/build/static/layout/Breadcrumb_cap_w.png

How can I go about creating a custom inventory item that tracks if SMB v1 is enabled and also another for seeing all local users on a machine?


RESOLVED by rkernan

SMB v1 Custom Inventory Field

Microsoft has this script for listing if SMBv1 is enabled:

Get-SmbServerConfiguration | Format-List EnableSMB1Protocol

Just unsure how to use it as part of a custom inventory software. The script I tried is this and I do not see the new Custom Inventory Field. 

ShellCommandTextReturn(cmd /c type C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe "Get-SmbServerConfiguration | Format-List EnableSMB1Protocol")

What am I doing wrong here?


RESOLVED

Local Users Custom Inventory Field

For this one I used a script I found in another ITNinja post but it doesn't work and I do not see the Inventory Field listed under Custom Inventory Fields.

This is the script I am using:

ShellCommandTextReturn(cmd.exe /c net.exe user)

Why does this not work?


Any assistance with this would be appreciated.

Thanks.




0 Comments   [ + ] Show comments

Answers (5)

Answer Summary:
Posted by: rkernan 1 year ago
Yellow Belt
2

Top Answer

Not sure if this helps...

I created a custom inventory rule under Inventory > Software

ShellCommandTextReturn(PowerShell.exe -command "$SMB1 = Get-SmbServerConfiguration | Select-Object EnableSMB1Protocol ; $SMB1.EnableSMB1Protocol.ToString()")

R4LHVgF1EKkAAAAASUVORK5CYII=

From here I can run a report that shows me the returned value for all the machines this rule runs against. 

You can do the same thing for something like PowerShell execution policy too to audit that as well. 

ShellCommandTextReturn(PowerShell.exe -Command Get-ExecutionPolicy)

Hope this helps!




Comments:
  • This worked like a charm for SMBv1. Thank you sir! You wouldn't happen to have a script that works for pulling the Local Users on machines as well, would you? - ronni3 1 year ago
    • Not off hand but I know you should be able to obtain this information in the same way I demonstrated with the custom inventory rule.

      Just use the ShellCommandTextReturn() and use PowerShell to get a list of local users.

      https://learn.microsoft.com/en-us/powershell/module/microsoft.powershell.localaccounts/get-localuser?view=powershell-5.1

      Maybe something like Get-LocalUser -Name* and play around with the PowerShell command from there to get the desired output. - rkernan 1 year ago
Posted by: ronni3 1 year ago
White Belt
1

This worked for me although the output is clustered together. Any way to break each user out per line?


Working Script:

ShellCommandTextReturn(cmd /q /c for /f "tokens=* skip=4" %a in ('net user ^| find /V "The command completed successfully."') do echo %a)


Output:

3) Local Window User Accounts:C***** De*******unt DisabledGuest
W*********ount
The command completed with one or more errors.
[string]


Credit to @PaulGibson

https://www.itninja.com/question/inventory-rule-to-see-who-is-a-member-of-the-local-administrator-group

Posted by: ronni3 1 year ago
White Belt
1

A better Powershell option would be this script but unsure how to get it to properly resolve via Custom Inventory script. Just fails with no output or hangs up and requires inventory process to timeout.

Any ideas on how to script this in Kace?

get-ciminstance win32_useraccount | Select Name,Description,Status,Disabled,AccountType | sort Status | format-table -groupby Status -Property Name,Description,Disabled


Comments:
  • That worked. Assume. Appreciate you. - ronni3 1 year ago
Posted by: rkernan 1 year ago
Yellow Belt
1

Maybe this?

ShellCommandTextReturn(PowerShell.exe -command "get-ciminstance win32_useraccount | Select Name,Description,Status,Disabled,AccountType | sort Status | format-table -groupby Status -Property Name,Description,Disabled")

Posted by: Nico_K 1 year ago
Red Belt
0

the scripts look good.
Please let inventory a test machine and check if it is done.
If not, check the logs for an error message

Don't be a Stranger!

Sign up today to participate, stay informed, earn points and establish a reputation for yourself!

Sign up! or login

Share

 
This website uses cookies. By continuing to use this site and/or clicking the "Accept" button you are providing consent Quest Software and its affiliates do NOT sell the Personal Data you provide to us either when you register on our websites or when you do business with us. For more information about our Privacy Policy and our data protection efforts, please visit GDPR-HQ