This Powershell script is pieced together from a handful of source (noted in script) that will return mapped drives of remote computers of ALL the users.
# cooked by Rich Kreider# bits and pieces from: https://gist.github.com/881412 # http://technet.microsoft.com/en-us/library/ff730940.aspx # http://andrew-henderson.me.uk/computing/powershellmenu/182-powershellgetremoteloggedonusername # http://serverfault.com/questions/81797/script-to-list-current-users-mapped-network-drives # http://www.experts-exchange.com/Programming/Languages/Scripting/Powershell/Q_25075337.html # http://msdn.microsoft.com/en-us/library/windows/desktop/aa394194(v=vs.85).aspx # http://blogs.msdn.com/b/powershell/archive/2006/11/03/erroraction-and-errorvariable.aspx # http://blogs.msdn.com/b/dmuscett/archive/2009/05/27/get_2d00_wmicustom.aspx # http://poshcode.org/882 # http://blogs.technet.com/b/heyscriptingguy/archive/2005/10/27/how-can-i-determine-which-drives-are-mapped-to-network-shares.aspx #$objUser = New-Object System.Security.Principal.NTAccount("fabrikam", "jdoe") # get logged on user #$loggedOn = gwmi win32_computersystem -ComputerName . -namespace "rootcimv2" # the following gets username and sid #$objUser = new-object system.security.principal.ntaccount("fabrikam", #$loggedOn.username.split("")[1]) #$strSID = #$objUser.Translate([System.Security.Principal.SecurityIdentifier]) #"SID: "+$strSID.Value #"Username: "+$loggedOn.UserName.split("")[1] $saveAs = 'c:ManualMappings.csv' $ErrorActionPreference="SilentlyContinue" $USE_ADS=False # Set this to false if you don't have Quest ActiveRoleManagement snapin. You can download: http://www.quest.com/powershell/activeroles-server.aspx function getData($data) { write-host "`tEnumerating SubKeys" foreach ($key in $HKU.GetSubKeyNames()) { $keys = $HKU.OpenSubKey($key + 'Network') # Move on to the next $key if the 'Network' sub key is empty or non-existent if ($keys.SubKeyCount -le 0) { continue } # Iterate through each drive letter (a corresponding key name) and output drive mapping foreach ($driveletter in $keys.GetSubKeyNames()) { $values = $keys.OpenSubKey($driveletter) # Attempt to translate the SID into a friendly username try { $sid = New-Object System.Security.Principal.SecurityIdentifier($key) $user = $sid.Translate([System.Security.Principal.NTAccount]) } # Fallback to displaying SID catch { $user = $key } # Output result to file specified in $saveAs $matches.name+",$user,$driveletter," + $values.GetValue('RemotePath') | Add-Content $saveAs } } write-host "`tDone" } if ($USE_ADS -eq $TRUE) { add-pssnapin quest.activeroles.admanagement $computers = get-qadcomputer | foreach-object {$_.name} } else { $computers=switch -regex (net view) { "^(? S+)s+" { $matches.name }} } foreach ($computer in $computers) { write-host "Trying " $computer $HKU = [Microsoft.Win32.RegistryKey]::OpenRemoteBaseKey('Users', $computer) if ($? -eq $FALSE) # $? is a Boolean value that holds the status of the last operation: success or failure. { write-host "`tRemoteRegistry Connect Fail" # maybe remote registry wasn't enabled, try enabling and run again write-host "`tAttempting to start RemoteRegistry" (gwmi win32_service -filter "Name='RemoteRegistry'" -computer $computer -ea silentlycontinue).invokemethod("StartService",$null) | out-null if ($? -eq $FALSE) { write-host "`tNot able to start RemoteRegistry" } else { write-host "`tRemoteRegistry Started" $HKU = [Microsoft.Win32.RegistryKey]::OpenRemoteBaseKey('Users', $computer) if ($? -eq $FALSE) { write-host "`tFailed to Connect and Start RemoteRegistry" } else { write-host "`tRemoteRegistry Connected" $computer+",N/A,N/A,N/A" | add-content $saveAs } } } else { write-host "`tRemoteRegistry Connected" getData($HKU.GetSubKeyNames()) } } #end-foreach
There’s probably a handful of issues with this but I at least wanted to get the script up so I could reference it. I’ll clean it up when I get some free time and make it work faster/better but I just don’t have the time right now.