Announcement

Collapse
No announcement yet.

User name + IP output

Collapse
X
  • Filter
  • Time
  • Show
Clear All
new posts

  • User name + IP output

    Hi All,

    Can any one help me to find a way to get an output of user to IP correlation.

    e.g.

    10.0.0.1 JohnB
    10.0.0.2 LisaS
    etc...

    please please please find me the solution!!!

  • #2
    Re: User name + IP output

    IP addresses correspond to network devices, not to user name. If you wanted to find out which device is using an IP address you can use nslookup. Your typing is in bold below.

    e.g.

    C:\> NSLOOKUP
    Default Server: blah.blah.com
    Address: 10.86.15.23

    > SET TYPE=PTR
    > 10.15.23.227
    Server: blah.blah.com
    Address: 10.86.15.23

    277.23.15.10.in-addr.arpa name = ntssap16-rib.blah.local
    > QUIT


    Tom
    For my own and your protection, I do not provide support by private message under any circumstances. All such messages will be deleted and ignored.

    Anything you say will be misquoted and used against you

    Comment


    • #3
      Re: User name + IP output

      CMD file? VBS?
      Is machine name enough, or you need IP?
      And why do you need such a thing, if I may ask? This is one of the cases that the info we provide can be used for negative purposes, so...

      Sorin Solomon


      In order to succeed, your desire for success should be greater than your fear of failure.
      -

      Comment


      • #4
        Re: User name + IP output

        Here's something you could run within a logon script on each machine and append the output to some centrally located file (append ">> \\server\share\filename" to the final echo).

        I take it only 1 user per machine? Also, you'll need some kind of flag file to prevent this from running each logon and filling up your file with duplicates. Machines w/ multiple NIC's will have multiple lines of output.

        It's not pretty but it does give you something to ponder.

        @echo off

        for /F "delims=: tokens=1,2*" %%i in ('ipconfig') do (
        echo %%i | find "IP Address" > nul
        if not errorlevel 1 (
        for /F "tokens=1" %%x in ("%%j") do (
        echo %%x %USERNAME%
        )
        )
        )

        pause
        "help for" from a CMD box explains how the /F switch works. I couldn't get "ipconfig | find...' to work thus the "echo %%i | find...". Also, the second "for /F" was added to strip all the white space from around the IP address. Like I said, it's not pretty.
        Cheers,

        Rick

        ** Remember to give credit where credit is due and leave reputation points sigpic where appropriate **

        2006-2099 R Valstar. This post is offered "as is" for discussion purposes only with no express or implied warranty of any kind including, but not limited to, correctness or fitness for use. Nothing herein shall be construed as advice. Attempting any activity based on information in this post is done at your own risk.

        Comment


        • #5
          Re: User name + IP output

          Hi All,

          Well getting the information form the clinet side is no problem - thenks Rick

          What I need is a way to get the information from the network itself - somehow from the DC + DHCP + DNS = IP/HOST + username

          to Sorin - It can be CMD/VBS or what ever you think that can solve the problem.

          thanks all - I know you will find me an answer!

          Comment


          • #6
            Re: User name + IP output

            You could try a "NET SESSIONS" on your servers. This will give computer name and logged on username. Assumes all users have a session on a server. Like I did on the client side, you could take the NET SESSIONS output and parse the computer name, username then ping the computer name to get the IP
            Cheers,

            Rick

            ** Remember to give credit where credit is due and leave reputation points sigpic where appropriate **

            2006-2099 R Valstar. This post is offered "as is" for discussion purposes only with no express or implied warranty of any kind including, but not limited to, correctness or fitness for use. Nothing herein shall be construed as advice. Attempting any activity based on information in this post is done at your own risk.

            Comment


            • #7
              Re: User name + IP output

              NET SESSION output does show IP, doesn't it?

              Sorin Solomon


              In order to succeed, your desire for success should be greater than your fear of failure.
              -

              Comment


              • #8
                Re: User name + IP output

                I get \\%COMPUTERNAME%. No IP. W2K3 Std
                Cheers,

                Rick

                ** Remember to give credit where credit is due and leave reputation points sigpic where appropriate **

                2006-2099 R Valstar. This post is offered "as is" for discussion purposes only with no express or implied warranty of any kind including, but not limited to, correctness or fitness for use. Nothing herein shall be construed as advice. Attempting any activity based on information in this post is done at your own risk.

                Comment


                • #9
                  Re: User name + IP output

                  I get IP. And it's on a DC. Should I be worried?
                  Last edited by sorinso; 9th November 2007, 21:08.

                  Sorin Solomon


                  In order to succeed, your desire for success should be greater than your fear of failure.
                  -

                  Comment


                  • #10
                    Re: User name + IP output

                    Originally posted by sorinso View Post
                    I get IP. And it's on a DC. Should I be worried?
                    Is that an internal or external machine connecting to your DC? If the NETBIOS name isn't coming across, I'm guessing you'll see the IP.
                    Cheers,

                    Rick

                    ** Remember to give credit where credit is due and leave reputation points sigpic where appropriate **

                    2006-2099 R Valstar. This post is offered "as is" for discussion purposes only with no express or implied warranty of any kind including, but not limited to, correctness or fitness for use. Nothing herein shall be construed as advice. Attempting any activity based on information in this post is done at your own risk.

                    Comment


                    • #11
                      Re: User name + IP output

                      Internal.
                      I am not sure there's WINS installed on that domain (the domain is not mine). Maybe that's why...

                      Sorin Solomon


                      In order to succeed, your desire for success should be greater than your fear of failure.
                      -

                      Comment


                      • #12
                        Re: User name + IP output

                        Here is a start:
                        http://www.visualbasicscript.com/m_37477/tm.htm
                        This script will;
                        Enumerate All Computer Accounts in Active Directory
                        then,
                        - check if which of these computers are on (ping)
                        - and Query Process Owner
                        the script can generate a vbs-file (optional) what contains the;
                        - computername if is On
                        - current username if is Logged on
                        - a time
                        If you want an ipaddress, then you have to use nslookup.

                        Because the script runs very slow, an other posibility is using a logon- and -off script. When a user logs on, the computer overwrites a file %computername%.txt in a centralized share with the information. When you want a list of all the logged on users, merge these seperate files with copy/b to one file.

                        \Rem

                        This posting is provided "AS IS" with no warranties, and confers no rights.

                        __________________

                        ** Remember to give credit where credit's due **
                        and leave Reputation Points for meaningful posts

                        Comment


                        • #13
                          Re: User name + IP output

                          I believe a valid question has been asked, and the answer to said question will enable us to help you in a better fashion.

                          WHY do you want / need to match IP to user? Please be very specific in your answer!
                          ** Remember to give credit where credit is due and leave reputation points where appropriate **

                          Comment


                          • #14
                            Re: User name + IP output

                            Originally posted by RemS
                            Here is a start:
                            http://www.visualbasicscript.com/m_37477/tm.htm
                            This script will;
                            Enumerate All Computer Accounts in Active Directory
                            then,
                            - check if which of these computers are on (ping)
                            - and Query Process Owner
                            the script can generate a vbs-file (optional) what contains the;
                            - computername if is On
                            - current username if is Logged on
                            - a time
                            If you want an ipaddress, then you have to use nslookup.
                            I modified that script a bit.
                            - It now includes nslookup to return an IPadress.
                            - And now it generates a CSV-file by default (no more popups)

                            After the script started
                            - wait a couple of minites till a messagebox says 'Done!!',
                            - then you can open the csv-file to see the results.
                            Code:
                            'change the ldap string to match your active Directory configuration
                             strLDAP = "DC=domain,DC=com"            ' <--- entire domain or OU only
                            
                             strOutputFile = "logged-ON Users.csv"   ' <--- output filename +path
                            
                            ' Enumerate All Computer Accounts in Active Directory
                            '******************************************************
                            Const ADS_SCOPE_SUBTREE = 2
                            
                            Set objConnection = CreateObject("ADODB.Connection")
                            Set objCommand =   CreateObject("ADODB.Command")
                            objConnection.Provider = "ADsDSOObject"
                            objConnection.Open "Active Directory Provider"
                            
                            Set objCommand.ActiveConnection = objConnection
                            
                            objCommand.Properties("Page Size") = 1000
                            objCommand.Properties("Searchscope") = ADS_SCOPE_SUBTREE 
                            
                            objCommand.CommandText = _
                                "Select Name, Location from 'LDAP://" & strLDAP & _
                                "' Where objectClass='computer'"
                            
                            Set objRecordSet = objCommand.Execute
                            
                             objRecordSet.MoveFirst
                            Do Until objRecordSet.EOF
                            
                             strComputer = objRecordSet.Fields("Name").Value
                             objRecordSet.MoveNext
                            
                             'check the computers if =ON, then find ip- and user
                             '*****************************************************
                              If obsoliteness(strComputer) =0 Then
                               On Error Resume next
                                strPingStatus = PingStatus(strComputer)
                                If strPingStatus = "Success" Then
                            
                                strIPaddress = nslookupForIP(strComputer)
                             
                                queryProcessower()
                            
                              'Write CSV-file
                              '*****************************************************
                                Set FileSystem = WScript.CreateObject("Scripting.FileSystemObject")
                                Set oFile = FileSystem.CreateTextFile(strOutputFile, True)
                                oFile.WriteLine (date&" "&time &"," &strComputer &"," & _
                                                 strIPaddress &"," &strUserDomain&"\"&strNameOfUser)
                                Set colProcessList = Nothing
                                Set objWMIService = Nothing
                            
                              End If
                             End If
                             on error goto 0
                            
                            Loop
                            
                             WScript.Echo "Done!!!"
                            
                            WSCRIPT.QUIT(0)
                            
                            
                            'FUNCTIONS
                            '--------------------------------------------------
                            '*  My obsoliteness function
                            Function obsoliteness(var)
                            Set myRegExp = New RegExp
                            myRegExp.IgnoreCase = True
                            myRegExp.Pattern = "(^XC00)|(^RC00)|(^QC00)|(^PC00)|(^OC00)|(^JC00)|(^HC00)|(^FC00)|(^EC00)|(^DC00)|(^CC)|(^C00)"
                            obsoliteness = myRegExp.test(var)
                            end function
                            '--------------------------------------------------
                            '*  (WinXP/2003) Ping Status function
                            Function PingStatus(strComputer)
                               Set objWMIService = GetObject("winmgmts:\\.\root\cimv2")
                               Set colPings = objWMIService.ExecQuery _
                                 ("SELECT * FROM Win32_PingStatus WHERE Address = '" & strComputer & "'")
                               For Each objPing in colPings
                                   Select Case objPing.StatusCode
                                       Case 0 PingStatus = "Success"
                                       Case 11001 PingStatus = "Status code 11001 - Buffer Too Small"
                                       Case 11002 PingStatus = "Status code 11002 - Destination Net Unreachable"
                                       Case 11003 PingStatus = "Status code 11003 - Destination Host Unreachable"
                                       Case 11004 PingStatus = _
                                         "Status code 11004 - Destination Protocol Unreachable"
                                       Case 11005 PingStatus = "Status code 11005 - Destination Port Unreachable"
                                       Case 11006 PingStatus = "Status code 11006 - No Resources"
                                       Case 11007 PingStatus = "Status code 11007 - Bad Option"
                                       Case 11008 PingStatus = "Status code 11008 - Hardware Error"
                                       Case 11009 PingStatus = "Status code 11009 - Packet Too Big"
                                       Case 11010 PingStatus = "Status code 11010 - Request Timed Out"
                                       Case 11011 PingStatus = "Status code 11011 - Bad Request"
                                       Case 11012 PingStatus = "Status code 11012 - Bad Route"
                                       Case 11013 PingStatus = "Status code 11013 - TimeToLive Expired Transit"
                                       Case 11014 PingStatus = _
                                         "Status code 11014 - TimeToLive Expired Reassembly"
                                       Case 11015 PingStatus = "Status code 11015 - Parameter Problem"
                                       Case 11016 PingStatus = "Status code 11016 - Source Quench"
                                       Case 11017 PingStatus = "Status code 11017 - Option Too Big"
                                       Case 11018 PingStatus = "Status code 11018 - Bad Destination"
                                       Case 11032 PingStatus = "Status code 11032 - Negotiating IPSEC"
                                       Case 11050 PingStatus = "Status code 11050 - General Failure"
                                       Case Else PingStatus = "Status code " & objPing.StatusCode & _
                                          " - Unable to determine cause of failure."
                                   End Select
                               Next
                            End Function
                            '-------------------------------------------------
                            '*  use nslookup to Find IP-address
                            Function nslookupForIP(strComputer)
                                Set FSObj = CreateObject("Scripting.FileSystemObject")
                                 Set ShellObj = CreateObject("WScript.Shell")
                                 workFile = ShellObj.ExpandEnvironmentStrings("%temp%\" & FSObj.GetTempName)
                                 ShellObj.Run "%COMSPEC% /c nslookup " & strComputer & " > " & workFile, 0, true
                                 Set ShellObj = Nothing
                               Const ForReading = 1
                                Set objFSO = CreateObject("Scripting.FileSystemObject")
                                Set objTextFile = objFSO.OpenTextFile(workFile, ForReading)
                                  For i = 1 to 4  'read from bottom up
                                   objTextFile.ReadLine
                                  Next
                                strLine = objTextFile.ReadLine
                                nslookupForIP = trim(mid(strLine, 11, 15))
                                objTextFile.Close
                                FSObj.DeleteFile workFile
                                Set objFSO = Nothing
                                Set objTextFile = Nothing
                            End Function
                            '--------------------------------------------------
                            '*  get username from remote computer
                            Function queryProcessOwer()
                              strNameOfUser = ""
                              strUserDomain = ""
                                Set objWMIService = GetObject("winmgmts:\\" & strComputer & "\root\cimv2")
                                Set colProcessList = objWMIService.ExecQuery _
                                   ("Select * from Win32_Process Where Name = 'explorer.exe'")
                                For Each objProcess in colProcessList
                                   colProperties = objProcess.GetOwner(strNameOfUser,strUserDomain)
                                next
                            End Function
                            again:
                            Because the script runs very slow, an other posibility is using a logon- and -off script. When a user logs on, the computer overwrites a file %computername%.txt in a centralized share with the information. When you want a list of all the logged on users, merge these seperate files with copy/b to one file.

                            \Rem

                            This posting is provided "AS IS" with no warranties, and confers no rights.

                            __________________

                            ** Remember to give credit where credit's due **
                            and leave Reputation Points for meaningful posts

                            Comment

                            Working...
                            X