1

我正在尝试创建一个脚本,该脚本将连接到 IP 地址范围内的远程计算机,然后回显其中哪些正在运行 explorer.exe 进程。

当我在小范围内(10.2.1.1 - 10.2.1.10)运行脚本时,我知道 10.2.1.4 处于脱机状态,并且 10.2.1.9 和 10.2.1.10 不是基于 Windows 的计算机,因此应该回显“Explorer.exe 是没有运行”,但似乎并非如此。它们似乎返回与前一个服务器相同的结果。例如,10.2.1.3 有 3 个 Explorer.exe 实例和 echo 的 3 次,然后我得到相同的结果 10.2.1.4 离线。

我的脚本如下:

On Error Resume Next

intStartingAddress = InputBox("Please enter a starting address: (e.g. 1)", "Starting Address")
intEndingAddress = InputBox("Please enter an ending address: (e.g. 254)", "Ending Address")
strSubnet = InputBox("Please enter a subnet excluding the last octet: (e.g. 10.2.1.)", "Subnet")

For i = intStartingAddress to intEndingAddress
    strComputer = strSubnet & i

    Set objWMIService = GetObject("winmgmts:" & "{impersonationLevel=impersonate}!\\" & strComputer & "\root\cimv2")

    Set colProcess = objWMIService.ExecQuery("Select * From Win32_Process Where Name = 'Explorer.exe'")

    For Each objProcess in colProcess
        If colProcess.Count > 0 Then
            Wscript.Echo strComputer & " Explorer.exe is running."
        Else
            Wscript.Echo strComputer & " Explorer.exe is not running."
        End If
    Next
Next

Wscript.Echo "That's all folks!"
4

2 回答 2

1

首先:我会将 colProcess.Count 检查移到 colProcess 循环之前。如果对象中没有集合,您将不会得到回显响应。

第二:我会在 WMI 查询中测试一个值,例如 ProcessID,并检查它是否为 Null 或者它是否有一个值,这意味着它实际上正在运行。

intStartingAddress = InputBox("Please enter a starting address: (e.g. 1)", "Starting Address")
intEndingAddress = InputBox("Please enter an ending address: (e.g. 254)", "Ending Address")
strSubnet = InputBox("Please enter a subnet excluding the last octet: (e.g. 10.2.1.)", "Subnet")

For i = intStartingAddress to intEndingAddress
    strComputer = strSubnet & i

    Set objWMIService = Nothing

    On Error Resume Next
    Set objWMIService = GetObject("winmgmts:" & "{impersonationLevel=impersonate}!\\" & strComputer & "\root\cimv2")
    On Error Goto 0

    If objWMIService Is Nothing Then
        Wscript.Echo strComputer & " Explorer.exe is not running."
    Else
        Set colProcess = objWMIService.ExecQuery("Select * From Win32_Process Where Name = 'Explorer.exe'")

        If colProcess.Count = 0 Then
            Wscript.Echo strComputer & " Explorer.exe is not running."
        Else
            For Each objProcess in colProcess
                If IsNull(objItem.ProcessID) Or Not IsNumeric(objItem.ProcessID) Then
                    Wscript.Echo strComputer & " Explorer.exe is not running."
                Else
                    Wscript.Echo strComputer & " Explorer.exe is running. (Process ID: " & objItem.ProcessID & ")"
                End If
            Next
        End If
    End If
Next

Wscript.Echo "That's all folks!"

编辑:如 Ansgar Wiechers 所指出的,考虑到 WMI 查询的修改脚本将在非 Windows 操作系统上失败。

于 2013-10-09T06:13:17.260 回答
1

是什么让您相信非 Windows 计算机首先会响应 WMI 查询?对于大多数非 Windows 计算机,声明

Set objWMIService = GetObject("winmgmts:" _
  & "{impersonationLevel=impersonate}!\\" _
  & strComputer & "\root\cimv2")

只会失败,因为它们不支持 WMI(Windows Management Instrumentation 的缩写)。由于此错误,objWMIService对象与前一个循环周期中的对象保持一致,因此您的后续指令会查询您之前执行的同一主机。但是,您永远不会看到错误,因为它被全局On Error Resume Next.

这可以通过删除全局On Error Resume Next并更改此循环来缓解:

For i = intStartingAddress to intEndingAddress
  strComputer = strSubnet & i

  Set objWMIService = GetObject("winmgmts:" & "{impersonationLevel=impersonate}!\\" & strComputer & "\root\cimv2")

  ...
Next

变成这样的东西:

For i = intStartingAddress to intEndingAddress
  strComputer = strSubnet & i
  Set objWMIService = Nothing

  On Error Resume Next
  Set objWMIService = GetObject("winmgmts:{impersonationLevel=impersonate}!\\" _
    & strComputer & "\root\cimv2")
  On Error Goto 0

  If Not objWMIService Is Nothing Then
    ...
  Else
    WScript.Echo strComputer & " cannot be accessed."
  End If
Next

通过将上述内容与 ping 测试相结合,您可以区分无法访问的计算机和似乎未运行 Windows 的计算机:

Set wmi = GetObject("winmgmts://./root/cimv2")

qry = "SELECT * FROM Win32_PingStatus WHERE Address='" & strComputer & "'"
For Each ping In wmi.ExecQuery(qry)
  reachable = (0 = ping.StatusCode)
Next

If reachable Then
  If objWMIService Is Nothing Then
    'computer is not running Windows
  Else
    'computer is running Windows
  End If
Else
  'computer is offline
End If
于 2013-10-09T18:05:59.170 回答