)
Object Name: 1.3.6.1.4.1.236.11.5.11.81.12.16.1.2.1 (iso.3.6.1.4.1.236.11.5.11.81.12.16.1.2.1)
Value (Null)
[Response To: 134]
[Time: 0.000019000 seconds]
Answer:
Frame 135: 93 bytes on wire (744 bits), 93 bytes captured (744 bits) on interface vmenet2, id 2
Ethernet II, Src: SamsungE_69:6f:fe (Mac), Dst: Parallel_53:1e:29 (Mac)
Internet Protocol Version 4, Src: 192.168.178.38, Dst: 192.168.178.125
User Datagram Protocol, Src Port: 161, Dst Port: 55160
Simple Network Management Protocol
version: version-1 (0)
community: Test
data: get-response (2)
get-response
request-id: 10944
error-status: noError (0)
error-index: 0
variable-bindings: 1 item
1.3.6.1.4.1.236.11.5.11.81.12.16.1.2.1: 01000000
Object Name: 1.3.6.1.4.1.236.11.5.11.81.12.16.1.2.1 (iso.3.6.1.4.1.236.11.5.11.81.12.16.1.2.1)
Value (OctetString): 01000000
[Response To: 134]
[Time: 0.012747000 seconds]
But if im sending the get Request from my Laptop I get:
SNMPv2-SMI::enterprises.236.11.5.11.81.12.16.1.2.1 = No Such Instance currently exists at this OID
and after i googled the OID there was no result.
Any Ideas
How it possible to determine encryption status of non APFS volume?
For root disk it possible to use fdesetup status.
For other APFS volumes it possible to extract from diskutil info -all and check field FileVault.
But when I create a new volume by using "Disk Utility" it allow me to create "Mac Os Extended (Journaled)" and encrypt it with AES 128 or 256 but.
How may I get encryption status via terminal for such type volumes?
Following on from your comment, you will need to provide more information if hdiutil does not work for you: macOS version, type of disk image, format of disk image, how you reading the result, etc. With those details someone maybe able to help you.
hdiutil has been tested on High Sierra and Catalina with two images, 128 which is encrypted with AES128, and 256 encrypted with AES256, both HFS+. The result on Catalina:
% hdiutil info
framework : 559.100.2
driver : 559.100.2
images : 2
================================================
image-path : /Users/jacksprat/Desktop/256.dmg
image-alias : /Users/jacksprat/Desktop/256.dmg
shadow-path : <none>
icon-path : /System/Library/PrivateFrameworks/DiskImages.framework/Resources/CDiskImage.icns
image-type : read/write
system-image : false
blockcount : 195353
blocksize : 512
writeable : TRUE
autodiskmount : TRUE
removable : TRUE
image-encrypted : TRUE
mounting user : jacksprat
mounting mode : -rwx------
process ID : 2069
/dev/disk2 GUID_partition_scheme
/dev/disk2s1 48465300-0000-11AA-AA11-00306543ECAC /Volumes/256
================================================
image-path : /Users/jacksprat/Desktop/128.dmg
image-alias : /Users/jacksprat/Desktop/128.dmg
shadow-path : <none>
icon-path : /System/Library/PrivateFrameworks/DiskImages.framework/Resources/CDiskImage.icns
image-type : read/write
system-image : false
blockcount : 195353
blocksize : 512
writeable : TRUE
autodiskmount : TRUE
removable : TRUE
image-encrypted : TRUE
mounting user : jacksprat
mounting mode : -rwx------
process ID : 2068
/dev/disk3 GUID_partition_scheme
/dev/disk3s1 48465300-0000-11AA-AA11-00306543ECAC /Volumes/128
Both disks have image-encrypted : TRUE.
Trying to create powershell script to list missing or pending windows update. The purpose would be to run the script against a list of computers/servers to see if there are any missing updates or hot-fixes and generate a list of what servers you need to look at.
Does anyone have a solutions for this, have been looking around without any success finding scripts to do this.
Powershell script to list missing updates
Script:
Set-ExecutionPolicy -ExecutionPolicy Unrestricted
#List all missing updates
Write-Output "Creating Microsoft.Update.Session COM object"
$session1 = New-Object -ComObject Microsoft.Update.Session -ErrorAction silentlycontinue
Write-Output "Creating Update searcher"
$searcher = $session1.CreateUpdateSearcher()
Write-Output "Searching for missing updates..."
$result = $searcher.Search("IsInstalled=0")
#Updates are waiting to be installed
$updates = $result.Updates;
Write-Output "Found $($updates.Count) updates!"
$updates | Format-Table Title, AutoSelectOnWebSites, IsDownloaded, IsHiden, IsInstalled, IsMandatory, IsPresent, AutoSelection, AutoDownload -AutoSize
pause
Sample output:
Creating Microsoft.Update.Session COM object
Creating Update searcher
Searching for missing updates...
Found 4 updates!
Title AutoSelectOnWebSites IsDownloaded IsHiden IsInstalled IsMandatory IsPrese
nt
----- -------------------- ------------ ------- ----------- ----------- -------
Intel - Other hardware - Intel(R) Xeon(R) E3 - 1200/1500 v5/6th Gen Intel(R) Core(TM) PCIe Controller (x16) - 1901 False False False False False
Intel - Other hardware - Intel(R) Xeon(R) E3 - 1200/1500 v5/6th Gen Intel(R) Core(TM) Gaussian Mixture Model - 1911 False False False False False
Microsoft Silverlight (KB4481252) False False False False False
SQL Server 2019 RTM Cumulative Update (CU) 4 KB4548597 False False False False False
Press Enter to continue...:
There's a sample script from TechNet that does the core logic you're looking for:
Get-WindowsUpdates.ps1
There's also the older VBScript-based WUA_SearchDownloadInstall.vbs.
Function ChangeName([string]$firstname, [string]$secondname)
{
net user administrator /active:yes
Write-Host "The new student machine name is: $firstname-S$secondname"
wmic computersystem where name="$(Get-WmiObject Win32_Computersystem).name" call rename name="$newname"
}
ChangeName "A" "B"
Error message:
invalid verb switch
Why not use the built-in Rename-Computer command?
When I use nslookup for "google.com" I get the following:
Addresses: 2607:f8b0:400a:801::1001
173.194.33.32
173.194.33.36
173.194.33.34
173.194.33.37
173.194.33.33
173.194.33.46
173.194.33.39
173.194.33.41
173.194.33.38
173.194.33.40
173.194.33.35
However when I call GetAddrInfoW and pass it L"google.com" I get the following:
173.194.33.41
173.194.33.39
173.194.33.46
173.194.33.33
173.194.33.37
173.194.33.38
173.194.33.40
173.194.33.34
173.194.33.35
173.194.33.36
173.194.33.32
Where'd the IPv6 address go?
Edit: If I do the same lookup with the same code for "localhost" the output is:
0000:0000:0000:0000:0000:0000:0000:0001
127.0.0.1
Which is even more of a head scratcher.