- Access exclusive content
- Connect with peers
- Share your expertise
- Find support resources
10-20-2016 02:01 PM
01-02-2017 05:05 AM
How about a powershell script?
To schedule this script as a task you should configure the action properties as follow:
Program/Script: powershell
Add Argument: ./UserID.ps1
Start in: <path where you placed the script>
################################################################################## # # Script name: UserID.ps1 # ################################################################################## [string]$global:strFirewallIP = "FirewallsIP" [string]$global:strFirewallAPI = "FirewallsAPI" [string]$global:strDomain = "DOMAINNAME" [string]$global:strVsys = "vsys1" [string]$global:strTimeout = "120" [string]$global:strLogLevel = "1" # 0: Errors only, 1: Normal Logging, 2: Verbose logging [string]$global:strLogPath = "UserID.log" Function AddLog { param([string]$strMessage, [string]$strLevel = 0) If ([int]$global:strLogLevel -gt $strLevel -1) { $ct = Get-Date -Format "yyyy-MM-dd HH:mm:ss.fff" $logmessage = [string]$ct + " - " + $strMessage add-content -Path $global:strLogPath -Value $logmessage -Force } } Try { $message = "Script Launched" AddLog $message 2 [string]$global:UserName = [Environment]::UserName [string]$global:ipaddress = $(ipconfig | where {$_ -match 'IPv4.+\s(\d{1,3}\.\d{1,3}\.\d{1,3}\.\d{1,3})' } | out-null; $Matches[1]) $message = "Found username " + $global:UserName + " with ip address " + $global:ipaddress AddLog $message 2 [string]$strXMLLine = "<uid-message><version>1.0</version><type>update</type><payload><login><entry name=""" + $global:strDomain + "\" + $global:UserName + """ ip=""" + $global:ipaddress+ """ timeout=""" + $global:strTimeout + """/></login></payload></uid-message>" [string]$strEncodedXMLLine = [uri]::EscapeDataString($strXMLLine) $message = "Posting mapping to firewall " + $global:strFirewallIP + ": " + $strXMLLine AddLog $message 2 [string]$url = "https://" + $global:strFirewallIP + "/api/?key=" + $global:strFirewallAPI + "&type=user-id&vsys=" + $global:strVsys + "&cmd=" + $strEncodedXMLLine [System.Net.HttpWebRequest]$request = [System.Net.HttpWebRequest] [System.Net.WebRequest]::Create($url) $request.Method = "POST" $request.ContentType = "text/xml" [System.Net.ServicePointManager]::ServerCertificateValidationCallback = {$true} $message = "Finished Post." AddLog $message 2 try { [System.Net.HttpWebResponse]$response = [System.Net.HttpWebResponse]$request.GetResponse() $sr = New-Object System.IO.StreamReader($response.GetResponseStream()) [Xml]$xmlResponse = $sr.ReadToEnd() if ([string]$xmlResponse.FirstChild.status -eq "error") { $message = "Error mapping " + $global:ipaddress + " to user '" + $global:strDomain + "\" + $global:UserName + "' on firewall " + $global:strFirewallIP + ": " + $XmlDocument.FirstChild.result.msg AddLog $message } else { $message = "Sucessfully mapped " + $global:ipaddress + " to user '" + $global:strDomain + "\" + $global:UserName + "' on firewall " + $global:strFirewallIP AddLog $message 1 } } catch [Net.WebException] { [System.Net.HttpWebResponse] $resp = [System.Net.HttpWebResponse] $_.Exception.Response $message = "Error:" + [string]$resp AddLog $message } } Catch { $ErrorMessage = $_.Exception.Message $FailedItem = $_.Exception.ItemName [string]$message = $FailedItem + " failed with message " + $ErrorMessage AddLog $message Break }
Keep in mind! The script should run under the logged in users credentials (otherwise it would detect the computers login name or a scheduled login name).
Furthermore: The user should be able to access the script, which is a potential risk, cause this alse reveals the API key to the firewall.
Anyway: this script should get you started.
You can check or the XML request was successful in the log file and on the firewall (run “show user ip-user-mapping ip [ip]”)
02-17-2017 02:15 PM - edited 02-17-2017 02:18 PM
Thanks for the code, but as you know not all windows have the powershell
Also I need to use API on userID windows agents not the firewall itself
I got vbscript that can get the info I want and save it in a test file, now I might use the powershell in the userid agent machine and get that text file from the users (or maybe I will let the script in the user machine send it to userid agent machine.
it is very simple and I'm still modifying it
strMsg = "" strComputer = "." Set objNetwork = CreateObject("Wscript.Network") Set objWMIService = GetObject("winmgmts:" & "{impersonationLevel=impersonate}!\\" & strComputer & "\root\cimv2") Set IPConfigSet = objWMIService.ExecQuery("Select IPAddress from Win32_NetworkAdapterConfiguration WHERE IPEnabled = 'True'") For Each IPConfig in IPConfigSet If Not IsNull(IPConfig.IPAddress) Then For i = LBound(IPConfig.IPAddress) to UBound(IPConfig.IPAddress) If Not Instr(IPConfig.IPAddress(i), ":") > 0 and ( Instr(IPConfig.IPAddress(i), "X.X") >0 or Instr(IPConfig.IPAddress(i), "X.Y") >0) Then strMsg = strMsg & IPConfig.IPAddress(i) & " " & objNetwork.UserName & vbcrlf End If Next End If Next WScript.Echo strMsg
Click Accept as Solution to acknowledge that the answer to your question has been provided.
The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!
These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!
The LIVEcommunity thanks you for your participation!