Batch file to search cached profiels for local data

[haywoodjim]

I am trying to create a script that scans cached user desktops against a copy of expected desktop icons looking for unexpected files and folders. I have managed to get the script to function but it only finds files and is not able to find folders.

Domain users have a predefined set of desktop icons that are copied to their profile on logon using a logon script. As an example let's say the icons are currently copied from %logonserver%\icons

All users should therefore only have the icons contained in "%logonserver%\icons" on their desktop.

For every cached profile on the system the script scans "%userprofile%\Desktop" against "%logonserver%\icons" to check for any unexpected icons/content.

This script is working fine and finds all files that users have saved to their desktops but it is unable to find folders or files in folders.

If there is a folder on the users desktop that contains files e.g %userprofile%\Desktop\Images. The folder and files within are not detected.

How do I make it also scan subfolders?

Once I have this functioning I am going to extend the script to copy the unexpected fiels to a datatrans folder on the server but need to get this phase working correctly first.

Here's the script so far:

Code: Select all

REM change core variable to the location of a copy of all expected desktop icons/files

@echo off

if exist results.txt del results.txt

setlocal enableDelayedExpansion

::*****************************************************************************************
set core=\\servername\icons
::******************************************************************************************


echo                                                                            James@Drift
echo.
echo This script searches all local user desktop folders for unexpected content
echo This script is currently scanning the local desktop folder against...
echo %core% (If this location is incorrect you will be prompted to change it)

timeout 5

if exist %core% goto start
if not exist %core% goto setcore


:setcore
cls
echo.
echo Invalid location detected, please enter correct location.
echo.
echo Core location is the location of a folder that contains all standard desktop icons which can be compared against local profiles.
echo i.e \\servername\icons
echo.
SET /P core=Enter Core location here = 
echo you have entered %core%
pause


:start

if not exist %core% goto setcore

setlocal enableDelayedExpansion
set core=%logonserver%\icons
echo Here's what was found:>>RESULTS.TXT
echo. >>RESULTS.TXT


for /f "delims=*" %%N in ('dir C:\users\ /b') do (
set /A count=0
set sn=%%N
set custom=C:\users\!sn!\Desktop
set folderCt=0
for /f "eol=: delims=" %%G in ('dir /B %core%') do (
  set /a folderCt+=1
  set "folder!folderCt!=%%G"
)

set folderCt=0
for /f "eol=: delims=" %%G in ('dir /B !custom!') do (
  set /a folderCt+=1
  set "folder!folderCt!=%%G"
)


for %%b in ("!custom!\*.*") do (
if exist "%core%\%%~nxb" title scanning !sn!
if not exist "%core%\%%~nxb" echo. & echo !sn! - Unexpected File Detected>>RESULTS.TXT   & echo "%%b">>RESULTS.TXT
)
echo.
)
cls
pause
title Scan Complete
echo All local users scanned, see results.txt for a list of unexpected content.
REM start "" "viewresults.vbs"

REM I normaly use the above line but viewing in notepad will do for now!
start "" "results.txt"

SET /P ANSWER=Do you wish to delete the results txt file on exit (Y/N)? 
echo You chose: %ANSWER% 
if /i {%ANSWER%}=={y} (goto :yes) 
if /i {%ANSWER%}=={yes} (goto :yes) 
goto :no 


:yes 
del results.txt
exit /b 0 

:no 
exit /b 1 

[Squashman]

Look at the help for the DIR command.
Look at the /S and /A options.

[foxidrive]

Your code makes a song and dance about setting the core variable, and then you reset it to another variable in set core=%logonserver%\icons

[haywoodjim]

Haha. So it does.

My actual script never uses the %logonserver% variable as I find it can cause problems. I just bunged that in there for the purpose of this post. (for testing on standalone machines I normally set core as C:\users\public\desktop)

I have tried the following;

Code: Select all

set folderCt=0
for /f "eol=: delims=" %%G in ('dir [b]/s[/b] /B !custom!') do (
  set /a folderCt+=1
  set "folder!folderCt!=%%G"
)

This just returns the same results?!

[foxidrive]

Please explain further, you last code has [b] here and there which will cause errors, and we have no idea what is in the variable and what is in the directory, nor what you expect to happen.

Why is eol set to : ?

[haywoodjim]

OK.

That's a valid point. There is no reason for EOL being set to :

Here is a modified code I have tried which includes the /s for the dir commands and removes the EOL.

For the purpose of testing this simplified version just checks all users desktops for any desktop content that is not in C:\Users\Public\desktop

All I need is for it to find folders as well as files! It took me a long time to get this far!

Code: Select all

:start

setlocal enableDelayedExpansion
set core=C:\users\public\desktop
echo Here's what was found:>>RESULTS.TXT
echo. >>RESULTS.TXT


for /f "delims=*" %%N in ('dir C:\users\ /b') do (
set /A count=0
set sn=%%N
set custom=C:\users\!sn!\Desktop
set folderCt=0
for /f "delims=" %%G in ('dir /S /B %core%') do (
  set /a folderCt+=1
  set "folder!folderCt!=%%G"
)

set folderCt=0
for /f "delims=" %%G in ('dir /S /B !custom!') do (
  set /a folderCt+=1
  set "folder!folderCt!=%%G"
)


for %%b in ("!custom!\*.*") do (
if exist "%core%\%%~nxb" title scanning !sn!
if not exist "%core%\%%~nxb" echo. & echo !sn! - Unexpected File Detected>>RESULTS.TXT   & echo "%%b">>RESULTS.TXT
)
echo.
)
cls
pause
title Scan Complete
echo All local users scanned, see results.txt for a list of unexpected content.
start "" "results.txt"
Pause
Exit

Adding the /s commands to the two for loops as shown made no change, what am I doing wrong?

[haywoodjim]

I pressume it's this section that is causing the problem;

Code: Select all

for %%b in ("!custom!\*.*") do (
if exist "%core%\%%~nxb" title scanning !sn!
if not exist "%core%\%%~nxb" echo. & echo !sn! - Unexpected File Detected>>RESULTS.TXT   & echo "%%b">>RESULTS.TXT
)

[haywoodjim]

OK

I've done it, it was indeed that section causing the problems.

here is the working code:

Code: Select all

@echo off

:*****************************************************************************************
set core=c:\users\public\desktop
:******************************************************************************************


echo                                                                     James@Drift
echo.
echo This script searches all local user desktop folders for unexpected content
echo This script is currently scanning the local desktop folder against...
echo %core% & echo(If this location is incorrect you will be prompted to change it)

timeout 5

if exist %core% goto start
if not exist %core% goto setcore


:setcore
cls
echo.
echo Invalid location detected, please enter correct location.
echo.
echo Core location is the location of a folder that contains all standard desktop icons which can be compared against local profiles.
echo i.e %logonsrver%\icons
echo.
SET /P core=Enter Core location here = 
echo you have entered %core%
pause


:start

if not exist %core% goto setcore

setlocal enableDelayedExpansion
echo Here's what was found:>>RESULTS.TXT
echo. >>RESULTS.TXT


for /f "delims=*" %%U in ('dir C:\users\ /b') do (
set /A count=0
set sn=%%U
set custom=C:\users\!sn!\Desktop
set folderCnt=0
for /f "delims=" %%F in ('dir /s /B %core%') do (
  set /a folderCnt+=1
  set "folder!folderCnt!=%%F"
)

::build "array" of folders
set folderCnt=0
for /f "delims=" %%F in ('dir /s /B !custom!') do (
  set /a folderCnt+=1
  set "folder!folderCnt!=%%F"
)


for /f "delims=*" %%a in  ('dir /s /b "!custom!\*.*"') do (
if exist "%core%\%%~nxa" title scanning !sn!
if not exist "%core%\%%~nxa" echo. & echo !sn! - Unexpected File Detected>>RESULTS.TXT   & echo "%%a">>RESULTS.TXT
)
echo.
)
cls
pause
title Scan Complete
echo All local users scanned, see results.txt for a list of unexpected content.
start "" "results.txt"
pause
exit

The only issue I have with this now is that there is one specific folder on all desktops that i want it to ignore, this folder is called "Software Resources" and contains shortcuts to all installed software on the machine.

Could I perhaps just scan and delete any lines in the results.txt that contain "software resources"? Or is there a better way of achieving this?

Thanks

[foxidrive]

delims=* is setting the delimiter to a * when what you want to do is use "delims=" so that there are no delimiters in use.

[foxidrive]

What you should do is use these two commands and the examine the files, to see what they produce.

dir c:\users /b /s /a:d >logA.txt
dir c:\users /b /s /a:-d >logB.txt

[haywoodjim]

Ok, I have removed the 8 from the two delims=* and get the same results still.

Also tried those two commands, so a:d lists folders and a:-d lists files too?

Interesting, although how does this help me exclude the "software resources" folder from my scan?

For now I've achieved what i wanted by editing this section of the code as so;

Code: Select all

for /f "delims=" %%a in  ('dir /s /b "!custom!\*.*"') do (
if exist "%core%\%%~nxa" title scanning !sn!
if not exist "%core%\%%~nxa" echo "%%a">>RESULTS.TXT
)
echo.
)

::removes all references to software resources from results!

findstr /v "Software Resources" results.txt > newresults.txt

start "" "newresults.txt"

[foxidrive]

Also tried those two commands, so a:d lists folders and a:-d lists files too?

Interesting, although how does this help me exclude the "software resources" folder from my scan?

/a:-d only list files. /a:d lists folders

You then have a list of all files in a user profile when you create the list using the username.