How do I check file dates on remote machines in my domain?

\[Editor’s Note: Some or all of the following FAQ text was submitted by a reader, Steven Yarnot.\]

A. The following batch file uses the for command to pipe a remote file’s day, month, and year into variables that you can use to determine whether the file needs maintenance or other attention. After the VBS/LoveLetter.A virus outbreak in May 2000, organizations needed a technique to quickly verify that their virus scanner software had the latest virus definitions. The following batch file uses the for command against a list of all the nodes in a domain. This batch file tests the Norton AntiVirus file definfo.dat’s age. The file definfo.dat updates during every live update. If the file is older than 05/08/2000, which is the definition date for the Lovebug virus and its first five variants, you’d need to instruct the target machine to run the live update.

At the command prompt, enter

Netdom /domain:DomainName member &gt; Nodelist.txt<br>
For /f "skip=7 tokens=1,2,3,4,5,6 delims=\ " %i in (Nodelist.txt) do NAVLUCheck.CMD %l 

where NAVLUCheck.CMD contains the following.

::NAVLUCheck.CMD By Steven Yarnot<br>
::script for checking Norton AntiVirus' Live Update on remote network machines<br>
::and reporting the results to a comma-delimited text file<br>
::05/10/2000<br>
::<br>
::arguments are as follows:<br>
::<br>
:: NAVLUCheck RemoteTargetNodeName<br>
:: <br>
:: Assumes your account has administrative access on the remote machine,<br>
:: NAV is installed under the Program Files directory on the C or D drive,<br>
:: and that the following <i>Microsoft Windows NT Resource Kit</i> tools are in your path:<br>
::<br>
:: netsvc.exe, soon.exe <br>
:: <br>
:: If a live update hasn&#8217;t run since 05/08/2000, uses the Schedule Service<br>
:: to schedule a live update to run 10 minutes from runtime<br>
:: (to account for clock differences)<br><br>
:: Initialize variables<br>
SET NAVLUYR=NoNAV<br>
SET NAVLUMO=NoNAV<br>
SET NAVLUDAY=NoNAV<br>
set scheduleit=no<br><br>
:: Test the C drive<br>
::<br>
:: Theory of operation: The output from the nested <i>dir</i> command on the remote machine<br>
:: passes to the <i>for</i> command, which then parses the output on spaces and the<br>
:: frontslash character. If the argument passed to %n is equal to the target file (in this<br>
:: case definfo.dat), the other arguments %i, %j, and %k are set on the month, day, and<br>
:: year variables<br>
::<br><br>
for /f "skip=4 tokens=1,2,3,4,5,6,7,8 delims=/ "  %%i in ('dir "\\%1\C$\PROGRAM FILES\COMMON FILES\SYMANTEC SHARED\VIRUSDEFS\definfo.dat" /t:w<br><br>
/-c') do if "%%n"=="DEFINFO.DAT" set NAVLUMo=%%i &amp;&amp; if "%%n"=="DEFINFO.DAT" Set NAVLUDay=%%j &amp;&amp; if "%%n"=="DEFINFO.DAT" set navluyr=%%k<br><br>
:: If not on the C drive, go test the D drive<br>
IF "NoNAV"=="%NAVLUYR%" GOTO TESTD<br>
::<br>
:: If running this file from a Windows NT 4.0 rather than Windows 2000 machine, change the 2000 to 00<br>
::<br>
if not "2000"=="%navluyr%" goto runlu<br>
if not "05 "=="%navlumo%" goto runlu<br>
if "01 "=="%navluday%" goto runlu<br>
if "02 "=="%navluday%" goto runlu<br>
if "03 "=="%navluday%" goto runlu<br>
if "04 "=="%navluday%" goto runlu<br>
if "05 "=="%navluday%" goto runlu<br>
if "06 "=="%navluday%" goto runlu<br>
if "07 "=="%navluday%" goto runlu<br><br>
:TESTD<br>
for /f "skip=4 tokens=1,2,3,4,5,6,7,8 delims=/ "  %%i in ('dir "\\%1\d$\PROGRAM FILES\COMMON FILES\SYMANTEC SHARED\VIRUSDEFS\definfo.dat" /t:w<br><br>
/-c') do if "%%n"=="DEFINFO.DAT" set NAVLUMo=%%i &amp;&amp; if "%%n"=="DEFINFO.DAT" Set NAVLUDay=%%j &amp;&amp; if "%%n"=="DEFINFO.DAT" set navluyr=%%k<br>
IF "NoNAV"=="%NAVLUYR%" GOTO Reportit<br>
if not "2000"=="%navluyr%" goto runlud<br>
if not "05 "=="%navlumo%" goto runlud<br>
if "01 "=="%navluday%" goto runlud<br>
if "02 "=="%navluday%" goto runlud<br>
if "03 "=="%navluday%" goto runlud<br>
if "04 "=="%navluday%" goto runlud<br>
if "05 "=="%navluday%" goto runlud<br>
if "06 "=="%navluday%" goto runlud<br>
if "07 "=="%navluday%" goto runlud<br><br>
goto reportit<br><br>
:runLU<br><br>
::<br>
::<br>
::<br><br>
NETSVC schedule \\%1 /start<br>
soon \\%1 600 cmd /c c:\progra~1\navnt\navlu32.exe /scheduled<br>
set scheduleit=yes<br><br>
goto reportit<br><br>
:runLUD<br>
NETSVC schedule \\%1 /start<br>
soon \\%1 600 cmd /c d:\progra~1\navnt\navlu32.exe /scheduled<br>
set scheduleit=yes<br><br><br>
:reportit<br>
:: Record results in a comma-delimited table<br>
::<br>
:: This process is simply triage. A PC that isn&#8217;t on the network when you run the file, a<br>
:: non-NT PC, or a PC that your account doesn&#8217;t have access to will show up as NoNAV.<br> 
::<br>
:: The Scheduleit variable will be Yes or No.  In this case, No is preferable and means that<br>
:: you don&#8217;t need to update the target PC.<br><br>
echo %1,%navluyr%,%navlumo%,%navluday%,%scheduleit% &gt;&gt; .\BatchResults\NAVLUCHECK.TXT

After a sweep in this fashion, you might want to run a similar sweep that schedules a virus scan.

Hide comments

Comments

  • Allowed HTML tags: <em> <strong> <blockquote> <br> <p>

Plain text

  • No HTML tags allowed.
  • Web page addresses and e-mail addresses turn into links automatically.
  • Lines and paragraphs break automatically.
Publish