Let’s have a look at how to incorporate a custom script into BatchPatch. In this case we’ll use BatchPatch to run a script that will retrieve the list of users who are members of the local administrators group on each target computer, and then optionally write it all to a text file.
If you would instead like to modify group members of a local group on target computers, or if you want a quick way to retrieve group membership on target computers without using a custom script and without being able to write the results to a file, take a look at this posting: Using BatchPatch to Modify Local Group Membership on Multiple Remote Computers
I’m not going to get into the details of the actual script that we’re going to use for this tutorial since this posting is not intended to be a scripting lesson but rather is meant to demonstrate one possible way to incorporate a custom script into BatchPatch. There are also other custom scripting examples on our website, if you’re interested, that you can find by searching ‘script’ in the search box on the upper right area of this page.
Here is the script:
Dim strFilePath, strComputer strComputer = WScript.Arguments(0) strFilepath = "C:\Temp\results.txt" Sub GetAdministrators(strComputer) Dim objWMIService, strQuery, colItems, Path, strMembers Set objWMIService = GetObject("winmgmts:{impersonationLevel=impersonate}!\\.\root\cimv2") strQuery = "select * from Win32_GroupUser where GroupComponent = " & chr(34) & "Win32_Group.Domain='" & strComputer & "',Name='Administrators'" & Chr(34) Set ColItems = objWMIService.ExecQuery(strQuery) strMembers = "" For Each Path In ColItems Dim strMemberName, NamesArray, strDomainName, DomainNameArray NamesArray = Split(Path.PartComponent,",") strMemberName = Replace(Replace(NamesArray(1),Chr(34),""),"Name=","") DomainNameArray = Split(NamesArray(0),"=") strDomainName = Replace(DomainNameArray(1),Chr(34),"") If strDomainName <> strComputer Then strMemberName = strDomainName & "\" & strMemberName End If WScript.Echo strMemberName Set oFSO = CreateObject("Scripting.FileSystemObject") If oFSO.FileExists(strFilepath) Then oFSO.OpenTextFile(strFilepath,8).WriteLine(strComputer & ": " & strMemberName) Else oFSO.CreateTextFile(strFilepath).WriteLine(strComputer & ": " & strMemberName) End If Next End Sub GetAdministrators strComputer |
- The first order of business is to copy the script text into notepad. Modify the filepath in the third line of the script to point to whatever location you want to use to save the results. Then save the script to somewhere on your computer as GetLocalAdmins.vbs
- If you only want to get the group membership and don’t care to log the results to a file, then you may delete or comment out the following section. In that case BatchPatch will just get the group membership so that you can view the result for each target computer inside the BatchPatch grid. However, if you really just want to get group membership without logging to a file, then you can use a simpler method that doesn’t involve incorporating a custom script. See the link provided near the top of this posting for details on that method. That said, if you are going to be using the script method that I’m demonstrating in this tutorial but you don’t want to log the results to a text file, then you should delete this section from the script:
' 'Set oFSO = CreateObject("Scripting.FileSystemObject") 'If oFSO.FileExists(strFilepath) Then ' oFSO.OpenTextFile(strFilepath,8).WriteLine(strComputer & ": " & strMemberName) 'Else ' oFSO.CreateTextFile(strFilepath).WriteLine(strComputer & ": " & strMemberName) 'End If '
- If you want to run this script one-off to get group membership on a target, just copy and paste the following syntax, modifying the path as needed to match wherever you have the script stored, into a BatchPatch local command under ‘Actions > Execute local process/command > Create/modify local commands‘. Then after you have clicked OK to save the command, you’ll see that it appears in the menu. See screnshots below for reference:
cscript "C:\SomeFolder\GetLocalAdmins.vbs" $computer
IMPORTANT:
There is a key element that we need to address. If you are going to use the script as-is and have it write the results from all target computers to a single file, you need to pay attention to thread synchronization issues. The specific problem here is that if you execute the script on numerous targets simultaneously, BatchPatch will launch a separate thread for each target, and each of those threads will try to write to the same text file at the same time. This is a problem that could result either in missing data or an error being thrown, so we need to set things up so that each row runs one at a time, sequentially, instead of having all rows run at the same time, simultaneously. This way only one BatchPatch thread at any given time will be accessing the text file and writing results to it. Note, if you have removed the section of code from the script that writes the results to a file, then you don’t need to worry about this issue at all. - To resolve the threading issue we’re going to use the Basic Multi-Row Queue Sequence. This feature will enable us to force each BatchPatch row to execute sequentially, one at a time, until all rows have executed. First, select all rows in the grid and then click on ‘Actions > Job queue > Create/modify job queue‘
- In the Job Queue window, find the Local command that you created earlier in the lower left grid for ‘Saved User-Defined Commands and Deployments‘. The ‘Type’ will be shown as ‘Local’ with whatever title you gave to your command. Double-click it to add it as the only step in your job queue. Then click ‘Apply queue to row(s) without executing‘. See the following screenshots for reference:
- Now we’re ready to execute. With all rows selected, click on ‘Actions > Job Queue > Execute basic multi-row queue sequence‘ What this will do is instruct BatchPatch to launch the job queue in each row, one at a time, in the order that the rows were selected. As soon as one row finishes running the script and writing the results to the text file, the next row will commence, and so on until all rows have executed the script and written to the file. The results will also be displayed for each row in the ‘Local Command Output Log’ column.
