SType = InputBox(TypeMenu, "Share Type", 0) SMax = InputBox("Enter the maximum number of users", "Maximum Users", 10) SDescribe = InputBox("Enter the description of the share", "Share Description", "Temp Share") SPass = InputBox("Enter the password to access the share", "Share Password", "Temp Password") Set Security = GetObject("winmgmts:{impersonationLevel= impersonate,(Security)}!\\" & Computer & "\root\cimv2") Set Share = Security.Get("Win32_Share") Set Methods = Share.Methods_Create("Create"). InParameters.SpawnInstance_() Methods.Properties_.Item("Description") = SDescribe Methods.Properties_.Item("MaximumAllowed") = SMax Methods.Properties_.Item("Name") = SName Methods.Properties_.Item("Password") = SPass Methods.Properties_.Item("Path") = SPath Methods.Properties_.Item("Type") = SType Set Complete = Share.ExecMethod_("Create", Methods) Note The highlighted code above must be placed on one line. The (Security) statement is necessary because this script modifies share access. Related solution: Found on page: Adding Shares 159 Deleting a Share The Delete method for Win32_Share allows you to delete a share from a manageable system. To delete a share using WMI, proceed as follows: 1. Create a new directory to store all files included in this example. 2. Download and install the latest version of WMI and Windows Script Host, from www.microsoft.com , to the new directory. 3. Select Start|Run and enter “cscript scriptfile.vbs”. Here, scriptfile is the full path and file name of a script file that contains the following: On Error Resume Next Computer = InputBox("Enter the computer name", "Delete Share", "localhost") SName = InputBox("Enter the name of the share", "Delete Share") Set Shares = GetObject("winmgmts:{impersonationLevel= impersonate}!\\" & Computer & "\root\cimv2").ExecQuery ("select * from Win32_Share where Name = '" & SName & "'") For each Share in Shares Share.Delete() Next Note The highlighted code above must be placed on one line. Related solution: Found on page: Removing Shares 160 Listing Processes The Win32_Process class manages all running processes on a system. These processes include all running applications, background tasks, and hidden system processes. To list all running processes using WMI, proceed as follows: 1. Create a new directory to store all files included in this example. 2. Download and install the latest version of WMI and Windows Script Host, from www.microsoft.com , to the new directory. 3. Select Start|Run and enter “cscript scriptfile.vbs”. Here, scriptfile is the full path and file name of a script file that contains the following: On Error Resume Next Computer = InputBox("Enter the computer name", "List Processes", "localhost") Set Processes = GetObject("winmgmts:{impersonationLevel= impersonate}!\\" & Computer & "\root\cimv2").ExecQuery ("select * from Win32_Process") For each Process in Processes PList = PList & Process.Description & VBlf Next WScript.Echo "Processes:" & VBlf & VBlf & UCase(PList) Note The highlighted code above must be placed on one line. Creating a Process The Create method for Win32_Process allows you to create a new process. The key benefit of this method is the ability to launch an application, such as a virus scanner or an application update, on a remote system. To create a process using WMI, proceed as follows: 1. Create a new directory to store all files included in this example. 2. Download and install the latest version of WMI and Windows Script Host, from www.microsoft.com , to the new directory. 3. Select Start|Run and enter “cscript scriptfile.vbs”. Here, scriptfile is the full path and file name of a script file that contains the following: On Error Resume Next Computer = InputBox("Enter the computer name", _ "Start Process", "localhost") AName = InputBox("Enter the executable to run", "Start Process", "explorer") Set Process = GetObject("winmgmts:{impersonationLevel= impersonate}!\\" & Computer & "\root\cimv2:Win32_Process") Process.Create AName,null,null,null Note The highlighted code above must be placed on one line. Terminating a Process The Terminate method for Win32_Process allows you to end a proc-ess and all its threads. The key benefit of this method is the ability to forcibly close a running application, such as an unauthorized port scanner or a corrupted program, on a remote system. To terminate a process using WMI, proceed as follows: 1. Create a new directory to store all files included in this example. 2. Download and install the latest version of WMI and Windows Script Host, from www.microsoft.com , to the new directory. 3. Select Start|Run and enter “cscript scriptfile.vbs”. Here, scriptfile is the full path and file name of a script file that contains the following: On Error Resume Next Computer = InputBox("Enter the computer name", "Terminate Process", "localhost") PName = InputBox("Enter the name of the process", "Terminate Process") Set Processes = GetObject("winmgmts:{impersonationLevel= impersonate}!\\" & Computer & "\root\cimv2").ExecQuery ("select * from Win32_Process where Name = '" & PName & "'") For each Process in Processes Process.Terminate Next Note The highlighted code above must be placed on one line. Listing Services The Win32_Service class manages all services installed on a system. This class does not apply to Windows 9x, because Windows 9x does not support services. To list all installed services using WMI, proceed as follows: 1. Create a new directory to store all files included in this example. 2. Download and install the latest version of WMI and Windows Script Host, from www.microsoft.com, to the new directory. 3. Select Start|Run and enter “cscript scriptfile.vbs”. Here, scriptfile is the full path and file name of a script file that contains the following: On Error Resume Next Computer = InputBox("Enter the computer name", "List Services", "localhost") Set Services = GetObject("winmgmts:{impersonationLevel= impersonate}!\\" & Computer & "\root\cimv2").ExecQuery ("select * from Win32_Service") For each Service in Services If Service.State = "Paused" Then PList = PList & Service.Description & VBlf End If If Service.State = "Running" Then RList = RList & Service.Description & VBlf End If If Service.State = "Stopped" Then SList = SList & Service.Description & VBlf End If Next WScript.Echo "Paused Services: " & VBlf & VBlf & PList WScript.Echo "Running Services: " & VBlf & VBlf & RList WScript.Echo "Stopped Services: " & VBlf & VBlf & SList Note The highlighted code above must be placed on one line. Starting Services The StartService method for Win32_Service allows you to start a stopped service. This method applies only to stopped services; paused services have their own method for resumption. To start a stopped service using WMI, proceed as follows: 1. Create a new directory to store all files included in this example. 2. Download and install the latest version of WMI and Windows Script Host, from www.microsoft.com , to the new directory. 3. Select Start|Run and enter “cscript scriptfile.vbs”. Here, scriptfile is the full path and file name of a script file that contains the following: On Error Resume Next Computer = InputBox("Enter the computer name", "Start Service", "localhost") SName = InputBox("Enter the name of the service", "Start Service") Set Services = GetObject("winmgmts:{impersonationLevel= impersonate}!\\" & Computer & "\root\cimv2").ExecQuery ("select * from Win32_Service where Name = '" & SName & "'") For each Service in Services Service.StartService() Next Note The highlighted code above must be placed on one line. Related solution: Found on page: Starting a Service 156 Stopping Services The StopService method for Win32_Service allows you to stop a service. Through this method, you can stop a running or paused service. To stop a service using WMI, proceed as follows: 1. Create a new directory to store all files included in this example. 2. Download and install the latest version of WMI and Windows Script Host, from www.microsoft.com , to the new directory. 3. Select Start|Run and enter “cscript scriptfile.vbs”. Here, scriptfile is the full path and file name of a script file that contains the following: On Error Resume Next Computer = InputBox("Enter the computer name", "Stop Service", "localhost") SName = InputBox("Enter the name of the service", "Stop Service") Set Services = GetObject("winmgmts:{impersonationLevel= impersonate}!\\" & Computer & "\root\cimv2").ExecQuery ("select * from Win32_Service where Name = '" & SName & "'") For each Service in Services Service.StopService() Next Note The highlighted code above must be placed on one line. Related solution: Found on page: Stopping a Service 157 Pausing Services The PauseService method for Win32_Service allows you to pause a running service. This method will not place a stopped service into paused mode. To pause a running service using WMI, proceed as follows: 1. Create a new directory to store all files included in this example. 2. Download and install the latest version of WMI and Windows Script Host, from www.microsoft.com , to the new directory. 3. Select Start|Run and enter “cscript scriptfile.vbs”. Here, scriptfile is the full path and file name of a script file that contains the following: On Error Resume Next Computer = InputBox("Enter the computer name", "Pause Service", "localhost") SName = InputBox("Enter the name of the service", "Pause Service") Set Services = GetObject("winmgmts:{impersonationLevel= impersonate}!\\" & Computer & "\root\cimv2").ExecQuery ("select * from Win32_Service where Name = '" & SName & "'") For each Service in Services Service.PauseService() Next Note The highlighted code above must be placed on one line. Resuming Services The ResumeService method for Win32_Service allows you to resume a paused service. This method will not start a stopped service. To create a process using WMI, proceed as follows: 1. Create a new directory to store all files included in this example. 2. Download and install the latest version of WMI and Windows Script Host, from www.microsoft.com , to the new directory. 3. Select Start|Run and enter “cscript scriptfile.vbs”. Here, scriptfile is the full path and file name of a script file that contains the following: On Error Resume Next Computer = InputBox("Enter the computer name", "Resume Service", "localhost") SName = InputBox("Enter the name of the service", "Resume Service") Set Services = GetObject("winmgmts:{impersonationLevel= impersonate}!\\" & Computer & "\root\cimv2").ExecQuery ("select * from Win32_Service where Name = '" & SName & "'") For each Service in Services Service.ResumeService() Next Note The highlighted code above must be placed on one line. Deleting a Service The Delete method for Win32_Services allows you to remove a service from your system. This method will happen immediately, regardless of whether a service is running. To delete a service using WMI, proceed as follows: 1. Create a new directory to store all files included in this example. 2. Download and install the latest version of WMI and Windows Script Host, from www.microsoft.com , to the new directory. 3. Select Start|Run and enter “cscript scriptfile.vbs”. Here, scriptfile is the full path and file name of a script file that contains the following: On Error Resume Next Computer = InputBox("Enter the computer name", "Delete Service", "localhost") SName = InputBox("Enter the name of the service", "Delete Service") Set Services = GetObject("winmgmts:{impersonationLevel= impersonate}!\\" & Computer & "\root\cimv2").ExecQuery ("select * from Win32_Service where Name = '" & SName & "'") For each Service in Services Service.Delete() Next Note The highlighted code above must be placed on one line. Related solution: Found on page: Uninstalling a Service 156 Rebooting a System The Win32_OperatingSystem class manages many aspects of the Windows operating system, from the serial number to the service pack. The Reboot method for Win32_OperatingSystem allows you to shut down and restart a manageable system. To reboot a system using WMI, proceed as follows: 1. Create a new directory to store all files included in this example. 2. Download and install the latest version of WMI and Windows Script Host, from www.microsoft.com , to the new directory. 3. Select Start|Run and enter “cscript scriptfile.vbs”. Here, scriptfile is the full path and file name of a script file that contains the following: On Error Resume Next Computer = InputBox("Enter the computer name", "Reboot System", "localhost") Set OS = GetObject("winmgmts:{impersonationLevel= impersonate}!\\" & Computer & "\root\cimv2").ExecQuery ("select * from Win32_ OperatingSystem where Primary=true") For each System in OS System.Reboot() Next Here, Primary=True is a check to ensure that Windows is the primary operating system currently running. Note The highlighted code above must be placed on one line. Related solution: Found on page: Shutting Down/Restarting the Computer 161 Shutting Down a System The ShutDown method for Win32_OperatingSystem allows you to shut down a computer to the prompt “It is now safe to turn off your computer.” To shut down a system using WMI, proceed as follows: 1. Create a new directory to store all files included in this example. 2. Download and install the latest version of WMI and Windows Script Host, from www.microsoft.com , to the new directory. 3. Select Start|Run and enter “cscript scriptfile.vbs”. Here, scriptfile is the full path and file name of a script file that contains the following: On Error Resume Next Computer = InputBox("Enter the computer name", "Reboot System", "localhost") Set OS = GetObject("winmgmts:{impersonationLevel= impersonate}!\\" & Computer & "\root\cimv2").ExecQuery ("select * from Win32_ OperatingSystem where Primary=true") For each System in OS System.Shutdown() Next Note The highlighted code above must be placed on one line. Related solution: Found on page: Shutting Down/Restarting the Computer 161 Monitoring CPU Utilization To monitor CPU utilization using the WMI ExecNotificationQuery method, proceed as follows: 1. Create a new directory to store all files included in this example. 2. Download and install the latest version of WMI and Windows Script Host, from www.microsoft.com , to the new directory. 3. Select Start|Run and enter “cscript scriptfile.vbs”. Here, scriptfile is the full path and file name of a script file that contains the following: On Error Resume Next Computer = InputBox("Enter the computer name", "CPU Monitor", "localhost") CPULoad = InputBox("Enter the CPU overload threshold", "CPU Threshold", "75") Poll = InputBox("Enter the polling interval", "Poll Interval", "5") If Computer = "" Then Computer = "Localhost" If CPULoad = "" Then CPULoad = 75 If Poll = "" Then Poll = 5 Set ProLoad = GetObject("winmgmts:{impersonationLevel= impersonate}!\\" & Computer & "\root\cimv2"). ExecNotificationQuery("SELECT * FROM __ InstanceModificationEvent WITHIN " & Poll & " WHERE TargetInstance ISA 'Win32_Processor' and TargetInstance .LoadPercentage > " & CPULoad) If Err.Number <> 0 then WScript.Echo Err.Description, Err.Number, Err.Source End If Do Set ILoad = ProLoad.nextevent If Err.Number <> 0 then WScript.Echo Err.Number, Err.Description, Err.Source Exit Do Else AMessage = ILoad.TargetInstance.DeviceID & _ " is overloaded at " & _ & ILoad.TargetInstance.LoadPercentage & "%!" Wscript.Echo "Event Alert: " & AMessage End If Loop Note The highlighted code above must be placed on one line. Here, computer is the name of the system to monitor; CPULoad is the CPU utilization threshold to monitor for (1– 100); and poll is the amount of seconds to check for events. Related solution: Found on page: Scripting Microsoft Agent Using Windows Script Host 365 Chapter 8: Enterprise Management In Brief Corporations spend millions of dollars a year on packaged applications and manpower to keep their computing environments running like finely tuned engines. Although most third-party solutions provide the tools to assist in enterprise management, they often come overloaded with fancy reporting features and are limited in actual functionality. And when you finally find a package that is really helpful in your administrative tasks, you’d be lucky to get the budget approval passed in this lifetime. In this chapter, you will learn about all the important aspects of managing an enterprise environment, and how to maintain it without expensive third-party solutions. You will also learn how to accomplish most of your administrative tasks with simple scripts. Understanding Windows NT Networks An NT domain is a collection of computers that share a common security accounts database (SAM). The SAM (Security Account Manager) is a central repository to store user accounts and groups, as opposed to storing them individually on each computer. The SAM is stored on a server called a primary domain controller (PDC). In an NT domain, there can be only one PDC (sort of like Duncan MacCleod). The PDC replicates a read-only copy of the SAM to servers called backup domain controllers (BDCs). BDCs help reduce PDC overload by processing authentication requests and receiving SAM modification requests. Any requests to modify the SAM on a BDC are sent to and processed by the PDC (because the BDC has only a read-only copy of the SAM). User Accounts and Groups Within the SAM are user accounts and groups. A user account is basically an entry in a database that stores various types of information, such as the user name, password, and group membership. User accounts are used to limit resource access to anyone with the user name and password of the account. A group is basically an organized list of computer accounts. You can use groups to collectively assign privileges or organize membership. For example, placing users in the Administrators group would grant them administrative privileges (and make them very dangerous). NT uses two types of users and groups: local and global. If an account or group is local, its information is stored in the SAM of a local computer and cannot be used outside the current domain. If an account or group is global, its information is stored on the PDC, is available throughout the entire domain, and may be used outside the domain. For example, if you are the local administrator of a computer, you have administrative privileges on that computer only and not on every computer in the domain, as a domain administrator would. Domain Trust To share resources across domains, NT uses a concept called “trust.” You can think of a trust as a key to your office. When you give others your office key, they can unlock and access your office. You will not be able to unlock and access their offices until they give you their keys. When a domain trusts another domain, it allows the other domain to enter and access its resources as if it were part of the domain. Trusts are established through the User Manager For Domains utility and are one-way relationships. In order for two domains to share each other’s resources, each domain must set up a trust for the other (a two-way trust). Understanding Windows 2000 Networks The biggest advantage of a Windows 2000 network as opposed to Windows NT is its restructuring and use of directory services. Windows 2000 gives you several new ways to organize and centrally manage your network. Trees and Forests Windows 2000 allows you to organize your domains into hierarchical groups called trees. Trees share a common schema, global catalog, replication information, and DNS namespace (for example, www.jesseweb.com ). Once trees are established, you can organize your trees into hierarchical groups called forests. Forests also share a . trust). Understanding Windows 2000 Networks The biggest advantage of a Windows 2000 network as opposed to Windows NT is its restructuring and use of directory services. Windows 2000 gives you. example, if you are the local administrator of a computer, you have administrative privileges on that computer only and not on every computer in the domain, as a domain administrator would. Domain. third-party solutions. You will also learn how to accomplish most of your administrative tasks with simple scripts. Understanding Windows NT Networks An NT domain is a collection of computers that