+ Post New Thread
Page 1 of 2 12 LastLast
Results 1 to 15 of 20
Scripts Thread, Logon script to send an email? Works when ran 'normally'? Where am I going wrong? in Coding and Web Development; We need to be able to trace when and where an account logs in, as it's an important account that ...
  1. #1


    Join Date
    Jan 2012
    Posts
    2,568
    Thank Post
    920
    Thanked 342 Times in 263 Posts
    Rep Power
    206

    Logon script to send an email? Works when ran 'normally'? Where am I going wrong?

    We need to be able to trace when and where an account logs in, as it's an important account that shouldn't actually need to be used. Easiest way would be a logon script, and I know .BAT and .VBS can be used natively (rather than using a batch file to call a powershell script or similar). So..
    I've compiled a VBScript using fragments I've found on the internet and if I run this from my desktop, it works. The two recipients get the e-mail and the username, computername and datetime are all as should be.
    To test that it works properly, we applied it to one of our members of staff (as a logon script to her profile) and.... Nothing. No e-mail.
    If I log on from the test account in question and navigate to netlogon and run it manually from there, it works fine. Just not as a logon script.

    Code:
    Set wshNetwork = WScript.CreateObject( "WScript.Network" )
    Set objMessage = CreateObject("CDO.Message") 
    objMessage.Subject = "Notification: Monitored Account Logon" 
    objMessage.From = "Helpdesk@..." 
    objMessage.To = "Guy1@..., Guy2@..." 
    objMessage.TextBody = ("User " & wshNetwork.UserName & " logged onto workstation " & wshNetwork.ComputerName & " at " & Now)
    objMessage.Configuration.Fields.Item("http://schemas.microsoft.com/cdo/configuration/sendusing") = 2
    objMessage.Configuration.Fields.Item("http://schemas.microsoft.com/cdo/configuration/smtpserver") = "EMAIL SERVER"
    objMessage.Configuration.Fields.Item("http://schemas.microsoft.com/cdo/configuration/smtpserverport") = 25
    objMessage.Configuration.Fields.Update
    objMessage.Send
    Is it something to do with the way the logon script is applied?
    Did I do something wrong? Do scripts need extra lines of code for logon scripts or something?
    I haven't really done anything in VBScript before, so I don't know..
    Last edited by Garacesh; 13th March 2014 at 11:44 AM.

  2. #2
    jamesreedersmith's Avatar
    Join Date
    Sep 2009
    Location
    Ruskington
    Posts
    1,148
    Thank Post
    77
    Thanked 253 Times in 227 Posts
    Rep Power
    76
    Why not just change the password to something random known only to a single person? or better get someone to type the first half and someone else type the second?

  3. #3


    Join Date
    Jan 2012
    Posts
    2,568
    Thank Post
    920
    Thanked 342 Times in 263 Posts
    Rep Power
    206
    It's our "Everybody got hit by a bus" backup Domain Admin account. The credentials are envelope'd and laminated in the safe - this is to ensure we're alerted if that ever changes.

  4. #4
    jamesreedersmith's Avatar
    Join Date
    Sep 2009
    Location
    Ruskington
    Posts
    1,148
    Thank Post
    77
    Thanked 253 Times in 227 Posts
    Rep Power
    76
    Why not just change the password to something random known only to a single person? or better get someone to type the first half and someone else type the second?

    So password in two halves in two sealed envelopes in the safe?

  5. #5


    Join Date
    Jan 2012
    Posts
    2,568
    Thank Post
    920
    Thanked 342 Times in 263 Posts
    Rep Power
    206
    If somebody accesses the safe and removes that password, they will have the credentials for a domain administrator. We most likely would not be alerted to this immediately, as nobody would really know about it.
    We want this logon script applied to that account so that if somebody does login to that account it informs us via email. If we've all been hit by a bus, then that's fine, the email will sit there in our accounts, likely never be read, and the new guy can rebuild the network with his shiny domain admin account. However, if we haven't all been hit by a bus, we'll see the e-mail, read it, and know that the credentials have been nicked.

    You can fragment the password as many times as you like, a 15-character password scavenger hunt that gives you 1 letter per clue if it pleases you. The issue is we need a way to be informed ASAP if the credentials become compromised.
    Last edited by Garacesh; 13th March 2014 at 11:06 AM.

  6. #6

    Join Date
    Nov 2011
    Location
    United Kingdom
    Posts
    6
    Thank Post
    0
    Thanked 0 Times in 0 Posts
    Rep Power
    0
    Not sure if this will help, but I used a script to do exactly this too. Looking at yours I can't see anything wrong though.

    Code:
    Set objNetwork = wscript.CreateObject("wscript.network")
    Set WshNetwork = WScript.CreateObject("WScript.Network")
    
    SMTPServer = "x.x.x.x"
    Recipient = "bheadon@****"
    From = "alert@****"
    Subject = "Alert " & objNetwork.Username & " is on " & WshNetwork.ComputerName
    Message = " User " & objNetwork.Username & " has logged into " & WshNetwork.ComputerName
    
    ' To add an attachment update the full path and uncomment the line
    ' There is one line below that must also be uncommented
    
    
    'attachment = "c: \ test.txt"
    
    
    ' Call Sub and pass required data
    GenericSendmail SMTPserver, From, Recipient, Subject, Message 
    
    ' Begin Sub
    ' ------------------------------------------------------------------
    ' Generic function to send mail using a remote
    ' SMTP server. Pass SMTPserver, From address, 
    ' Recipient address, Subject, and Message as arguments
    ' ------------------------------------------------------------------
    Sub GenericSendmail (SMTPserver, From, Recipient, Subject, Message) 
    
    set msg = WScript.CreateObject("CDO.Message")
    msg.From = From
    msg.To = Recipient
    msg.Subject = Subject
    msg.TextBody = Message 
    
    ' To add an attachment uncomment this line
    'msg.AddAttachment attachment
    
    msg.Configuration.Fields ("http://schemas.microsoft.com/cdo/configuration/smtpserver") = SMTPServer
    msg.Configuration.Fields("http://schemas.microsoft.com/cdo/configuration/sendusing") = 2
    
    msg.Configuration.Fields.Update
    
    msg.Send
    
    End Sub

  7. #7


    Join Date
    Jan 2012
    Posts
    2,568
    Thank Post
    920
    Thanked 342 Times in 263 Posts
    Rep Power
    206
    I'll give it a shot!

    Question: By defining SMTPServer, Recipient, etc at the start of the script, then referring to it later, aren't you just adding extra steps where they don't need to be?

    Would
    Code:
    set msg = WScript.CreateObject("CDO.Message")
    msg.From = "alert@****"
    msg.To = "bheadon@****"
    msg.Subject = Subject
    msg.TextBody = Message 
    msg.Configuration.Fields ("http://schemas.microsoft.com/cdo/configuration/smtpserver") = "x.x.x.x"
    not work just as well?
    Last edited by Garacesh; 20th March 2014 at 11:45 AM.

  8. #8

    Join Date
    Nov 2011
    Location
    United Kingdom
    Posts
    6
    Thank Post
    0
    Thanked 0 Times in 0 Posts
    Rep Power
    0
    I am sure you can cut it down but it just means that everything you might want to edit is up the top of the script. It just makes it a little easier to see where the changes are that you want to make. Feel free to edit it as you see fit (I only adapted it from someone else's hard work) but I do know it works for what you want it to do (I just attached it as a login script for any user we wanted to log, the script reads the login name and changes the email appropriately) .

  9. #9


    Join Date
    Jan 2012
    Posts
    2,568
    Thank Post
    920
    Thanked 342 Times in 263 Posts
    Rep Power
    206
    Nope
    Same situation. Works when ran from my desktop. Does not work as a logon script.

    Code:
    Set objNetwork = wscript.CreateObject("wscript.network")
    Set WshNetwork = WScript.CreateObject("WScript.Network")
    
    GenericSendmail
    
    Sub GenericSendmail (Subject, Message) 
    set msg = WScript.CreateObject("CDO.Message")
    msg.From = "Helpdesk@..."
    msg.To = "Guy1@..., Guy2@..."
    msg.Subject = "Notification: Monitored Account Logon"
    msg.TextBody = ("User " & wshNetwork.UserName & " logged onto workstation " & wshNetwork.ComputerName & " at " & Now)
    msg.Configuration.Fields("http://schemas.microsoft.com/cdo/configuration/smtpserver") = "SMTP IP"
    msg.Configuration.Fields("http://schemas.microsoft.com/cdo/configuration/sendusing") = 2
    msg.Configuration.Fields("http://schemas.microsoft.com/cdo/configuration/smtpserverport") = 25
    msg.Configuration.Fields.Update
    msg.Send
    End Sub

  10. #10

    Join Date
    Nov 2011
    Location
    United Kingdom
    Posts
    6
    Thank Post
    0
    Thanked 0 Times in 0 Posts
    Rep Power
    0
    Sorry to hear that. It has worked for me in 3 schools now so not sure what is going on. Maybe it is worth putting something into the script so you can check it actually runs? A message box or something? Or maybe use gpresult /h to check that the script is set up to run correctly on login?

  11. #11


    Join Date
    Jan 2012
    Posts
    2,568
    Thank Post
    920
    Thanked 342 Times in 263 Posts
    Rep Power
    206
    Hm. Nada. No message box popups. So it doesn't look like it's running

  12. #12
    jamesreedersmith's Avatar
    Join Date
    Sep 2009
    Location
    Ruskington
    Posts
    1,148
    Thank Post
    77
    Thanked 253 Times in 227 Posts
    Rep Power
    76
    Wheres the script located? can it be accessed by the account in question?

  13. #13

    Join Date
    Nov 2011
    Location
    United Kingdom
    Posts
    6
    Thank Post
    0
    Thanked 0 Times in 0 Posts
    Rep Power
    0
    Also maybe try running gpupdate /force to force the new policy to take effect and then run gpresult again to check it has gone through?

  14. #14


    Join Date
    Jan 2012
    Posts
    2,568
    Thank Post
    920
    Thanked 342 Times in 263 Posts
    Rep Power
    206
    Script is located in NetLogon so accounts definitely have access to it.
    The logon script isn't assigned to any OU, it's just assigned to the user (User Properties/Profile/Logon Script)

  15. #15

    Join Date
    Nov 2011
    Location
    United Kingdom
    Posts
    6
    Thank Post
    0
    Thanked 0 Times in 0 Posts
    Rep Power
    0
    Oh ok, when I ran mine I ran it on its own GPO under its own "Logged Users" OU. Maybe the script hasn't replicated to your other DCs yet (if you have more than one?).

SHARE:
+ Post New Thread
Page 1 of 2 12 LastLast

Similar Threads

  1. VB/AutoIt Script Sending An Email
    By russdev in forum Scripts
    Replies: 5
    Last Post: 1st July 2010, 10:45 PM
  2. Replies: 7
    Last Post: 24th March 2010, 03:58 PM
  3. Pressing "Return" to send an email??
    By WithoutMotive in forum General Chat
    Replies: 7
    Last Post: 8th November 2008, 10:43 AM
  4. Replies: 9
    Last Post: 10th May 2007, 10:13 AM
  5. Script to change user email in AD (or Exchange)
    By SpuffMonkey in forum Scripts
    Replies: 16
    Last Post: 8th November 2005, 10:31 PM

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •