SlideShare a Scribd company logo

ANDY FLETT TOOLS summary

Download as DOC, PDF
A
Andy Flett
1 of 31
ANDY FLETT TOOLS summary DATE = December 2014 TO ENABLE = the evaluation of situations (and the addition of value and knowledge) without the need for “touch labour” or “visits” (i.e. “getting the computer & network to do the initial work” rather than “passing the problem onwards”, ideally reducing diagnosis delays) See - APPENDIX 1 = Summary of “not normally easily available” results and facilities available with this suite of tools (Go straight to Appendix 1) See - APPENDIX 2 = POSSIBILITES based on the principles outlined below (most of these “possibilities” already exist) – (Go straight to Appendix 2) DESCRIPTION OF OPERATION follows…… MAIN MENU (Launch MAINMENU.vbs) presents the following options....... Input a valid number, choose OK or press ENTER Further explanations of the above options follow. (Continues on Next Page)
OPTION 1 = Detect PC Input a NetBios name in to the resulting screen Choose OK or press ENTER VALID RESULT IP address retrieved from DNS, tested for reply, then validated against originally specified NetBios Name to check ACTUAL EXPECTED NAME replied – rather than just “something” replied (CI.IT.POINT option only presented when on RMGP domain) (Continues on Next Page)
OPTION 1 - ALTERNATE REPLY 1 NetBios Name NOT ACTIVE or INVALID or NETWORK UNAVAILABLE (Continues on Next Page)
OPTION 1 - ALTERNATE REPLY 2 DIFFERENT NetBios Name replies = reported, USUALLY when DNS is “out of date” (i.e. a DIFFERENT NetBios Name is now associated with the recently DNS recorded ORIGINAL NetBios Name, but DNS has NOT been fully updated yet – this is the equivalent of “something responded – but NOT what you intended to test for!”) (Continues on Next Page)
OPTION 2 = Detect/Map Network Drive to PC Input a NetBios name in to the resulting screen Choose OK or press ENTER Proceeds as Option 1 previously – if a validated PC is returned, disconnects any previously mapped T: (“target”) drive and attempts to map NEW T: drive to C$ share on target PC. Success results in a new instance of Windows Explorer, focussed on the newly mapped T: drive. Any failure is reported accordingly. ADVANTAGE = network drive is speedily/automatically mapped to VERIFIED PC and NOT a “possibly similar” PC occupying an out of date published DNS address (Continues on Next Page)
OPTION 3 = Connect Command Prompt Session to PC Input a NetBios name in to the resulting screen Choose OK or press ENTER Valid detection of active NetBios name results in the following In the above example, the command “SET COMPUTERNAME” shows the Command Prompt Session is running on the (remote) intended target, rather than locally. CAUTION – ONLY TEXT BASED DOS/Windows commands can be run in this environment – any WINDOWS PROGRAMS launched can result in loss of control, and the environment reacts unfavourably to commands like CTRL+C or CTRL+S. (Pause & Resume) Simple short commands like CHKDSK /F/R – resulting in the scheduling of a CHKDSK routine run on the next reboot of the target (without visit, user interruption – or maybe even target user knowledge) work well with this option
Type EXIT within the remote session to close that session (“error code 0” above = 0 errors occurred within the PsExec session) OPTION 4 = Options 1+2+3 above – but sequentially Executes all 3 previously listed menu choices sequentially (i.e. Detect PC, if successful- map network drive AND commence Remote Command Prompt session) Enables suitable executable programs (see later for examples) to be transferred to the target PC – and possibly run (even fully automatically) within the Remote Command Prompt session (e.g. “BATCH” files or “COPY” routines) (Continues on Next Page)
OPTION 5 = Query PC Input a NetBios name in to the resulting screen Choose OK or press ENTER Proceeds as per Option 1 – on successful detection of target PC, launches 3 separate functions as follows (Continues on Next Page)
OPTION 5, FUNCTION 1 = “standard” test routine = results as follows • Verifies correct target as previously • Launches optional PC QUERY routine separately (details follow) • Launches optional EXTRA DIAGNOSTICS routine separately (details follow) • Performs STANDARD DIAGNOSTIC routines (in the background while other functions are presented/chosen) – e.g. Verifies Target PC ACCOUNT with Domain Controller server, Reveals full OU Name of Target PC, Reveals recent Startups, CORRECT Shutdowns and IMPROPER Shutdowns since commencement of Target PC log file (allows detection of a “troublesome” PC? One with repeated “blue screens” or “OFF button being repeatedly held in”), Reveals if Client Side Caching (Offline Files) is enabled (Continues on Next Page)
OPTION 5, FUNCTION 2 = PC QUERY routine Reveals dated report of PC details as follows (TEXT file, for easy SAVE or COPY of details) For IMMEDIATE “advanced” diagnosis - specifically includes….. • any external/attached Video Display Unit details (if powered on and detectable) • Available Memory Capacity and current usage (slow PC? = not enough memory maybe?) • Last recorded Boot Time (is it really “always rebooting”?) • Hard Disk sizes (For RMGP Domain based PCs – also reveals “cloud data” details for any detected active “logged on” user – or absence of one, as above) (Continues on Next Page)
OPTION 5, FUNCTION 3 = OPTIONAL EXTRA DIAGNOSTICS routine Presented as below To EXIT without performing any of the above (i.e. these are optional – you don’t have to run any of these if you don’t want to), input 0, x or X and press ENTER Details of optional facilities follow (Continues on Next Page)
OPTION 5, FUNCTION 3 = OPTIONAL EXTRA DIAGNOSTICS routine – SUB OPTION 1 Display NETWORK CONFIGURATIONS Queries REMOTE PC “directly” for its Network Configurations, Reveals details like…… • DHCP server and lease time for EACH revealed (type of) network adapter in use – allows detection of “LONG LEASE times” (e.g. “other” on site PCs or devices acquiring APIP Addresses) – in seconds, (providing at least ONE DHCP enabled PC on the same subnet has acquired a valid IP Address) - without a visit! • MULTIPLE NETWORK ADAPTERS active/in use, and which one holds the DNS address (enables detection of a WIRELESS Network Adapter as the DNS target, and the possibility of any “connection loss” if the user “logs off” while remotely connected) (Continues on Next Page)
OPTION 5, FUNCTION 3 = OPTIONAL EXTRA DIAGNOSTICS routine – SUB OPTION 2 Display state of OFFLINE FILE Service (Repeat of automatically processed item in OPTION 5, FUNCTION 1) OPTION 5, FUNCTION 3 = OPTIONAL EXTRA DIAGNOSTICS routine – SUB OPTION 3 Display state of CONFIGURATION MANAGER REMOTE CONTROL Service May be used to establish why CMRCVIEWER.EXE cannot make a valid connection to an apparently active PC and NOT display a Remote Control Session dialogue OPTION 5, FUNCTION 3 = OPTIONAL EXTRA DIAGNOSTICS routine – SUB OPTION 4 Display Attached “disks” Reveals “disks” on Target PC and sizes (includes USB Memory Sticks) – NOT CD/DVD drives (Continues on Next Page)
OPTION 5, FUNCTION 3 = OPTIONAL EXTRA DIAGNOSTICS routine – SUB OPTION 5 Display Memory Usage Provides the ability to “observe and list” what applications and processes are running on a remote PC – AND (if able to “get in” and report) what may be “hogging the memory” or “thrashing the system” – without a visit. (Continues on Next Page)
OPTION 5, FUNCTION 3 = OPTIONAL EXTRA DIAGNOSTICS routine – SUB OPTION 6 Display LAPTOP Battery Usage RESULT 1 = Desktop (i.e. NO BATTERY, usually!) RESULT 2 = Laptop on MAINS power RESULT 3 = Laptop on BATTERY power Allows detection of a “network connected” laptop “running on battery” that MAY “expire” and become non responsive - BEFORE commencement of a long remote diagnostic or remote configuration process NB – Laptop may be “wireless connected” to a network AND have a low battery condition – occasionally a tenuous situation to commence advanced/detailed work on! (Continues on Next Page)
OPTION 5, FUNCTION 3 = OPTIONAL EXTRA DIAGNOSTICS routine – SUB OPTION 7 Show recent User Logons Creates spreadsheet similar to as below (dates reported as N/A = logon BEFORE scope of report, or session still current) Simply an audit trail of recent users for that PC, and “how and when” they used it – note that some people “stay logged on for days” (via Switch User option?) (Continues on Next Page)
OPTION 5, FUNCTION 3 = OPTIONAL EXTRA DIAGNOSTICS routine – SUB OPTION 8 Show defined printers on target computer (and ports used) (Continues on Next Page)
OPTION 6 = Query IP Address Input an IP ADDRESS in to the resulting screen (NOT NetBios Name = slightly different) PINGs supplied IP Address, tests for reply Allows detection of an “occupied” IP Address – and tries to discover what device is occupying it and report about it – usually without a visit! Attempts (Windows) NBTSTAT command to reveal NetBios Name if possible (e.g. a RICOH Printer WILL reveal a NetBios name – as per the example below) Most (if not all) Ricoh Printers have a “signature” NetBios Name commencing RNP?????? – detected as above – which can be processed accordingly (Continues on Next Page)
For a “possible printer” – subsequent key press launches “Web Browser” as below – configured to reveal (and possibly change) PRINTER DETAILS similar to as below (requires only ONE key press to acquire the following display of information) Device Info tab (in this case) will reveal Printer Serial Number (once again, without a visit!) (Continues on Next Page)
Will prompt to initiate TELNET SESSION if NetBios name cannot be determined (takes a bit of time waiting for NBTSTAT command attempt to fail) (Continues on Next Page)
Example of a “Managed ROUTER or SWITCH” detected by a TELNET session Different Printers or UNIX hosts will respond differently – as explained BEFORE the TELNET connection is attempted (not seen here). Some devices will not respond to a TELNET connection attempt – but it doesn’t hurt to try, and at least you know the IP Address is “occupied” – not necessarily “what” is occupying it! Devices that DO “respond” often respond characteristically, similar to as above. (It helps if you know what kind of response is expected! – hence the “explanation document” being presented before the connection attempt is made) (Continues on Next Page)
OPTION 7 = Examine BIOS Contents on an “active” Remote PC Input a NetBios name in to the resulting screen Choose OK or press ENTER ONLY TESTED on HP and LENOVO devices (2 completely different methods of reporting – MAY work on devices from other manufacturers? – or with slight alteration) Either REPORTS DIRECTLY or QUERIES REMOTELY Single key press required after query 1) “HP”Method = mapped drive + remote program execution (Continues on Next Page)
2) Reported Data (after single key press) (This is an example of HP’s “proprietary” way of reporting/configuring the BIOS from a Command Prompt – other PCS (like Lenovo) will/may respond to the more standard WMI interrogation or reprogramming method) (Continues on Next Page)
3) This is an example of the “LENOVO” method (using WMI rather than a proprietary program) = “less complicated” arrival at similar result Result using BOTH methods = a text file of configurations called…. <NetBios_Name>_BIOS.txt ….. is created on both the target and the calling computer – for records, examination or use later As well as “examining” BIOS contents remotely, there ARE ways to “reprogram” BIOS contents remotely (e.g. Change BOOT order? Enable NUM LOCK on start-up? Enable/Disable certain functions) for activation on the next boot of the PC
APPENDIX 1 = Summary of “not normally easily available” results and facilities available with this suite of tools Function or Determined item NO VISIT REQUIRED NO USER INTERVENTION or Knowledge COMMAND PROMPT running on remote PC Yes Yes Certain programs/routines executed on remote PC Yes Yes Detection/validation of “Domain Trust” relationship Yes Yes Validated “OS Activation” test (revealing Activation Code) Yes Yes Number of Successful/Improper Startups/Shutdowns (can be used to identify a problem PC….. or user!) Yes Yes PC Make/Model/Serial Number Yes Yes Active OS version Yes Yes Current User (if any) Yes Yes Any attached Monitor Make/Model/Serial Number Yes Yes Installed Memory value (can be used to establish if PC is up to memory specification – may run “slow” if not) Yes Yes Last BOOT time Yes Yes Network Adapters in use (may be more than one –able to identify “cabled” and “wireless” adapters) Yes Yes DHCP Server and Lease Period (can be used to establish why IP Addresses “run out” on a remote subnet?) Yes Yes Attached “USB” type disks and details Yes Yes Memory-Usage/Applications-Active on a target PC (may be able to identify a “process hogging the system?) Yes Yes Laptop running on MAINS or BATTERY (may expire soon?) Yes Yes Recently Logged On users of the target PC (spreadsheet) Yes Yes Printers defined on Target PC Yes Yes Printer discovered occupying IP Address, and details Yes Yes (Limited) Target IP address device identification Yes Yes Remote PC BIOS examination/recording/manipulation Yes Yes …… obviously, if a PC is “thrashing”, these may “thrash” it even further – but usually, a logged on user would never notice that any of the above are being evaluated For information....... All the above details above are acquired via combinations of standard System Executable utilities (configured accordingly), specific Visual Basic Scripts, WMI (Windows Management Interface) commands, Powershell scripts and Windows Command Line Interface routines – usually run with (local or domain) ADMINISTRATOR authority on target devices where necessary
APPENDIX 2 = POSSIBILITES based on the principles outlined above OPTION 4 = DETECT PC/MAP DRIVE/RUN COMMAND PROMPT SESSION Create AUTOMATED COMMAND FILES that can be transferred to a Target PC (along with any necessary accompanying files) to run a routine on a remote PC within a (possibly un- noticed?) Command Prompt session (ideally cleaned up/deleted after processing) ALREADY EXISTING EXAMPLES • HP Version of Option 7 ( Examine BIOS contents) above • Reprogram BIOS of remote HP PC for use after next re-boot (e.g. change boot order - even to initiate PXE boot for remote reconfiguration, or simply toggle NUM LOCK on/off at boot, or similar) • WAKE UP REMOTE PC (requires knowing the MAC address of a Target PC AND finding an already active PC on the same network subnet) – method=transfer files/routine to the “active” PC and use WAKE ON LAN procedure to boot or resume the intended network/mains connected PC – EVEN if it’s “switched off” OPTION 5 = QUERY PC Report on lists of MULTIPLE PCs rather than just one ALREADY EXISTING EXAMPLES • Detected PC Hardware Details/Users/Software-per-PC reports • Detected PC Hardware Details/Users AND LOCATIONS reports (depends on “look up tables” related to detected IP Address or User) • Lists of Users Per PC • For RMG = Lists of Users Per PC, Date Last Used and “updated dates” of relevant users “cloud data” • Routine that can query each detected PC and ask about “other nearby PCs” via restricted NET VIEW command – expanding the “original supplied list”, possibly even finding NetBios Names that were previously unknown/unregistered – can be configured to run continuously = self perpetuating automatic inventory management! (Will even discover PCs “new to” or “NOT registered to” a DOMAIN) Based on OPTION 5 above (…. And IDEAL for “refresh planning” – if any) “Certificate of Hardware/Software/Configurations Conformity” Report ALREADY EXISTING EXAMPLES show…… • PC Hardware (inc. Memory (and locations), Network Adapters, Disk Drives etc.) • Current Operating System AND Installation date • INSTALLED software • MISSING and EXTRA sotware other than as expected (comparison list required) • MISSING SERVICES compared to as expected (comparison list required) • Known/Previous PC Users at test time • Installed Printers at test time • Possible Legacy Problem Printers (e.g. Parallel Port Printers) • Problem Devices • EXPECTED (AND any EXTRA) Machine Administrators • MISSING Machine Administrators differing to as expected – if any • Network Problems
• Test initiator, date and time
APPENDIX 3 = Extra Option 5 = PCQUERY routine options – not used much other than to show off! Typing C at the prompt above produces a “revolving/animated” chart of the Memory Values that appear above (Continues on Next Page)
When viewed on a computer screen – this chart slowly revolves! The “principle” of “instantly automatically presenting graphical representations of remotely/recently acquired data” is “simply” illustrated here. There may be more convoluted and larger sets of data that could be processed (Continues on Next Page)
Other options appear after the chart above has been generated Mainly used to create SINGLE or SMALL AUDITS of PCs – there are better ways of doing large ones!
APPENDIX 4 = Useful Extra Utilities WS_Ping ProPack (or similar?) – used as below = able to determine “occupied IP Addresses” on a remote target network subnet – and “sometimes” the devices occupying those IP Addresses – without a visit. MAY enable detection of an active target PC that can be used as an “intermediate” in a WAKE ON LAN attempt to a known inactive MAC Address on that subnet…… …… OR to query the network details (Main Menu, OPTION 5, FUNCTION 3 = OPTIONAL EXTRA DIAGNOSTICS routine – SUB OPTION 1) of any “working” target PC, where other PCs are “unable to obtain an IP Address” on that network subnet – to identify the length of the DHCP Lease Period, which may be too long for the quantity of devices allocated to the site. In this particular scenario...... • “LOWER”numbered and “blank” IP Addresses are usually switches or routers – and can be identified accordingly, using MAIN MENU OPTION 6 (Query an IP Address) • Names like RNP?????? Are Ricoh Network Printers and can be queried using the same method as the switches/routers above

Recommended

Os and network activity javier guerrero
Os and network activity javier guerreroOs and network activity javier guerrero
Os and network activity javier guerrero
JGuerreroM96
 
Aware of your computer
Aware of your computerAware of your computer
Aware of your computer
Sudhakar ak
 
computing networks and operating system
computing networks and operating system computing networks and operating system
computing networks and operating system
porfinencuentrounodisponible
 
Operating systems and networks
Operating systems and networksOperating systems and networks
Operating systems and networks
carmenpuigdueta
 
Pcl3e.ch.05
Pcl3e.ch.05Pcl3e.ch.05
Pcl3e.ch.05
Luzy Jimenez
 
Windows 8.1 Deployment - Tools, Tools, Tools
Windows 8.1 Deployment - Tools, Tools, ToolsWindows 8.1 Deployment - Tools, Tools, Tools
Windows 8.1 Deployment - Tools, Tools, Tools
Roel van Bueren
 
Control panel by
Control panel byControl panel by
Control panel by
Noor Fatima
 
Windows Xp Optimization
Windows Xp OptimizationWindows Xp Optimization
Windows Xp Optimization
Shan Sachwani
 

Recommended

Os and network activity javier guerrero
Os and network activity javier guerreroOs and network activity javier guerrero
Os and network activity javier guerrero
JGuerreroM96
 
Aware of your computer
Aware of your computerAware of your computer
Aware of your computer
Sudhakar ak
 
computing networks and operating system
computing networks and operating system computing networks and operating system
computing networks and operating system
porfinencuentrounodisponible
 
Operating systems and networks
Operating systems and networksOperating systems and networks
Operating systems and networks
carmenpuigdueta
 
Pcl3e.ch.05
Pcl3e.ch.05Pcl3e.ch.05
Pcl3e.ch.05
Luzy Jimenez
 
Windows 8.1 Deployment - Tools, Tools, Tools
Windows 8.1 Deployment - Tools, Tools, ToolsWindows 8.1 Deployment - Tools, Tools, Tools
Windows 8.1 Deployment - Tools, Tools, Tools
Roel van Bueren
 
Control panel by
Control panel byControl panel by
Control panel by
Noor Fatima
 
Windows Xp Optimization
Windows Xp OptimizationWindows Xp Optimization
Windows Xp Optimization
Shan Sachwani
 
Basic Active Record
Basic Active RecordBasic Active Record
Basic Active Record
kdmcclin
 
Resume
ResumeResume
Resume
Prerit Gupta
 
Intro to Ruby/Rails at TechLady Hackathon
Intro to Ruby/Rails at TechLady HackathonIntro to Ruby/Rails at TechLady Hackathon
Intro to Ruby/Rails at TechLady Hackathon
kdmcclin
 
IMTAFM
IMTAFMIMTAFM
IMTAFM
Andy Flett
 
PC CERTIFICATION routine
PC CERTIFICATION routinePC CERTIFICATION routine
PC CERTIFICATION routine
Andy Flett
 
No.23-D (1)
No.23-D (1)No.23-D (1)
No.23-D (1)
Rob Bohrer
 
resume
resumeresume
resume
amit kumar rajora
 
RoR: What is it Good For?: Absolutely Something
RoR: What is it Good For?: Absolutely SomethingRoR: What is it Good For?: Absolutely Something
RoR: What is it Good For?: Absolutely Something
kdmcclin
 
DukeTalks
DukeTalksDukeTalks
DukeTalks
Taylor Goddard
 
Jerry Angel Report for karyotype & FISH training
Jerry Angel Report for karyotype & FISH trainingJerry Angel Report for karyotype & FISH training
Jerry Angel Report for karyotype & FISH training
Jerry Angel
 
Linux tips
Linux tipsLinux tips
Linux tips
H. Kheir
 
Installation of TCP/IP protocol and windows components
Installation of TCP/IP protocol and windows componentsInstallation of TCP/IP protocol and windows components
Installation of TCP/IP protocol and windows components
Warda Chaudhry
 
Presentation1
Presentation1Presentation1
Presentation1
porfinencuentrounodisponible
 
System Administration: Linux Process
System Administration: Linux ProcessSystem Administration: Linux Process
System Administration: Linux Process
lucita cabral
 
Presentation by darwin 12 garcia
Presentation by darwin 12 garciaPresentation by darwin 12 garcia
Presentation by darwin 12 garcia
daki01
 
Server client-presentation.
Server client-presentation.Server client-presentation.
Server client-presentation.
Norvy Villanueva
 
Guide koha
Guide kohaGuide koha
Guide koha
Chaudhary Ashokkumar
 
Chapter08
Chapter08Chapter08
Chapter08
ALBAKRI MOHAMMAD
 
Chapter08-OS.ppt
Chapter08-OS.pptChapter08-OS.ppt
Chapter08-OS.ppt
yonas771772
 
Chapter9 and10
Chapter9 and10Chapter9 and10
Chapter9 and10
Saurav
 
Chapter9and10
Chapter9and10Chapter9and10
Chapter9and10
Saurav
 
First fare 2010 lab-view creating custom dashboards
First fare 2010 lab-view creating custom dashboardsFirst fare 2010 lab-view creating custom dashboards
First fare 2010 lab-view creating custom dashboards
Oregon FIRST Robotics
 

More Related Content

Viewers also liked

PC CERTIFICATION routine
PC CERTIFICATION routinePC CERTIFICATION routine
PC CERTIFICATION routine
Andy Flett
 
Jerry Angel Report for karyotype & FISH training
Jerry Angel Report for karyotype & FISH trainingJerry Angel Report for karyotype & FISH training
Jerry Angel Report for karyotype & FISH training
Jerry Angel
 

Viewers also liked (10)

Basic Active Record
Basic Active RecordBasic Active Record
Basic Active Record
 
Resume
ResumeResume
Resume
 
Intro to Ruby/Rails at TechLady Hackathon
Intro to Ruby/Rails at TechLady HackathonIntro to Ruby/Rails at TechLady Hackathon
Intro to Ruby/Rails at TechLady Hackathon
 
IMTAFM
IMTAFMIMTAFM
IMTAFM
 
PC CERTIFICATION routine
PC CERTIFICATION routinePC CERTIFICATION routine
PC CERTIFICATION routine
 
No.23-D (1)
No.23-D (1)No.23-D (1)
No.23-D (1)
 
resume
resumeresume
resume
 
RoR: What is it Good For?: Absolutely Something
RoR: What is it Good For?: Absolutely SomethingRoR: What is it Good For?: Absolutely Something
RoR: What is it Good For?: Absolutely Something
 
DukeTalks
DukeTalksDukeTalks
DukeTalks
 
Jerry Angel Report for karyotype & FISH training
Jerry Angel Report for karyotype & FISH trainingJerry Angel Report for karyotype & FISH training
Jerry Angel Report for karyotype & FISH training
 

Similar to ANDY FLETT TOOLS summary

Presentation by darwin 12 garcia
Presentation by darwin 12 garciaPresentation by darwin 12 garcia
Presentation by darwin 12 garcia
daki01
 
Chapter9and10
Chapter9and10Chapter9and10
Chapter9and10
Saurav
 
First fare 2010 lab-view creating custom dashboards
First fare 2010 lab-view creating custom dashboardsFirst fare 2010 lab-view creating custom dashboards
First fare 2010 lab-view creating custom dashboards
Oregon FIRST Robotics
 
User manual of n280
User manual of n280User manual of n280
User manual of n280
yogesh010
 

Similar to ANDY FLETT TOOLS summary (20)

Linux tips
Linux tipsLinux tips
Linux tips
 
Installation of TCP/IP protocol and windows components
Installation of TCP/IP protocol and windows componentsInstallation of TCP/IP protocol and windows components
Installation of TCP/IP protocol and windows components
 
Presentation1
Presentation1Presentation1
Presentation1
 
System Administration: Linux Process
System Administration: Linux ProcessSystem Administration: Linux Process
System Administration: Linux Process
 
Presentation by darwin 12 garcia
Presentation by darwin 12 garciaPresentation by darwin 12 garcia
Presentation by darwin 12 garcia
 
Server client-presentation.
Server client-presentation.Server client-presentation.
Server client-presentation.
 
Guide koha
Guide kohaGuide koha
Guide koha
 
Chapter08
Chapter08Chapter08
Chapter08
 
Chapter08-OS.ppt
Chapter08-OS.pptChapter08-OS.ppt
Chapter08-OS.ppt
 
Chapter9 and10
Chapter9 and10Chapter9 and10
Chapter9 and10
 
Chapter9and10
Chapter9and10Chapter9and10
Chapter9and10
 
First fare 2010 lab-view creating custom dashboards
First fare 2010 lab-view creating custom dashboardsFirst fare 2010 lab-view creating custom dashboards
First fare 2010 lab-view creating custom dashboards
 
Eding_CNC_Software_installation_manual.pdf
Eding_CNC_Software_installation_manual.pdfEding_CNC_Software_installation_manual.pdf
Eding_CNC_Software_installation_manual.pdf
 
Readme
ReadmeReadme
Readme
 
Readme
ReadmeReadme
Readme
 
Operating System & Utility Programme
Operating System & Utility ProgrammeOperating System & Utility Programme
Operating System & Utility Programme
 
User manual of n280
User manual of n280User manual of n280
User manual of n280
 
2.4
2.42.4
2.4
 
Apple mac
Apple macApple mac
Apple mac
 
Foit lab manual
Foit lab manualFoit lab manual
Foit lab manual
 

ANDY FLETT TOOLS summary

  • 1. ANDY FLETT TOOLS summary DATE = December 2014 TO ENABLE = the evaluation of situations (and the addition of value and knowledge) without the need for “touch labour” or “visits” (i.e. “getting the computer & network to do the initial work” rather than “passing the problem onwards”, ideally reducing diagnosis delays) See - APPENDIX 1 = Summary of “not normally easily available” results and facilities available with this suite of tools (Go straight to Appendix 1) See - APPENDIX 2 = POSSIBILITES based on the principles outlined below (most of these “possibilities” already exist) – (Go straight to Appendix 2) DESCRIPTION OF OPERATION follows…… MAIN MENU (Launch MAINMENU.vbs) presents the following options....... Input a valid number, choose OK or press ENTER Further explanations of the above options follow. (Continues on Next Page)
  • 2. OPTION 1 = Detect PC Input a NetBios name in to the resulting screen Choose OK or press ENTER VALID RESULT IP address retrieved from DNS, tested for reply, then validated against originally specified NetBios Name to check ACTUAL EXPECTED NAME replied – rather than just “something” replied (CI.IT.POINT option only presented when on RMGP domain) (Continues on Next Page)
  • 3. OPTION 1 - ALTERNATE REPLY 1 NetBios Name NOT ACTIVE or INVALID or NETWORK UNAVAILABLE (Continues on Next Page)
  • 4. OPTION 1 - ALTERNATE REPLY 2 DIFFERENT NetBios Name replies = reported, USUALLY when DNS is “out of date” (i.e. a DIFFERENT NetBios Name is now associated with the recently DNS recorded ORIGINAL NetBios Name, but DNS has NOT been fully updated yet – this is the equivalent of “something responded – but NOT what you intended to test for!”) (Continues on Next Page)
  • 5. OPTION 2 = Detect/Map Network Drive to PC Input a NetBios name in to the resulting screen Choose OK or press ENTER Proceeds as Option 1 previously – if a validated PC is returned, disconnects any previously mapped T: (“target”) drive and attempts to map NEW T: drive to C$ share on target PC. Success results in a new instance of Windows Explorer, focussed on the newly mapped T: drive. Any failure is reported accordingly. ADVANTAGE = network drive is speedily/automatically mapped to VERIFIED PC and NOT a “possibly similar” PC occupying an out of date published DNS address (Continues on Next Page)
  • 6. OPTION 3 = Connect Command Prompt Session to PC Input a NetBios name in to the resulting screen Choose OK or press ENTER Valid detection of active NetBios name results in the following In the above example, the command “SET COMPUTERNAME” shows the Command Prompt Session is running on the (remote) intended target, rather than locally. CAUTION – ONLY TEXT BASED DOS/Windows commands can be run in this environment – any WINDOWS PROGRAMS launched can result in loss of control, and the environment reacts unfavourably to commands like CTRL+C or CTRL+S. (Pause & Resume) Simple short commands like CHKDSK /F/R – resulting in the scheduling of a CHKDSK routine run on the next reboot of the target (without visit, user interruption – or maybe even target user knowledge) work well with this option
  • 7. Type EXIT within the remote session to close that session (“error code 0” above = 0 errors occurred within the PsExec session) OPTION 4 = Options 1+2+3 above – but sequentially Executes all 3 previously listed menu choices sequentially (i.e. Detect PC, if successful- map network drive AND commence Remote Command Prompt session) Enables suitable executable programs (see later for examples) to be transferred to the target PC – and possibly run (even fully automatically) within the Remote Command Prompt session (e.g. “BATCH” files or “COPY” routines) (Continues on Next Page)
  • 8. OPTION 5 = Query PC Input a NetBios name in to the resulting screen Choose OK or press ENTER Proceeds as per Option 1 – on successful detection of target PC, launches 3 separate functions as follows (Continues on Next Page)
  • 9. OPTION 5, FUNCTION 1 = “standard” test routine = results as follows • Verifies correct target as previously • Launches optional PC QUERY routine separately (details follow) • Launches optional EXTRA DIAGNOSTICS routine separately (details follow) • Performs STANDARD DIAGNOSTIC routines (in the background while other functions are presented/chosen) – e.g. Verifies Target PC ACCOUNT with Domain Controller server, Reveals full OU Name of Target PC, Reveals recent Startups, CORRECT Shutdowns and IMPROPER Shutdowns since commencement of Target PC log file (allows detection of a “troublesome” PC? One with repeated “blue screens” or “OFF button being repeatedly held in”), Reveals if Client Side Caching (Offline Files) is enabled (Continues on Next Page)
  • 10. OPTION 5, FUNCTION 2 = PC QUERY routine Reveals dated report of PC details as follows (TEXT file, for easy SAVE or COPY of details) For IMMEDIATE “advanced” diagnosis - specifically includes….. • any external/attached Video Display Unit details (if powered on and detectable) • Available Memory Capacity and current usage (slow PC? = not enough memory maybe?) • Last recorded Boot Time (is it really “always rebooting”?) • Hard Disk sizes (For RMGP Domain based PCs – also reveals “cloud data” details for any detected active “logged on” user – or absence of one, as above) (Continues on Next Page)
  • 11. OPTION 5, FUNCTION 3 = OPTIONAL EXTRA DIAGNOSTICS routine Presented as below To EXIT without performing any of the above (i.e. these are optional – you don’t have to run any of these if you don’t want to), input 0, x or X and press ENTER Details of optional facilities follow (Continues on Next Page)
  • 12. OPTION 5, FUNCTION 3 = OPTIONAL EXTRA DIAGNOSTICS routine – SUB OPTION 1 Display NETWORK CONFIGURATIONS Queries REMOTE PC “directly” for its Network Configurations, Reveals details like…… • DHCP server and lease time for EACH revealed (type of) network adapter in use – allows detection of “LONG LEASE times” (e.g. “other” on site PCs or devices acquiring APIP Addresses) – in seconds, (providing at least ONE DHCP enabled PC on the same subnet has acquired a valid IP Address) - without a visit! • MULTIPLE NETWORK ADAPTERS active/in use, and which one holds the DNS address (enables detection of a WIRELESS Network Adapter as the DNS target, and the possibility of any “connection loss” if the user “logs off” while remotely connected) (Continues on Next Page)
  • 13. OPTION 5, FUNCTION 3 = OPTIONAL EXTRA DIAGNOSTICS routine – SUB OPTION 2 Display state of OFFLINE FILE Service (Repeat of automatically processed item in OPTION 5, FUNCTION 1) OPTION 5, FUNCTION 3 = OPTIONAL EXTRA DIAGNOSTICS routine – SUB OPTION 3 Display state of CONFIGURATION MANAGER REMOTE CONTROL Service May be used to establish why CMRCVIEWER.EXE cannot make a valid connection to an apparently active PC and NOT display a Remote Control Session dialogue OPTION 5, FUNCTION 3 = OPTIONAL EXTRA DIAGNOSTICS routine – SUB OPTION 4 Display Attached “disks” Reveals “disks” on Target PC and sizes (includes USB Memory Sticks) – NOT CD/DVD drives (Continues on Next Page)
  • 14. OPTION 5, FUNCTION 3 = OPTIONAL EXTRA DIAGNOSTICS routine – SUB OPTION 5 Display Memory Usage Provides the ability to “observe and list” what applications and processes are running on a remote PC – AND (if able to “get in” and report) what may be “hogging the memory” or “thrashing the system” – without a visit. (Continues on Next Page)
  • 15. OPTION 5, FUNCTION 3 = OPTIONAL EXTRA DIAGNOSTICS routine – SUB OPTION 6 Display LAPTOP Battery Usage RESULT 1 = Desktop (i.e. NO BATTERY, usually!) RESULT 2 = Laptop on MAINS power RESULT 3 = Laptop on BATTERY power Allows detection of a “network connected” laptop “running on battery” that MAY “expire” and become non responsive - BEFORE commencement of a long remote diagnostic or remote configuration process NB – Laptop may be “wireless connected” to a network AND have a low battery condition – occasionally a tenuous situation to commence advanced/detailed work on! (Continues on Next Page)
  • 16. OPTION 5, FUNCTION 3 = OPTIONAL EXTRA DIAGNOSTICS routine – SUB OPTION 7 Show recent User Logons Creates spreadsheet similar to as below (dates reported as N/A = logon BEFORE scope of report, or session still current) Simply an audit trail of recent users for that PC, and “how and when” they used it – note that some people “stay logged on for days” (via Switch User option?) (Continues on Next Page)
  • 17. OPTION 5, FUNCTION 3 = OPTIONAL EXTRA DIAGNOSTICS routine – SUB OPTION 8 Show defined printers on target computer (and ports used) (Continues on Next Page)
  • 18. OPTION 6 = Query IP Address Input an IP ADDRESS in to the resulting screen (NOT NetBios Name = slightly different) PINGs supplied IP Address, tests for reply Allows detection of an “occupied” IP Address – and tries to discover what device is occupying it and report about it – usually without a visit! Attempts (Windows) NBTSTAT command to reveal NetBios Name if possible (e.g. a RICOH Printer WILL reveal a NetBios name – as per the example below) Most (if not all) Ricoh Printers have a “signature” NetBios Name commencing RNP?????? – detected as above – which can be processed accordingly (Continues on Next Page)
  • 19. For a “possible printer” – subsequent key press launches “Web Browser” as below – configured to reveal (and possibly change) PRINTER DETAILS similar to as below (requires only ONE key press to acquire the following display of information) Device Info tab (in this case) will reveal Printer Serial Number (once again, without a visit!) (Continues on Next Page)
  • 20. Will prompt to initiate TELNET SESSION if NetBios name cannot be determined (takes a bit of time waiting for NBTSTAT command attempt to fail) (Continues on Next Page)
  • 21. Example of a “Managed ROUTER or SWITCH” detected by a TELNET session Different Printers or UNIX hosts will respond differently – as explained BEFORE the TELNET connection is attempted (not seen here). Some devices will not respond to a TELNET connection attempt – but it doesn’t hurt to try, and at least you know the IP Address is “occupied” – not necessarily “what” is occupying it! Devices that DO “respond” often respond characteristically, similar to as above. (It helps if you know what kind of response is expected! – hence the “explanation document” being presented before the connection attempt is made) (Continues on Next Page)
  • 22. OPTION 7 = Examine BIOS Contents on an “active” Remote PC Input a NetBios name in to the resulting screen Choose OK or press ENTER ONLY TESTED on HP and LENOVO devices (2 completely different methods of reporting – MAY work on devices from other manufacturers? – or with slight alteration) Either REPORTS DIRECTLY or QUERIES REMOTELY Single key press required after query 1) “HP”Method = mapped drive + remote program execution (Continues on Next Page)
  • 23. 2) Reported Data (after single key press) (This is an example of HP’s “proprietary” way of reporting/configuring the BIOS from a Command Prompt – other PCS (like Lenovo) will/may respond to the more standard WMI interrogation or reprogramming method) (Continues on Next Page)
  • 24. 3) This is an example of the “LENOVO” method (using WMI rather than a proprietary program) = “less complicated” arrival at similar result Result using BOTH methods = a text file of configurations called…. <NetBios_Name>_BIOS.txt ….. is created on both the target and the calling computer – for records, examination or use later As well as “examining” BIOS contents remotely, there ARE ways to “reprogram” BIOS contents remotely (e.g. Change BOOT order? Enable NUM LOCK on start-up? Enable/Disable certain functions) for activation on the next boot of the PC
  • 25. APPENDIX 1 = Summary of “not normally easily available” results and facilities available with this suite of tools Function or Determined item NO VISIT REQUIRED NO USER INTERVENTION or Knowledge COMMAND PROMPT running on remote PC Yes Yes Certain programs/routines executed on remote PC Yes Yes Detection/validation of “Domain Trust” relationship Yes Yes Validated “OS Activation” test (revealing Activation Code) Yes Yes Number of Successful/Improper Startups/Shutdowns (can be used to identify a problem PC….. or user!) Yes Yes PC Make/Model/Serial Number Yes Yes Active OS version Yes Yes Current User (if any) Yes Yes Any attached Monitor Make/Model/Serial Number Yes Yes Installed Memory value (can be used to establish if PC is up to memory specification – may run “slow” if not) Yes Yes Last BOOT time Yes Yes Network Adapters in use (may be more than one –able to identify “cabled” and “wireless” adapters) Yes Yes DHCP Server and Lease Period (can be used to establish why IP Addresses “run out” on a remote subnet?) Yes Yes Attached “USB” type disks and details Yes Yes Memory-Usage/Applications-Active on a target PC (may be able to identify a “process hogging the system?) Yes Yes Laptop running on MAINS or BATTERY (may expire soon?) Yes Yes Recently Logged On users of the target PC (spreadsheet) Yes Yes Printers defined on Target PC Yes Yes Printer discovered occupying IP Address, and details Yes Yes (Limited) Target IP address device identification Yes Yes Remote PC BIOS examination/recording/manipulation Yes Yes …… obviously, if a PC is “thrashing”, these may “thrash” it even further – but usually, a logged on user would never notice that any of the above are being evaluated For information....... All the above details above are acquired via combinations of standard System Executable utilities (configured accordingly), specific Visual Basic Scripts, WMI (Windows Management Interface) commands, Powershell scripts and Windows Command Line Interface routines – usually run with (local or domain) ADMINISTRATOR authority on target devices where necessary
  • 26. APPENDIX 2 = POSSIBILITES based on the principles outlined above OPTION 4 = DETECT PC/MAP DRIVE/RUN COMMAND PROMPT SESSION Create AUTOMATED COMMAND FILES that can be transferred to a Target PC (along with any necessary accompanying files) to run a routine on a remote PC within a (possibly un- noticed?) Command Prompt session (ideally cleaned up/deleted after processing) ALREADY EXISTING EXAMPLES • HP Version of Option 7 ( Examine BIOS contents) above • Reprogram BIOS of remote HP PC for use after next re-boot (e.g. change boot order - even to initiate PXE boot for remote reconfiguration, or simply toggle NUM LOCK on/off at boot, or similar) • WAKE UP REMOTE PC (requires knowing the MAC address of a Target PC AND finding an already active PC on the same network subnet) – method=transfer files/routine to the “active” PC and use WAKE ON LAN procedure to boot or resume the intended network/mains connected PC – EVEN if it’s “switched off” OPTION 5 = QUERY PC Report on lists of MULTIPLE PCs rather than just one ALREADY EXISTING EXAMPLES • Detected PC Hardware Details/Users/Software-per-PC reports • Detected PC Hardware Details/Users AND LOCATIONS reports (depends on “look up tables” related to detected IP Address or User) • Lists of Users Per PC • For RMG = Lists of Users Per PC, Date Last Used and “updated dates” of relevant users “cloud data” • Routine that can query each detected PC and ask about “other nearby PCs” via restricted NET VIEW command – expanding the “original supplied list”, possibly even finding NetBios Names that were previously unknown/unregistered – can be configured to run continuously = self perpetuating automatic inventory management! (Will even discover PCs “new to” or “NOT registered to” a DOMAIN) Based on OPTION 5 above (…. And IDEAL for “refresh planning” – if any) “Certificate of Hardware/Software/Configurations Conformity” Report ALREADY EXISTING EXAMPLES show…… • PC Hardware (inc. Memory (and locations), Network Adapters, Disk Drives etc.) • Current Operating System AND Installation date • INSTALLED software • MISSING and EXTRA sotware other than as expected (comparison list required) • MISSING SERVICES compared to as expected (comparison list required) • Known/Previous PC Users at test time • Installed Printers at test time • Possible Legacy Problem Printers (e.g. Parallel Port Printers) • Problem Devices • EXPECTED (AND any EXTRA) Machine Administrators • MISSING Machine Administrators differing to as expected – if any • Network Problems
  • 27. • Test initiator, date and time
  • 28. APPENDIX 3 = Extra Option 5 = PCQUERY routine options – not used much other than to show off! Typing C at the prompt above produces a “revolving/animated” chart of the Memory Values that appear above (Continues on Next Page)
  • 29. When viewed on a computer screen – this chart slowly revolves! The “principle” of “instantly automatically presenting graphical representations of remotely/recently acquired data” is “simply” illustrated here. There may be more convoluted and larger sets of data that could be processed (Continues on Next Page)
  • 30. Other options appear after the chart above has been generated Mainly used to create SINGLE or SMALL AUDITS of PCs – there are better ways of doing large ones!
  • 31. APPENDIX 4 = Useful Extra Utilities WS_Ping ProPack (or similar?) – used as below = able to determine “occupied IP Addresses” on a remote target network subnet – and “sometimes” the devices occupying those IP Addresses – without a visit. MAY enable detection of an active target PC that can be used as an “intermediate” in a WAKE ON LAN attempt to a known inactive MAC Address on that subnet…… …… OR to query the network details (Main Menu, OPTION 5, FUNCTION 3 = OPTIONAL EXTRA DIAGNOSTICS routine – SUB OPTION 1) of any “working” target PC, where other PCs are “unable to obtain an IP Address” on that network subnet – to identify the length of the DHCP Lease Period, which may be too long for the quantity of devices allocated to the site. In this particular scenario...... • “LOWER”numbered and “blank” IP Addresses are usually switches or routers – and can be identified accordingly, using MAIN MENU OPTION 6 (Query an IP Address) • Names like RNP?????? Are Ricoh Network Printers and can be queried using the same method as the switches/routers above