Enhanced Security Measures in Place: To ensure a safer experience, we’ve implemented additional, temporary security measures for all users.
10-20-2016 02:01 PM
01-02-2017 05:05 AM
How about a powershell script?
To schedule this script as a task you should configure the action properties as follow:
Program/Script: powershell
Add Argument: ./UserID.ps1
Start in: <path where you placed the script>
##################################################################################
#
# Script name: UserID.ps1
#
##################################################################################
[string]$global:strFirewallIP = "FirewallsIP"
[string]$global:strFirewallAPI = "FirewallsAPI"
[string]$global:strDomain = "DOMAINNAME"
[string]$global:strVsys = "vsys1"
[string]$global:strTimeout = "120"
[string]$global:strLogLevel = "1" # 0: Errors only, 1: Normal Logging, 2: Verbose logging
[string]$global:strLogPath = "UserID.log"
Function AddLog
{
param([string]$strMessage, [string]$strLevel = 0)
If ([int]$global:strLogLevel -gt $strLevel -1)
{
$ct = Get-Date -Format "yyyy-MM-dd HH:mm:ss.fff"
$logmessage = [string]$ct + " - " + $strMessage
add-content -Path $global:strLogPath -Value $logmessage -Force
}
}
Try
{
$message = "Script Launched"
AddLog $message 2
[string]$global:UserName = [Environment]::UserName
[string]$global:ipaddress = $(ipconfig | where {$_ -match 'IPv4.+\s(\d{1,3}\.\d{1,3}\.\d{1,3}\.\d{1,3})' } | out-null; $Matches[1])
$message = "Found username " + $global:UserName + " with ip address " + $global:ipaddress
AddLog $message 2
[string]$strXMLLine = "<uid-message><version>1.0</version><type>update</type><payload><login><entry name=""" + $global:strDomain + "\" + $global:UserName + """ ip=""" + $global:ipaddress+ """ timeout=""" + $global:strTimeout + """/></login></payload></uid-message>"
[string]$strEncodedXMLLine = [uri]::EscapeDataString($strXMLLine)
$message = "Posting mapping to firewall " + $global:strFirewallIP + ": " + $strXMLLine
AddLog $message 2
[string]$url = "https://" + $global:strFirewallIP + "/api/?key=" + $global:strFirewallAPI + "&type=user-id&vsys=" + $global:strVsys + "&cmd=" + $strEncodedXMLLine
[System.Net.HttpWebRequest]$request = [System.Net.HttpWebRequest] [System.Net.WebRequest]::Create($url)
$request.Method = "POST"
$request.ContentType = "text/xml"
[System.Net.ServicePointManager]::ServerCertificateValidationCallback = {$true}
$message = "Finished Post."
AddLog $message 2
try
{
[System.Net.HttpWebResponse]$response = [System.Net.HttpWebResponse]$request.GetResponse()
$sr = New-Object System.IO.StreamReader($response.GetResponseStream())
[Xml]$xmlResponse = $sr.ReadToEnd()
if ([string]$xmlResponse.FirstChild.status -eq "error")
{
$message = "Error mapping " + $global:ipaddress + " to user '" + $global:strDomain + "\" + $global:UserName + "' on firewall " + $global:strFirewallIP + ": " + $XmlDocument.FirstChild.result.msg
AddLog $message
}
else
{
$message = "Sucessfully mapped " + $global:ipaddress + " to user '" + $global:strDomain + "\" + $global:UserName + "' on firewall " + $global:strFirewallIP
AddLog $message 1
}
}
catch [Net.WebException]
{
[System.Net.HttpWebResponse] $resp = [System.Net.HttpWebResponse] $_.Exception.Response
$message = "Error:" + [string]$resp
AddLog $message
}
}
Catch
{
$ErrorMessage = $_.Exception.Message
$FailedItem = $_.Exception.ItemName
[string]$message = $FailedItem + " failed with message " + $ErrorMessage
AddLog $message
Break
}
Keep in mind! The script should run under the logged in users credentials (otherwise it would detect the computers login name or a scheduled login name).
Furthermore: The user should be able to access the script, which is a potential risk, cause this alse reveals the API key to the firewall.
Anyway: this script should get you started.
You can check or the XML request was successful in the log file and on the firewall (run “show user ip-user-mapping ip [ip]”)
02-17-2017 02:15 PM - edited 02-17-2017 02:18 PM
Thanks for the code, but as you know not all windows have the powershell
Also I need to use API on userID windows agents not the firewall itself
I got vbscript that can get the info I want and save it in a test file, now I might use the powershell in the userid agent machine and get that text file from the users (or maybe I will let the script in the user machine send it to userid agent machine.
it is very simple and I'm still modifying it
strMsg = ""
strComputer = "."
Set objNetwork = CreateObject("Wscript.Network")
Set objWMIService = GetObject("winmgmts:" & "{impersonationLevel=impersonate}!\\" & strComputer & "\root\cimv2")
Set IPConfigSet = objWMIService.ExecQuery("Select IPAddress from Win32_NetworkAdapterConfiguration WHERE IPEnabled = 'True'")
For Each IPConfig in IPConfigSet
If Not IsNull(IPConfig.IPAddress) Then
For i = LBound(IPConfig.IPAddress) to UBound(IPConfig.IPAddress)
If Not Instr(IPConfig.IPAddress(i), ":") > 0 and ( Instr(IPConfig.IPAddress(i), "X.X") >0 or Instr(IPConfig.IPAddress(i), "X.Y") >0) Then
strMsg = strMsg & IPConfig.IPAddress(i) & " " & objNetwork.UserName & vbcrlf
End If
Next
End If
Next
WScript.Echo strMsg
Click Accept as Solution to acknowledge that the answer to your question has been provided.
The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!
These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!
The LIVEcommunity thanks you for your participation!
