9 Replies Latest reply on Jan 29, 2010 1:50 PM by SOM2010

    How to pass variables to sbadmcl in vbscript from .cvs file

      We have over 5000 EEPC client machines (v5.1.8) installed.  We built these using Autodomain to harvest existing Windows user profiles and automate creation and assignment of EEPC UserIDs to machine objects. This works very well. The problem is that we have tech admin IDs also being harvested from machines which they built (possibly years ago) which they will never support and we want to automate removing them from the machines.  We want to automate a process which reads a machine name from a .cvs file and passes it to sbadmcl to DELETE USER any "$*" EEPC userIDs which it finds on the machine.  We can perform this manually one machine at a time using sbadmcl but would like a way to automate it across a specific maching group.

      Thanks.

        • 1. Re: How to pass variables to sbadmcl in vbscript from .cvs file

          While you can create vbs for it, such a simple task can be performed on the server itself.

          If you have "file.csv" with machine and user names, you can run from command line:

          for /f "tokens=1,2 delims=," %i in (file.csv) do (
          sbadmcl.exe -command:RemoveUser -database:DATABASE -machine:%i -user:%j -adminuser:ADMIN -adminpwd:PASSWORD

          )

          • 2. Re: How to pass variables to sbadmcl in vbscript from .cvs file

            from the server running a command line of :

            for /f "tokens-1,2 delims=," %i in users.csv do (sbadmcl.exe -command:RemoveUser -database:EEPCEnterprise -machine:%j -adminuser:admin - adminpwd:password)

             

            will read the users.csv file and iterate through every machine in the database looking for userIDs which start with a $ and remove all it finds?

            Does the .csv file need to have any machine names in it or can I just have one line with the userID to remove = to $*  ?

            Also, I have multiple groups, I only want to run this on a specific group of machines.

             

            thanks,

             

             

            p.s. - attached shows a sample of the type of userIDs I want to remove on all machines. I don't know which userids are assigned to any specific machine.

             

             

            Message was edited by: SOM2010 on 1/28/10 1:09:46 PM CST
            • 3. Re: How to pass variables to sbadmcl in vbscript from .cvs file

              Unfortunately you must be explicit with machine and user names.

              You can preprocess information obtained from group, to find out all necessary combinations.

               

              sbadmcl.exe -command:DumpMachineUsers -database:EEPCEnterprise -group:MACHINEGROUP -adminuser:admin - adminpwd:password -file:allusers.txt

               

              When processing "allusers.txt" file instead of "users.csv", perform some condition check on user field, prior to RemoveUser part.

              1 of 1 people found this helpful
              • 4. Re: How to pass variables to sbadmcl in vbscript from .cvs file

                since we can find users in the Manager Console with a wildcard, will I also be able to pass a wild card value for the userID as $* from the allusers.txt file to sbadmcl ?

                 

                also, is there any documentation about:    for /f "tokens-1,2 delims=" %i in .... do (  )                 command ?

                 

                 

                Message was edited by: SOM2010 on 1/28/10 1:28:45 PM CST
                • 5. Re: How to pass variables to sbadmcl in vbscript from .cvs file

                  Google "batch for", for instructions on the FOR command in batch files.

                   

                  Personally, I prefer to use .vbs to build the sbadmcl command-string, then issue it using objShell.run.

                   

                  That also allows me to obfuscate the admin credentials.

                  • 6. Re: How to pass variables to sbadmcl in vbscript from .cvs file

                    Here is the code, put it in batch, replace DATABASE, GROUP, ADMIN, PASSWORD and run it.

                    @echo off
                    SETLOCAL EnableDelayedExpansion
                    sbadmcl.exe -command:DumpMachineUsers -database:"DATABASE" -group:"GROUP" -adminuser:ADMIN -adminpwd:PASSWORD -file:allusers.txt
                    for /f "tokens=1,2 delims=," %%i in (allusers.txt) do (
                    set var=%%j
                    set var=!var:~0,1!
                    if "!var!"=="$" (sbadmcl.exe -command:RemoveUser -database:"DATABASE" -machine:"%%i" -user:"%%j" -adminuser:ADMIN -adminpwd:PASSWORD)
                    )
                    
                    • 7. Re: How to pass variables to sbadmcl in vbscript from .cvs file

                      using this technique I successfully cleaned up 2,704 machines today in about 15 minutes. Thanks for the help !!

                      • 8. Re: How to pass variables to sbadmcl in vbscript from .cvs file

                        why did'nt you just delete the users themselves? I'm not sure I understand why you would unset them from machines, but leave them in EEM?

                        • 9. Re: How to pass variables to sbadmcl in vbscript from .cvs file

                          The names I needed removed from machines are the userIDs for computer technicians who originally built the machines some time ago, (up to as long as 12-18months).  We utilized our technicians from various locations around the state to deploy a managed desktop.  In the end, these technicians will very likely never again need to provide any type of support on the machines they deployed because of the geographic distance. i.e. we had technicians travel from the Upper Peninsula of Michigan to Detroit to deploy upwards of 300-400 machines in a weekend, multiple times.  When they did that they logged into Windows with their AD admin accounts, there by leaving their cached profile on the machine(s).  This was before we purchased SafeBoot.  As we're deploying the EEPC client with Autodomain.vbs, it is working almost perfectly to add these Windows profiles to the machine object in the EEPC Manager Console  - machines which the same technicians will never be supporting. We have asked and even told the techs (who have access to the Manager Console) to remove their own IDs from these machines, but pulling teeth is easiter it appears.

                           

                          So in the interest of keeping network traffic to a minimum and the number of userIDs assigned to machines in check for general security practices, we wanted them removed.  I didn't have time to individually examine each machine and manually remove them.  I've been doing that, but losing ground over time.

                           

                          We left them in EEM because they also have EEPC encrypted laptops they use daily so deleting them would have created a different problem.