Wednesday, September 15, 2010

Remotely wake computers when the network doesn't pass Magic Packets

I'm in a situation where the network we have doesn't pass the UDP 9 magic packet to WoL (wake-on-LAN) remote computers. I'm not sure why this is, but I've developed a solution around it. It requires you to be a domain administrator (or local admin) because it uses PSEXEC and you need to copy a small command-line program to the local machine to execute. To do this in such a way that you can do multiple computers in one pass, you need to create a text file in the same folder as the batch file (upcoming). The text file has the following format:
Note the space between the two. An example:
CAC00700ZZ is off, but it has a MAC address of 00:12:34:56:78
CAC00855FT is on and on the same LAN as CAC00700ZZ. I'm on computer SERVER1 and the link between SERVER1 and CAC00700ZZ doesn't allow the magic packet to traverse. To wake up CAC00700ZZ, I need to send a WoL packet from CAC00855FT. To do this I create a text file called "computer-list.txt" and put in:

CAC00855FT 00:12:34:56:78


Next I need to create a WAKEUP.CMD file and put in the following:
:This script wakes up computers using a tertiary computer on the same LAN.

for /F "tokens=1-2 delims= " %%A IN ('type computer-list.txt') do psexec \\%%A -i -c mc-wol.exe %%B

Lastly, I need to ensure PSEXEC.EXE, MC-WOL.EXE, computer-list.txt and WAKEUP.CMD are in the same folder. MC-WOL.EXE can be downloaded from here. PSEXEC.exe can be downloaded from Microsoft.

If you needed to wake up multiple computers, your computer-list.txt file would look like this:
CAC00700JQ 18A9051BFE68
CAC00700HT 18A9051E2894
CAC00700HQ 18A9051E2B90

Wednesday, September 08, 2010

Querying HKEY_CURRENT_USER remotely

I'm not sure why MS doesn't allow this to work with their reg.exe program. On most workstations only a single user is logged in anyways...

for /f %%A IN ('type domain-list.txt') DO (
ECHO %%A >> list1.txt
reg query "\\%%A\HKU" > ".\temp.txt"
findstr /R /C:"HKEY_USERS\\S-1-5-21.*[0-9]$" ".\temp.txt" > ".\temp2.txt"
FOR /F %%Z IN ('TYPE .\temp2.txt') DO reg query "\\%%A\%%Z\Software\Unicus Medical Systems" /s /v ReportPrinterName | findstr /R /C:"ReportPrinterName" >> list1.txt

The above may have truncated (FYI).

Ok, what this does...
1) Sequentially pull computer names from a file (domain-list.txt)
2) Echo that computer name into our master "list" text file
3) Query the HKEY_USERS via the computer name pulled from step 1 and save to a temporary file
4) Execute a findstr that will only search for user accounts (and not CLASS keys) and save to "temp2.txt".
5) In Temp2.txt, parse and save as variable "%%Z" and execute our reg query and save to our list1.txt file.

You can replace anything with step 5 to do whatever you need (Reg Add/Delete/Query/etc.)