Is there any way I can make a scheduled task to run Discover Computers against my domain? We decided not to use AD syncing based on all the problems we had. It's cleaner and more organized to use static folders, but I want this task to run at different times of the day or once a day.
Hi,
In that case, how about a VBScript like:
'Script to import machines in to SEC from AD based on the AD object property: 'whenCreated'
' Constants
Const ADS_NAME_INITTYPE_GC = 3
Const ADS_NAME_TYPE_NT4 = 3
Const ADS_NAME_TYPE_1779 = 1
Const ForAppending = 8
intDays = 1 'number of days to import new computer objects from
strServerNameAndInstance = ".\sophos" ' SQL server and instance
strDatabaseName = "Sophos50" ' Sophos DB
strLogPath = "ADImp.txt"
set objFSO = CreateObject("Scripting.FileSystemObject")
set objFile = objFSO.OpenTextFile(strLogPath, ForAppending, true, -1)
WriteToLog 0, "Starting Script"
WriteToLog 0, "Options: "
WriteToLog 0, " SQL server and instance: " & strServerNameAndInstance
WriteToLog 0, " Sophos DB name: " & strDatabaseName
WriteToLog 0, " LogPath: " & strLogPath
strConnectionString = "Driver={SQL Server};Server=" &_
strServerNameAndInstance &_
";Database=" & strDatabaseName &_
";Trusted_Connection=yes;"
set objConn = CreateObject("ADODB.Connection")
objConn.open strConnectionString
Set adoCommand = CreateObject("ADODB.Command")
Set adoConnection = CreateObject("ADODB.Connection")
adoConnection.Provider = "ADsDSOObject"
adoConnection.Open "Active Directory Provider"
Set adoCommand.ActiveConnection = adoConnection
Set objRootDSE = GetObject("LDAP://RootDSE")
strDNSDomain = objRootDSE.Get("defaultNamingContext")
WriteToLog 0, "DefaultNamingContext: " &strDNSDomain
'Get the NetBIOS domain name from the DNS domain name.
Set objTrans = CreateObject("NameTranslate")
objTrans.Init ADS_NAME_INITTYPE_GC, ""
objTrans.Set ADS_NAME_TYPE_1779, strDNSDomain
strNetBIOSDomain = objTrans.Get(ADS_NAME_TYPE_NT4)
strNetBIOSDomain = Left(strNetBIOSDomain, Len(strNetBIOSDomain) - 1)
WriteToLog 0, "NetBIOS of Domain: " & strNetBIOSDomain
strBase = "<LDAP://" & strDNSDomain & ">"
strFilter = "(&(objectClass=Computer)(whenCreated>=" & GetTimeStamp() & "))"
strAttributes = "cn,whencreated,distinguishedName"
strQuery = strBase & ";" & strFilter & ";" & strAttributes & ";subtree"
adoCommand.CommandText = strQuery
adoCommand.Properties("Page Size") = 3000
adoCommand.Properties("Timeout") = 60
adoCommand.Properties("Cache Results") = False
Set adoRecordset = adoCommand.Execute
Do Until adoRecordset.EOF
Addcomputers adoRecordset.Fields("cn").value, adoRecordset.Fields("whencreated").value, strNetBIOSDomain, adoRecordset.Fields("distinguishedName").value
adoRecordset.MoveNext
Loop
adoRecordset.Close
adoConnection.Close
objConn.Close
set adoRecordset = nothing
set objConn = nothing
CloseLog()
'support functions--------------------------------------
Function GetTimeStamp()
dtmDate = Now() - intDays
arrDateParts = Array("yyyy", "m", "d", "h", "n", "s")
For Each strInterval in arrDateParts
intDatePart = DatePart(strInterval, dtmDate)
If intDatePart < 10 Then
strDateTime = strDateTime & "0" & intDatePart
Else
strDateTime = strDateTime & intDatePart
End If
Next
GetTimeStamp = strDateTime & ".0Z"
End Function
'--------------------------------------------------------
'--------------------------------------------------------
function addcomputers(strComputerName, strDateAdded, strDomainNameNetBIOS, strDistinguishedName)
'USE: dbo.ComputerAdd to add machines.
'- @ComputerName NVARCHAR(128),
'- @DomainName NVARCHAR(128),
'- @OperatingSystem INT,
'- @Description NVARCHAR(512),
'- @ComputerID INT OUTPUT
strSQLCommand = "dbo.ComputerAdd @ComputerName='" &_
strComputerName & "', @DomainName='" & strDomainNameNetBIOS & "', " &_
"@OperatingSystem='', @Description='" & strDistinguishedName & " - " & strDateAdded & "', @ComputerID=null"
WriteToLog 0, strSQLCommand
objConn.Execute strSQLCommand
End Function
'--------------------------------------------------------
'--------------------------------------------------------
Function WriteToLog (strSev, strLogLine)
dim strToWrite
strToWrite = ""
select case strSev
case 0
strToWrite = "INFO: "
case 1
strToWrite = "ERROR: "
case else
strToWrite = "UNKNOWN: "
end select
objFile.WriteLine Date() & " " & Time() & " " & strToWrite & " " & strLogLine
End Function
'--------------------------------------------------------
Function CloseLog()
objFile.Close
set objFile = nothing
End Function
This vbs file could run once a day, appends to a log called 'ADImp.txt '. Adjust the variables at the top as needed to address the SQL instance.
It gets a list of computer records from AD where they have been added in the last day using the 'whencreated ' attribute of the object. Using this 'list' it then calls the ComputerAdd SP of the Sophos DB to add the record(s).
I've added the distinguishedname of the machine and the 'whencreated ' attribute into the 'Description' field. This will get overwritten when RMS reports back when the machine becomes managed but I thought it would provide some way to discern between machines in SEC.
I haven't tested it much beyond ensuring it finds a machine and it appears in SEC, if you think it could help you, I encourage you to test it first and backup any SOPHOS db you insert into with it. :) It uses the stored procedure CompyterAdd as an "interface" to the Sophos DB as this seemed the safest.
Regards,
Jak
Hi,
In that case, how about a VBScript like:
'Script to import machines in to SEC from AD based on the AD object property: 'whenCreated'
' Constants
Const ADS_NAME_INITTYPE_GC = 3
Const ADS_NAME_TYPE_NT4 = 3
Const ADS_NAME_TYPE_1779 = 1
Const ForAppending = 8
intDays = 1 'number of days to import new computer objects from
strServerNameAndInstance = ".\sophos" ' SQL server and instance
strDatabaseName = "Sophos50" ' Sophos DB
strLogPath = "ADImp.txt"
set objFSO = CreateObject("Scripting.FileSystemObject")
set objFile = objFSO.OpenTextFile(strLogPath, ForAppending, true, -1)
WriteToLog 0, "Starting Script"
WriteToLog 0, "Options: "
WriteToLog 0, " SQL server and instance: " & strServerNameAndInstance
WriteToLog 0, " Sophos DB name: " & strDatabaseName
WriteToLog 0, " LogPath: " & strLogPath
strConnectionString = "Driver={SQL Server};Server=" &_
strServerNameAndInstance &_
";Database=" & strDatabaseName &_
";Trusted_Connection=yes;"
set objConn = CreateObject("ADODB.Connection")
objConn.open strConnectionString
Set adoCommand = CreateObject("ADODB.Command")
Set adoConnection = CreateObject("ADODB.Connection")
adoConnection.Provider = "ADsDSOObject"
adoConnection.Open "Active Directory Provider"
Set adoCommand.ActiveConnection = adoConnection
Set objRootDSE = GetObject("LDAP://RootDSE")
strDNSDomain = objRootDSE.Get("defaultNamingContext")
WriteToLog 0, "DefaultNamingContext: " &strDNSDomain
'Get the NetBIOS domain name from the DNS domain name.
Set objTrans = CreateObject("NameTranslate")
objTrans.Init ADS_NAME_INITTYPE_GC, ""
objTrans.Set ADS_NAME_TYPE_1779, strDNSDomain
strNetBIOSDomain = objTrans.Get(ADS_NAME_TYPE_NT4)
strNetBIOSDomain = Left(strNetBIOSDomain, Len(strNetBIOSDomain) - 1)
WriteToLog 0, "NetBIOS of Domain: " & strNetBIOSDomain
strBase = "<LDAP://" & strDNSDomain & ">"
strFilter = "(&(objectClass=Computer)(whenCreated>=" & GetTimeStamp() & "))"
strAttributes = "cn,whencreated,distinguishedName"
strQuery = strBase & ";" & strFilter & ";" & strAttributes & ";subtree"
adoCommand.CommandText = strQuery
adoCommand.Properties("Page Size") = 3000
adoCommand.Properties("Timeout") = 60
adoCommand.Properties("Cache Results") = False
Set adoRecordset = adoCommand.Execute
Do Until adoRecordset.EOF
Addcomputers adoRecordset.Fields("cn").value, adoRecordset.Fields("whencreated").value, strNetBIOSDomain, adoRecordset.Fields("distinguishedName").value
adoRecordset.MoveNext
Loop
adoRecordset.Close
adoConnection.Close
objConn.Close
set adoRecordset = nothing
set objConn = nothing
CloseLog()
'support functions--------------------------------------
Function GetTimeStamp()
dtmDate = Now() - intDays
arrDateParts = Array("yyyy", "m", "d", "h", "n", "s")
For Each strInterval in arrDateParts
intDatePart = DatePart(strInterval, dtmDate)
If intDatePart < 10 Then
strDateTime = strDateTime & "0" & intDatePart
Else
strDateTime = strDateTime & intDatePart
End If
Next
GetTimeStamp = strDateTime & ".0Z"
End Function
'--------------------------------------------------------
'--------------------------------------------------------
function addcomputers(strComputerName, strDateAdded, strDomainNameNetBIOS, strDistinguishedName)
'USE: dbo.ComputerAdd to add machines.
'- @ComputerName NVARCHAR(128),
'- @DomainName NVARCHAR(128),
'- @OperatingSystem INT,
'- @Description NVARCHAR(512),
'- @ComputerID INT OUTPUT
strSQLCommand = "dbo.ComputerAdd @ComputerName='" &_
strComputerName & "', @DomainName='" & strDomainNameNetBIOS & "', " &_
"@OperatingSystem='', @Description='" & strDistinguishedName & " - " & strDateAdded & "', @ComputerID=null"
WriteToLog 0, strSQLCommand
objConn.Execute strSQLCommand
End Function
'--------------------------------------------------------
'--------------------------------------------------------
Function WriteToLog (strSev, strLogLine)
dim strToWrite
strToWrite = ""
select case strSev
case 0
strToWrite = "INFO: "
case 1
strToWrite = "ERROR: "
case else
strToWrite = "UNKNOWN: "
end select
objFile.WriteLine Date() & " " & Time() & " " & strToWrite & " " & strLogLine
End Function
'--------------------------------------------------------
Function CloseLog()
objFile.Close
set objFile = nothing
End Function
This vbs file could run once a day, appends to a log called 'ADImp.txt '. Adjust the variables at the top as needed to address the SQL instance.
It gets a list of computer records from AD where they have been added in the last day using the 'whencreated ' attribute of the object. Using this 'list' it then calls the ComputerAdd SP of the Sophos DB to add the record(s).
I've added the distinguishedname of the machine and the 'whencreated ' attribute into the 'Description' field. This will get overwritten when RMS reports back when the machine becomes managed but I thought it would provide some way to discern between machines in SEC.
I haven't tested it much beyond ensuring it finds a machine and it appears in SEC, if you think it could help you, I encourage you to test it first and backup any SOPHOS db you insert into with it. :) It uses the stored procedure CompyterAdd as an "interface" to the Sophos DB as this seemed the safest.
Regards,
Jak
