Creating a script to gather PC information - to assist those asking for help

[Compo]

What I'm after is a way to determine if the user would be able to gain elevation even if the script wasn't run as admin.

The only thing I've been able to find which may help is the following, page.
The problem we face is that there doesn't seem to be a solution which covers all of the OS's used, and we may need to create solutions pre-XP or pre-Vista.

The bigger the script, the scarier it becomes and the less likely it is that you'll be able to persuade a new/unaware end user to run it.

[aGerman]

The only thing I've been able to find which may help is the following, page.

Thanks! I will check this out.

The bigger the script, the scarier it becomes and the less likely it is that you'll be able to persuade a new/unaware end user to run it.

I'm aware of that. Nevertheless I would like to gather the possibilities before we discuss what to remove (or maybe outsource into additional/optional scripts).

FWIW The reason why I'm keen on getting this "is local admin" information is that there are users like Dave and me that you cannot ask to run the script as admin on their computers at work.

[SIMMS7400]

Fox -

Wow, that's so much cleaner! Thank you so much for taking the time to do that. Much appreciated!!!

but figured I'd share.

Here are a few changes to your code showing a different way to arrange it. You'll find the ) are changed to ^) to use this style of redirecting into a file.

One benefit here is that the code becomes a good deal easier to read.

Code: Select all

@echo off
set "file=%userprofile%\javainfo_%COMPUTERNAME%.txt"
(
echo INFO: Getting information about Java ...
echo Java Information on Computer: %COMPUTERNAME%
echo Current Date and Time: %DATE% %TIME%
echo ================================================================================
echo Java JDKs installed:
reg query "HKEY_LOCAL_MACHINE\SOFTWARE\JavaSoft\Java Development Kit" /s
echo Java JREs installed:
reg query "HKEY_LOCAL_MACHINE\SOFTWARE\JavaSoft\Java Runtime Environment" /s
echo Where is java.exe?
where java
echo.
echo Java.exe version information:
java -version 2>&1
echo.
echo Java related environment variables (may not be set^):
if defined JAVA_HOME echo %%JAVA_HOME%%=%JAVA_HOME%
if defined CLASSPATH echo %%CLASSPATH%%=%CLASSPATH%
echo.
if exist "%%PROGRAMFILES%%\Java\" echo Folders under "%%PROGRAMFILES%%\Java":
if exist "%%PROGRAMFILES%%\Java\" dir /b "%PROGRAMFILES%\Java"
if exist "%%ProgramFiles(x86^)%%\Java\" echo Folders under "%%ProgramFiles(x86^)%%\Java":
if exist "%%ProgramFiles(x86^)%%\Java\" dir /b "%ProgramFiles(x86^)%\Java"
) >"%file%"

[aGerman]

@Douglas
Basically this is what I included into the script for the moment. (The link can be found in the initial post.)

Code: Select all

echo off
setlocal

set "start_time=%time%"

set "LocalAdmin=Not found"
for /f "tokens=1* delims==" %%i in (
  'wmic path Win32_Group WHERE "LocalAccount='TRUE' AND SID='S-1-5-32-544'" GET Name /value'
) do for /f "delims=" %%k in ("%%j") do (
  for /f "tokens=1* delims=:" %%l in ('2^>nul gpresult /r /scope user ^| findstr /n /c:"--------" /c:"%%k"') do (
    set "check="
    for /f "delims=- " %%n in ("%%m") do set "check=1"
    if not defined check (
      set "n=%%l"
      set "LocalAdmin=No"
    ) else for /f %%n in ('set /a n') do if %%n lss %%l set "LocalAdmin=Yes"
  )
)

echo(
echo end: %time%
echo beg: %start_time%
echo Local Admin: %LocalAdmin%

pause

@Compo
The VBScript was really a great find. Even if it outputs wrong values for me it gave me the hint to fiddle with WHOAMI /GROUPS. It appears to be exactly what I was looking for. It's not available on XP but worth to investigate. Thanks again!

Steffen

[aGerman]

I need your help ...

The PATH or PATHEXT environment could be corrupted in any way. For that reason I try to assign variables in order to call command tools with their full name. E.g.

Code: Select all

if exist "%SystemRoot%\System32\find.exe" (set "find=%SystemRoot%\System32\find.exe") else set "find=find.exe"

Currently the assinment in ELSE doesn't make much sense

What should be done if find.exe doesn't exist for whatever reason?
I guess to prevent the script from dying variable %find% could contain some kind of internal command like ECHO or TITLE.
What do you think?

Steffen

[penpen]

One could check if the system directory equals "%SystemRoot%\System32":

Code: Select all

reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Windows" /V "SystemDirectory"

If the system directory is ok, and find is not there one might use findstr (if exists), or if all fails possibly a jscript.
(If all fails we could echo the message "Please resinstall windows." - just joking --- although this user should have serious problems on running windows.)


penpen

[aGerman]

Thanks penpen!

One could check if the system directory equals "%SystemRoot%\System32"

I that case the script already failed. The script was restarted using "%SystemRoot%\System32\cmd.exe /c". And as Dave told us registry queries could be disabled. It's rather the unlikely case that certain tools were deleted what I'm after.
I tend to agree with your joke that Windows should be reinstalled if that happens. But before we should be able to detect it with the script

Steffen

[penpen]

A friend of mine said, that we don't need to restart the script using "%SystemRoot%\System32\cmd.exe /c ...", we only need "setlocal enableExtensions".
I couldn't believ it because it contradicts "setlocal /?", so i tested it (via registry disabling (HKCU + HKLM) and "cmd /E:OFF",
starting batch by doubleclick the icon and typing to cmd-prompt), and it works on my winxp home/prof and win 10 prof 32 bit.
Tested using:

Code: Select all

@echo off
echo CMDCMDLINE=%CMDCMDLINE%
setlocal enableExtensions
echo CMDCMDLINE=%CMDCMDLINE%
pause
pause
endlocal
goto :eof

Output:

Code: Select all

CMDCMDLINE=
CMDCMDLINE=C:\WINDOWS\system32\cmd.exe /c ""C:\Users\Ulf\Desktop\test.bat" "
"C:\Users\Ulf\Desktop\test.bat"
Drücken Sie eine beliebige Taste . . .
Drücken Sie eine beliebige Taste . . .

Because i don't know how to, i haven't tested the case "extensions disabled by group policy",
but i hope, the behaviour is the same:
Could anybody confirm this (or tell me howto set this via group policies)?
It would also be nice, if someone coud check this on all other windows versions.


penpen

[aGerman]

Thanks penpen!

I couldn't believ it because it contradicts "setlocal /?"

Yes, that's what I relied on

Code: Select all

[...]
If Command Extensions are enabled SETLOCAL changes as follows:

SETLOCAL batch command now accepts optional arguments:
        ENABLEEXTENSIONS / DISABLEEXTENSIONS
            enable or disable command processor extensions. These 
            arguments takes precedence over the CMD /E:ON or /E:OFF
            switches. See CMD /? for details.
[...]

That indicates that SETLOCAL ENABLEEXTENSIONS would be completely useless. If extensions are already enabled you don't need it either. If extensions are disabled then arguments are not supported.
I have to do some tests where I will change the registry beforehand...

In the meantime I'll update the code again.

Steffen

[aGerman]

I set EnableExtensions in HKCU\Software\Microsoft\Command Processor, HKLM\..., HKU\.Default\..., and HKU\S-1-5-19\... to 0 and restarted the computer.

Result: SETLOCAL ENABLEEXTENSIONS works as you said.

Changed the script accordingly.

Steffen

[douglas.swehla]

@Douglas
Basically this is what I included into the script for the moment. (The link can be found in the initial post.)

Code: Select all

set "LocalAdmin=Not found"
for /f "tokens=1* delims==" %%i in (
  'wmic path Win32_Group WHERE "LocalAccount='TRUE' AND SID='S-1-5-32-544'" GET Name /value'
) do for /f "delims=" %%k in ("%%j") do (
  for /f "tokens=1* delims=:" %%l in ('2^>nul gpresult /r /scope user ^| findstr /n /c:"--------" /c:"%%k"') do (
    set "check="
    for /f "delims=- " %%n in ("%%m") do set "check=1"
    if not defined check (
      set "n=%%l"
      set "LocalAdmin=No"
    ) else for /f %%n in ('set /a n') do if %%n lss %%l set "LocalAdmin=Yes"
  )
)
echo Local Admin: %LocalAdmin%

Thanks for the updates and feedback, Steffen. Sorry I've been incommunicado the last few days.

Nice work on this! It runs consistently under four seconds on my machine, so less than a tenth of the time my version did. Capturing the line numbers for all the relevant rows in GPRESULT and then comparing them is an elegant solution to the double-run problem.

One minor tweak I'd suggest:

The WMIC command outputs 6 rows for me, and the loop runs for each one. I'd add a FINDSTR filter to get just the useful row. I ran each version several times to see if there was a performance hit for adding the filter, and it's about the same. The Unicode-to-ANSI conversion described here doesn't seem to have an effect, but if you know something I don't, please say so.

Code: Select all

:: Run times with aGerman script (seconds)
:: wmic path Win32_Group WHERE "LocalAccount='TRUE' AND SID='S-1-5-32-544'"
3.34, 3.15, 3.03, 3.05, 3.13

:: Run times with modified version
:: wmic path Win32_Group WHERE "LocalAccount='TRUE' AND SID='S-1-5-32-544'" GET Name /value | findstr /r "[a-z0-9]"
3.58, 3.09, 3.03, 3.08, 3.04

[aGerman]

FINDSTR is an external executable. Loading another process will most likely whipe out the benefit of saving a few FOR iterations. Compare the average times (3.14 mine and 3.16 yours). The 6 lines you see are "not real" because only one of them isn't blank. I run another FOR /F loop
) do for /f "delims=" %%k in ("%%j") do (
directly after capturing the output of WMIC. It automatically skips the blank lines. Since FOR is an internal statement of the already running cmd.exe process it is usually faster than a pipeline to an external tool. (There might be a Break Even Point if you would have to filter hundreds of lines though.)

Nevermind. That's actually only a sideshow because it was GPRESULT that took so much time. That was the reason why I tried to avoid calling it twice by all means

Steffen

[Compo]

That's actually only a sideshow because it was GPRESULT that took so much time. That was the reason why I tried to avoid calling it twice by all means :wink:

Steffen

I was wondering if the following would help

Code: Select all

@Echo Off
(Set LocalAdmin=No)
For /F "UseBackQ Skip=1" %%a In (
   `WMIC Group Where "SID='S-1-5-32-544' And LocalAccount=True" Get Name`) Do (
   For %%b In (%%a) Do (For /F Tokens^=^4^ Delims^=^" %%c In (
      'WMIC Path Win32_GroupUser Where (GroupComponent^
         ^="Win32_Group.Name=\"%%b\",domain=\"%computername%\""^)^
         Get PartComponent') Do (If /I "%%c"=="%UserName%" (
            Set LocalAdmin=Yes))))
Echo(%%LocalAdmin%%=%LocalAdmin%
Pause

[aGerman]

Thanks! Tried it at work and it returns the right results in no time
I'm curious what Douglas' results will be using your approach.

Steffen

[penpen]

That's nearly the same solution, i've given above (with a removed flaw, but a (probably slower) "for /F" instead of "AND ...").
I thought you've tested it, and it is slower because it's "querying the Win32_GroupUser class"?!


penpen