I'm trying to write a script that needs to grab the InstallDate of devices as seen in device manager. Yet when I run...
Select * From Win32_PnPEntity Where DeviceID = '<deviceID>'
...I only receive NULL results for the InstallDate property.
When I view the "Details" tab for the desired device in Device Manager the date appears normally.
Related
I am trying to create a module for our support team which will contain some tools we use on daily basis but we used CMD until now.
One of the commands we use is net user $username /domain in order to check if the user's password has expired and all the other useful details the command output.
I tried to put that command in a function like this:
function Get-UserDetails {
[CmdletBinding()]
Param(
[Parameter(Mandatory=$true)]
[string]$UserName
)
net user $UserName /domain
}
The function works fine but I want to filter the output for a few details only.
The problem is that net user is not a PowerShell cmdlet and it has no properties so I cant select any of it.
So my questions is:
Do you know a better way to get all that data in one command? because the Get-ADUser outputs less data then net user.
You can use Get-ADUser and pick the msDS-UserPasswordExpiryTimeComputed property from it. Problem is - this property may not enumerate even when using -Properties *, so it might not be apparent when trying to inspect the returned object. To make matters even better, the timestamp is not in a human-readable format.
Nonetheless, you can get the password expiration date fromthe AD cmdlets and also make it human-readable as follows:
# Get ADUser
$user = Get-ADUser username -Properties msDS-UserPasswordExpiryTimeComputed
# Get expiry timestamp and convert it from file time format
$userCredExpiryDate = [DateTime]::FromFileTime( $user.'msDS-UserPasswordExpiryTimeComputed' )
Here is the MSDN documentation for that AD DS attribute.
For other field values that show up in net user /domain but not in Get-ADUser - there should be other AD DS attributes you can search on if they don't show up with -Properties *. For these you will need to look for the appropriate property in the AD DS documentation.
UPDATE: Someone linked me to this page on another question (related to this behavior) and this seems to list additional properties that are available for processing, but are not returned when trying to look at "all" AD DS properties on an object. I don't know how complete this list is but it is a good starting point for understanding what additional AD attributes you have to work with.
I'm trying to get a method to find the name of an OU dynamically.
The problem is, that the company-name-OU is always there, but the contents can change.
For example:
In this case, the company name I have to retrieve (in my script) is 'Microsoft'.
I however haven't found a method that can do this dynamically.
Since the subOU's may vary (per client, not all clients have the same OU's) it's kind of difficult to find a good method to retrieve the company-name.
I have thought about retrieve the OU that is made by an Admin and has more than 10 objects but the Get-ADOrganizationalUnitcmdlet doesn't have a parameter that sounds like created by:
Do I need to give up or is there some sort of way?
EDIT
I have tried for a workaround 'algorithmicish' kind of thing:
Since the OU will most probably contain users, I check the distinguished names of all the users which will reply
Get-ADUser -Filter {Description -like "Member"} | Select DistinguishedName
CN=User1,OU=User,OU=Microsoft,DC=domain,DC=local
how could I start doing calculations (counts) of each of the OU's?
If you created all your OUs, then you would get domain admins. When I run
Get-ADOrganizationalUnit -Filter * -Properties * | Select #{N="Owner";E={$_.nTSecurityDescriptor}}
I get the attached picture (truncated)
If you can determine if the OU was created after all the default OUs, you could filter on WhenCreated with a Where statement, like this:
$DefaultOUCreationDate = Get-ADOrganizationUnit CN=Users,DC=domain,DC=local -Properties * | Select -ExpandProperty WhenCreated
Get-ADOrganizationalUnit -Filter * -Properties * | Where { $_.WhenCreated -ge $DefaultOUCreationDate }
My app use phone number as user ID, It will be good to detect the home PLMN of the SIM card and convert it to the country code(like +1, +33, etc.), then you don't have input the digits.
I guess it could be done with RIL in windows mobile, but in a windows phone 7 it seems there is no such kind of APIs.
Another choice is to get the CultureInfo, but some times the CultureInfo may not match with the SIM you are using, for example you take your phone abroad, usually you keep the phone region settings as your home land but you may use a local SIM card.
There does not appear to be any API action that allows you to look at the specific cultures embedded into a SIM for WP7. However, if you the general culture option is still appropriate you could do something like this:
string countryCode = CultureInfo.CurrentCulture.Name;
try {
RegionInfo reg = new RegionInfo(countryCode);
string name = reg.Name;
string displayname = reg.DisplayName;
string ISORegion = reg.TwoLetterISORegionName;
string currency = reg.CurrencySymbol;
string eng = reg.EnglishName;
string native = reg.NativeName;
}
catch (ArgumentException argEx) {
// The country code was not valid
}
If your application needs to be based on the current location please consider using the GPS task. Details for getting GPS data can be reviewed here.
Also converting the GPS data to a specifc country can be completed by geocode reversing as shown here.
can somebody please explain difference between those two terms, when I'm trying to print
structs from Win32_AllocatedResource() I can find pnp device id (something like PCI\\VEN_...)
and when I'm trying to print structs from Win32_IDEControllerDevice() I can find device id (something like IDE\\CDROM...)
but what is the difference why do I need both of them? thanks in advance
Win32_AllocatedResource gives you the assignment of a given resource (e.g. a DMA starting address) to some "device" (or "object"), which when ResultClass = Win32_IDEController, is the controller.
Win32_IDEControllerDevice gives you the list of "devices" (or "object") that are connected to a certain controller, the Antecedent key is the DeviceID of the controller whereas the Dependent key is the DeviceID of the storage unit.
I thought the key names immediately below HKEY_USERS were supposed to be the usernames of whoever logged in at this machine at some time. But in my machine what appears is:
S-1-5-18
S-1-5-19
S-1-5-20
S-1-5-21-NNNNNNNNN-NNNNNNNNN-NNNNNNNNNN-NNNNN
S-1-5-21-NNNNNNNNN-NNNNNNNNN-NNNNNNNNNN-NNNNN_Classes
I'd like to be able to determine which subtree corresponds to which user. How can I do that?
Edit: WHat I need is to get the usernames from the SIDs. I want to inspect the configurations of each user that has ever logged on, and I need to know their names. For example, in the registry above, I need to be able to, based on the string "S-1-5-21-NNNNNNNNN-NNNNNNNNN-NNNNNNNNNN-NNNNN", find out that it correspond to DOMAIN\somebody, or LOCALMACHINENAME\somebodyelse.
It is possible to query this information from WMI. The following command will output a table with a row for every user along with the SID for each user.
wmic useraccount get name,sid
You can also export this information to CSV:
wmic useraccount get name,sid /format:csv > output.csv
I have used this on Vista and 7 (according to the comments it works on 2008 R2 as well). For more information see WMIC - Take Command-line Control over WMI.
For PowerShell this is quick:
gwmi win32_userprofile | ft localpath, sid
Ashley McGlone
Microsoft PFE
http://aka.ms/GoateePFE
I believe those numbers are the user's security ID (SID). You can use SysInternals to get the SIDs of users:
http://technet.microsoft.com/en-us/sysinternals/bb897417.aspx
HKLM\System\CurrentControlSet\Control\hivelist will show you where the hives are mounted from. While not a direct mapping, usually the mount point has the user name in the path.
I'm sure there is a better answer than this though...
When doing it manually (without extra tools), the easiest way is to open permissions for that key. The only user who has full permissions is the owner of the key.
When from a program, you will need a way to convert SIDs to account names. In C# (or PowerShell), have a look at the SecurityIdentifier and NtAccount class for that.
in C# there is appears to be an answer to translating username to SID here http://community.bartdesmet.net/blogs/bart/archive/2006/09/08/4394.aspx but its only for local PCs.
For AD I converted it to:
using System;
using System.DirectoryServices;
using System.Security.Principal;
class Program {
static void Main(string[] args) {
string path = "LDAP://" + args[0];
DirectoryEntry root = new DirectoryEntry(path, args[1], null, AuthenticationTypes.Secure);
string sid = new SecurityIdentifier((byte[])root.Properties["objectSID"][0], 0).Value;
Console.WriteLine(sid);
}
}
The usage is : programname.exe DOMAIN username
e.g. programname.exe somecompany.com preet_sangha
Please use powershell:
$mydocuments = [Environment]::GetFolderPath("mydocuments")
gwmi win32_userprofile | ft localpath, sid, status -AutoSize | Out-File $mydocuments\userprofiles.txt