Gathering logged on username on remote computers?
This might be a tricky one that I would like to solve somehow. The company I previously was working for went bankrupt. And during the chaos, a lot of users took their company computers and left.
Now, what they don't know is that we've installed UAG on each computer. A silent VPN solution that communicates with the domain controller and authenticates through the computer account in AD.
So, what I would like to do is to run a script of some sort that tries to contact each computer and collect the username logged on to that computer. That would give me an easy way of determining if that computer is used by someone who isn't working in the company that bought the bankrupt resources.
I've already run dsquery to find inactive computers from the past 8 weeks. Comparing that list to the whole list of computers gave me a pretty good idea of the computers that are currently in use. How should I go about doing this?
Answer
Assuming that you have no firewall restrictions to the remote machine when it's VPN'd in, You can use WMI calls to query for the logged on user:
@(Get-WmiObject -ComputerName remote-pc -Namespace root\cimv2 -Class Win32_ComputerSystem)[0].UserName;
If you want to do this iteratively over a list of machines, do something like this:
$MachineList = Get-Content -Path c:\ListOfMachines.txt; # One system name per line
foreach ($Machine in $MachineList) {
@(Get-WmiObject -ComputerName $Machine -Namespace root\cimv2 -Class Win32_ComputerSystem)[0].UserName;
}