StdRegProv creates user profile
Posted: Thu Dec 06, 2007 11:38 pm
Guys,
When I run the following script on a client OS (2000 and XP) a local user profile is created for the user that is executing the script but when I run it on a server OS (2000 and 2003) it doesn't create a profile. The profile is created when the first method is called (EnumValues).
This section of script is only part of a larger one that scans enterprise networks (23000 clients) and I don't want to have profiles 'hanging around' on every client. I get the same results if I use a Domain Admin account or just a normal user account that is a member of the local Administrators group on each of the machines. Any insight would be greatly appreciated.
Heres the code (sorry but formatting goes away outside PrimalScript):
'=========================================================================='' VBScript Source File -- Created with SAPIEN Technologies PrimalScript 4.0'' NAME: GatherMachineData.vbs'' AUTHOR: Aaron Mueller' DATE : 10/11/2007'' COMMENT: Data Gathering script (WMI and Remote Registry) (Version 1.0)'' Version 1.0' Modifications:' Initial release (broken out from DataGatheringScript)''==========================================================================Option Explicit
Const HKEY_LOCAL_MACHINE = &H80000002Const wbemFlagConnectUseMaxWait = &h80Const WbemAuthenticationLevelPkt = 4 ' Short name: Pkt - Authenticates that all data received is from the expected client.Const wbemImpersonationLevelImpersonate = 3 ' Short name: Impersonate - Allows objects to use the credentials of the caller. ' This is the recommended impersonation level for Scripting API for WMI calls.
Dim g_strComputerFQDN, strNameSpace, strUser, strPassword, strLocaleDim strAuthority, iSecurityFlags, objLocator, objSWbemServices, objRegDim strKeyPath, strValueName, intRetVal, arrValueNames(), arrValueTypes()
'g_strComputerFQDN = "xppromachine.test.local"'g_strComputerFQDN = "srv2003eemember.test.local"g_strComputerFQDN = "server2000adv.test.local"strNameSpace = "rootdefault"strUser = ""strPassword = ""strLocale = ""strAuthority = ""iSecurityFlags = CLng( wbemFlagConnectUseMaxWait )'' Start the WMI queries'Set objLocator = CreateObject("WbemScripting.SwbemLocator")objLocator.Security_.AuthenticationLevel = wbemAuthenticationLevelPktobjLocator.Security_.Privileges.AddAsString "SeSecurityPrivilege"objLocator.Security_.ImpersonationLevel = wbemImpersonationLevelImpersonateOn Error Resume NextSet objSWbemServices = objLocator.ConnectServer( g_strComputerFQDN, strNameSpace, strUser, strPassword, strLocale, strAuthority, iSecurityFlags )Set objReg = objSWbemServices.Get("StdRegProv")'Set objReg = GetObject("winmgmts:{impersonationLevel=impersonate,(Security)}!" & g_strComputerFQDN & "rootdefault:StdRegProv")If ( Err.Number <> 0 ) Then On Error GoTo 0 WScript.Echo "No Access to Registry - Error: " & Err.NumberElse On Error GoTo 0 strKeyPath = "SYSTEMCurrentControlSetControlPriorityControl" strValueName = "Win32PrioritySeparation" On Error Resume Next intRetVal = objReg.EnumValues( HKEY_LOCAL_MACHINE, strKeyPath, arrValueNames, arrValueTypes ) If ( Err.Number <> 0 ) Then On Error goto 0 WScript.Echo "Error " & intRetVal & " occurred reading registry key " & strKeyPath Else On Error goto 0 WScript.Echo "Registry read successful" End IfEnd If
When I run the following script on a client OS (2000 and XP) a local user profile is created for the user that is executing the script but when I run it on a server OS (2000 and 2003) it doesn't create a profile. The profile is created when the first method is called (EnumValues).
This section of script is only part of a larger one that scans enterprise networks (23000 clients) and I don't want to have profiles 'hanging around' on every client. I get the same results if I use a Domain Admin account or just a normal user account that is a member of the local Administrators group on each of the machines. Any insight would be greatly appreciated.
Heres the code (sorry but formatting goes away outside PrimalScript):
'=========================================================================='' VBScript Source File -- Created with SAPIEN Technologies PrimalScript 4.0'' NAME: GatherMachineData.vbs'' AUTHOR: Aaron Mueller' DATE : 10/11/2007'' COMMENT: Data Gathering script (WMI and Remote Registry) (Version 1.0)'' Version 1.0' Modifications:' Initial release (broken out from DataGatheringScript)''==========================================================================Option Explicit
Const HKEY_LOCAL_MACHINE = &H80000002Const wbemFlagConnectUseMaxWait = &h80Const WbemAuthenticationLevelPkt = 4 ' Short name: Pkt - Authenticates that all data received is from the expected client.Const wbemImpersonationLevelImpersonate = 3 ' Short name: Impersonate - Allows objects to use the credentials of the caller. ' This is the recommended impersonation level for Scripting API for WMI calls.
Dim g_strComputerFQDN, strNameSpace, strUser, strPassword, strLocaleDim strAuthority, iSecurityFlags, objLocator, objSWbemServices, objRegDim strKeyPath, strValueName, intRetVal, arrValueNames(), arrValueTypes()
'g_strComputerFQDN = "xppromachine.test.local"'g_strComputerFQDN = "srv2003eemember.test.local"g_strComputerFQDN = "server2000adv.test.local"strNameSpace = "rootdefault"strUser = ""strPassword = ""strLocale = ""strAuthority = ""iSecurityFlags = CLng( wbemFlagConnectUseMaxWait )'' Start the WMI queries'Set objLocator = CreateObject("WbemScripting.SwbemLocator")objLocator.Security_.AuthenticationLevel = wbemAuthenticationLevelPktobjLocator.Security_.Privileges.AddAsString "SeSecurityPrivilege"objLocator.Security_.ImpersonationLevel = wbemImpersonationLevelImpersonateOn Error Resume NextSet objSWbemServices = objLocator.ConnectServer( g_strComputerFQDN, strNameSpace, strUser, strPassword, strLocale, strAuthority, iSecurityFlags )Set objReg = objSWbemServices.Get("StdRegProv")'Set objReg = GetObject("winmgmts:{impersonationLevel=impersonate,(Security)}!" & g_strComputerFQDN & "rootdefault:StdRegProv")If ( Err.Number <> 0 ) Then On Error GoTo 0 WScript.Echo "No Access to Registry - Error: " & Err.NumberElse On Error GoTo 0 strKeyPath = "SYSTEMCurrentControlSetControlPriorityControl" strValueName = "Win32PrioritySeparation" On Error Resume Next intRetVal = objReg.EnumValues( HKEY_LOCAL_MACHINE, strKeyPath, arrValueNames, arrValueTypes ) If ( Err.Number <> 0 ) Then On Error goto 0 WScript.Echo "Error " & intRetVal & " occurred reading registry key " & strKeyPath Else On Error goto 0 WScript.Echo "Registry read successful" End IfEnd If