1.策略效果:
如图所示可现实登录域账号后,在屏幕右下角显示如下:登录名、域名、计算机名称、登录时间、IP地址等相关信息(主要是通过WMI抓取相关信息)
附件:Bginfo
WMI筛选器语法范例
Bginfo官方下载地址
2.Bginfo使用方法:
1.打开Bginfo软件,设置好需要显示的内容和显示位置,以及背景桌面
2.另存为一个名为Bginfo.bgi的文件(和Bginfo.exe放在同一个目录下),Bgi为文件的扩展名
3.使用域管理员账号登录电脑,并访问到\\hbgslz.com\netlogon\共享目录,再里面新建名为Bginfo的文件夹,并将Bginfo.exe和Bginfo.bgi两个文件放到该文件夹下。
注意:如果不需要自定义脚本,以上两个就可以保证正常执行,因为我有自定义显示IPv4,和桌面背景设置,所以该文件夹下显示的文件很多。
4.配置Bginfo文件夹权限,保证通过验证的用户能读取和运行这个软件
5.点击高级按钮,注意如下红色标注,确保权限应用到Bginfo文件夹下的所有文件和子文件夹
3.策略部署:
策略:用户配置-策略-Windows设置-脚本-登录
Bginfo.bat脚本:井号内为脚本内容
############################################################
@echo off Del C:\Users\%username%\AppData\Local\Temp /Q net use z: \\hbgslz.com\netlogon\Bginfo z: bginfo.exe bginfo.bgi /timer:00 /nolicprompt net use z: /del /y
###########################################################
附:
1.Only IPv4 Address.vbs
####################################################################################
' Special BGInfo Script
' Only IPv4 Address v1.7
' Programmed by WindowsStar - Copyright (c) 2009-2011
' --------------------------------------------------------
strComputer = "."
On Error Resume Next
Set objWMIService = GetObject("winmgmts:" & "{impersonationLevel=impersonate}!\\" & strComputer & "\root\cimv2")
Set colSettings = objWMIService.ExecQuery ("SELECT * FROM Win32_NetworkAdapterConfiguration where IPEnabled = 'True'")
For Each objIP in colSettings
For i=LBound(objIP.IPAddress) to UBound(objIP.IPAddress)
If InStr(objIP.IPAddress(i),":") = 0 Then Echo objIP.IPAddress(i)
Next
Next
######################################################################################
2.Only IPv6 Address.vbs
######################################################################################
' Special BGInfo Script
' Only IPv6 Address v1.7
' Programmed by WindowsStar - Copyright (c) 2009-2011
' --------------------------------------------------------
strComputer = "."
On Error Resume Next
Set objWMIService = GetObject("winmgmts:" & "{impersonationLevel=impersonate}!\\" & strComputer & "\root\cimv2")
Set colSettings = objWMIService.ExecQuery ("SELECT * FROM Win32_NetworkAdapterConfiguration where IPEnabled = 'True'")
For Each objIP in colSettings
For i=LBound(objIP.IPAddress) to UBound(objIP.IPAddress)
If InStr(objIP.IPAddress(i),":") <> 0 Then Echo objIP.IPAddress(i)
Next
Next
######################################################################################
3.Operating System Information.vbs
##############################################################################################################
' Special BGInfo Script
' Operating System Information v1.3
' Programmed by WindowsStar - Copyright (c) 2009-2010
' --------------------------------------------------------
strComputer = "."
Set objWMIService = GetObject("winmgmts:{impersonationLevel=impersonate}!\\" & strComputer & "\root\cimv2")
Set colOperatingSystems = objWMIService.ExecQuery ("Select * from Win32_OperatingSystem")
For Each objOperatingSystem in colOperatingSystems
OSCaption = Trim(Replace(objOperatingSystem.Caption,"Microsoft ",""))
OSCaption = Replace(OSCaption,"Microsoft","")
OSCaption = Replace(OSCaption,"(R)","")
OSCaption = Trim(Replace(OSCaption,",",""))
Echo OSCaption
Next
#############################################################################################################
4.OS Architecture.vbs
#############################################################################################################
' Special BGInfo Script
' OS Architecture v1.5
' Programmed by WindowsStar - Copyright (c) 2009
' ---------------------------------------------------
strComputer = "."
On Error Resume Next
Set objWMIService = GetObject("winmgmts:" & "{impersonationLevel=impersonate}!\\" & strComputer & "\root\cimv2")
Set colSettings = objWMIService.ExecQuery ("Select * from Win32_Processor")
For Each objComputer in colSettings
If objComputer.Architecture = 0 Then ArchitectureType = "32Bit"
If objComputer.Architecture = 6 Then ArchitectureType = "Intel Itanium"
If objComputer.Architecture = 9 Then ArchitectureType = "64Bit"
Next
Echo ArchitectureType
###############################################################################################################
5.常见WMI筛选
1. Active DNS - WMI Query - SELECT DNSServerSearchOrder FROM Win32_NetworkAdapterConfiguration where IPEnabled = 'True'
2. Active IP - WMI Query - SELECT IPAddress FROM Win32_NetworkAdapterConfiguration where IPEnabled = 'True'
3. Active MAC Address - WMI Query - SELECT MACAddress FROM Win32_NetworkAdapterConfiguration where IPEnabled = 'True'
4. Active Subnet Mask - WMI Query - SELECT IPSubnet FROM Win32_NetworkAdapterConfiguration where IPEnabled = 'True'
5. Manufacturer - WMI Query - SELECT Manufacturer FROM Win32_ComputerSystem
6. Model - WMI Query - SELECT Model FROM Win32_ComputerSystem
7. OS and Edition - Registry Value - HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\ProductName
8. OS Architecture - WMI Query - SELECT OSArchitecture FROM Win32_OperatingSystem
9. OS Architecture XP2K3 - Registry Value - HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\Environment\PROCESSOR_ARCHITECTURE
10. Workgroup - WMI Query - SELECT Workgroup FROM Win32_ComputerSystem