When undertaking a file migration project between Active Directory domains and forests, it's necessary to locate any EFS encrypted files in order to decrypt them prior to the decommissioning of the old domain and the loss of the keys.
I located this handy script that will identify encrypted files in a volume (just change the drive letter as necessary):
strComputer = "."
Set objWMIService = GetObject("winmgmts:" _
& "{impersonationLevel=impersonate}!\\" & strComputer & "\root\cimv2")
Set colFolders = objWMIService. _
ExecQuery("Select * from Win32_Directory where Drive='C:'" _
& " AND Encrypted=True")
For Each objFolder in colFolders
Wscript.Echo "Name: " & objFolder.Name
Wscript.Echo "Path: " & objFolder.Path
Next
Showing posts with label wmi. Show all posts
Showing posts with label wmi. Show all posts
Sunday, July 4, 2010
Wednesday, November 11, 2009
How to differentiate a VM from a physical machine
My company wanted to apply a policy to Virtual machines to change the screen saver to the blank one. Makes sense right? Why waste shared CPU cycles on a screen saver nobody is ever actually going to see because the machine has no screen?
The issue was, how to differentiate a VM from other machines. (Personally, I would just have forced a blank screen saver on a 10 minute idle timer on everything and save a little money on the energy bills. You then create an exception group in Active directory, give it deny apply permissions on the policy and put computer accounts of machines that must always have the display running such as wall monitors for call queues or network monitoring, etc in the exception group..... but I digress from the topic at hand.)
So to get back to the topic, how can we differentiate a VM from a physical machine? A little walk through WMI Explorer gave me the answer. A WMI query:
Select * from Win32_ComputerSystem WHERE Manufacturer LIKE "VMWare%"
Add that as a filter to your GPO and it'll only apply to VMWare machines.
"What about Microsoft Virtual Server?" I hear you ask. I don't know. We don't use them, but I suspect if you look through WMI, you'll find a similar marker that can be used to identify them.
It's also worth noting that the LIKE filter in the statement will only work on XP and later machines.
Cheers,
Sean
The issue was, how to differentiate a VM from other machines. (Personally, I would just have forced a blank screen saver on a 10 minute idle timer on everything and save a little money on the energy bills. You then create an exception group in Active directory, give it deny apply permissions on the policy and put computer accounts of machines that must always have the display running such as wall monitors for call queues or network monitoring, etc in the exception group..... but I digress from the topic at hand.)
So to get back to the topic, how can we differentiate a VM from a physical machine? A little walk through WMI Explorer gave me the answer. A WMI query:
Select * from Win32_ComputerSystem WHERE Manufacturer LIKE "VMWare%"
Add that as a filter to your GPO and it'll only apply to VMWare machines.
"What about Microsoft Virtual Server?" I hear you ask. I don't know. We don't use them, but I suspect if you look through WMI, you'll find a similar marker that can be used to identify them.
It's also worth noting that the LIKE filter in the statement will only work on XP and later machines.
Cheers,
Sean
Subscribe to:
Comments (Atom)
Posts
