Yes,I followed the instruction in this document, it let me build a batch file to distribute,but failed yet.Is the batch file format right?
Run the batch file by hand from the directory it was copied to on the client.It should be ...program files\landesk\ldclient\your share\...\your cmdfile.cmd. Does it work? My guess is it is failing to run startasuser. There are 2 ways around this.
1) include startasuser as an additional file so that it is copied into the same directory as your batch file.
2) hard code the path to startasuser - by default it should be in %programfiles%\landesk\ldclient (at least in 8.8 don't have an currently have 8.7 client up to verify path)
Message was edited by: Jason
I found if I delete the output path, just execute startasusers.exe net localgroup administrators, it works. But I must collect the information of local administrators members. How to output the file contains the information?
this works for me on command line and as batch: "C:\Program Files\LANDesk\LDClient":
"%programfiles%\LANDesk\LDClient\startasuser.exe" net localgroup administrators >%temp%\%computername%.txt
I tried it as normal user and as local system... in batch and on command line...
I tested your script and it worked well, it seemed that must specify the explict path for startasuser.exe, but one question, the cmd can only store the result in local, not network location,can I use the LANDesk to transfer local file to a network location?
The end result of the info below will create a registry key called "Administrators" under the "Custom Fields" section. As you know anything under that sections goes into your inventory. You then can build queries and whatever you want against that data. All users listed in the Administrators group will be listed in that registry key called Administrators. Also, this key updates everytime someone logs in. Below are the steps to make that happen.
1. Users must be able to write to the "Custom Fields" registry, you'll need to grant them rights. Get a copy of setacl.exe and drop it into the Windows folder. Then push this script to the machine.
Set WSHShell = CreateObject("Wscript.Shell")
WINDIR = WSHShell.ExpandEnvironmentStrings("%WINDIR%")
WSHShell.run WINDIR & "\setacl.exe "&chr(34)&"MACHINE\SOFTWARE\INTEL\LANDesk\Inventory\Custom Fields"&chr(34)&" /registry /grant Users /full",0,True
Now the user has rights.
2. You need a script to gather the members from the local Administrators group. take the script below and save it in the windows directory, call it syschk.vbs. Please note that there is a xSkipUser section and any username listed there will be filtered out of the Administrators registry key.
On Error Resume Next
Set WshNetwork = WScript.CreateObject("WScript.Network")
Set WSHShell = CreateObject("WScript.Shell")
xstrComputer = WshNetwork.ComputerName
Set AMembers = GetObject("WinNT://" & xstrComputer & "/Administrators,group")
For Each M In Amembers.Members
For N = 1 to 6
If LCase(M.name) = xSkipuser(N) then
If Z=false then xUsersA = xUsersA & "," & M.name
xCountA = Len(xUsersA)
xUsersA1 = Right(xUsersA, (xCountA-1))
WshShell.RegWrite "HKLM\Software\Intel\LANDesk\Inventory\Custom Fields\Administrators", xUsersA1, "REG_SZ"
3. Add it to the RUN section of the registry so it runs at every login Just create the key below
Key: !SYSCHK (whatever you want to call it)
Value: c:\windows\system32\wscript.exe c:\windows\syschk.vbs
Thats it... Enjoy...