Querying Installed Software Remotely

Email this Article

Printer-Friendly

View Reader Comments

[February 12, 2004]
Querying Installed Software Remotely
Perform simple software audits easily and quickly
By: Steve Seguis
Feature
InstantDoc #41505
Web Exclusive from Windows IT Pro

DOWNLOAD THE CODE:

You can't anticipate how many words the application name will contain, but you can count on the application name always being the last set of words in the output string starting from the third word. Thus, the script uses the command sequence that callout B shows to capture the entire application name. In this command sequence, the switch "Tokens=1,2,*" %%i tells the For command that you want to capture column 1 in the %%i variable, column 2 in the %%j variable, and the remaining text, starting from the third word, in the %%k variable. If you want to suppress the REG_SZ and Displayname strings, you simply output only the third token. Because you started the token count by using the variable %%i, the %%k variable will contain the third token. (If you're unfamiliar with iterator variables such as %%i, see "Shell Scripting 101, Lesson 8," http://www.winnetmag.com/windowsscripting, InstantDoc ID 21984.)

The %%k variable is the parameter you want to pass to the :getappname section of code, which callout C shows. This code outputs the application name. You could omit using a separate section of code to output the application name by using the Echo command as part of the For loop. However, I chose not to do so because some applications don't have a display name, which means that the %%k variable would be empty. The code in the :getappname section accounts for this variation. Rather than displaying a blank line if the displayname value is missing, the script goes to the end of the file and quits.

Running the Script
QueryInstalledSoftware.cmd has only one dependency: The reg.exe utility must be in the same directory as the script or in a directory that's part of the user or system path. I tested this script on Win2K Service Pack 3 (SP3) and SP4 and on NT 4.0 SP6a. The script also should work with Windows XP, but note that although XP has a built-in reg.exe command, its version doesn't let you query the registries of remote computers. You'll need to obtain the version of reg.exe that lets the \\computername parameter query remote workstations and servers.

Using the Script
This highly functional but simple script remotely displays a list of applications installed on a computer, which might not seem too exciting. However, the script also lists installed hotfixes as part of its output, which can be useful when you're trying to determine whether any of your workstations or servers are vulnerable to attack because a hotfix wasn't installed. If you want to use this script for auditing your entire network, all you need to do is to run the script once for each workstation on your network.

End of Article

Prev. page 1 [2] next page -->

You must log on before posting a comment.

If you don't have a username & password, please register now.

Reader Comments

<P>The XP version of reg.exe does query the registries of remote computers. The syntax is \\computer\FullKey. Only HKLM and HKU are available on remote computers.</P>

Eric Case- February 17, 2004

<P>Just FYI. The WXP vergion of REG.EXE does allow you to query remote machines. It just has a slightly different syntax. Instead of <BR> <BR> <DD>Reg query HKLM\.... \\%machine%<BR> <BR>it is expecting <BR> <BR> <DD>Reg query \\%machine%\HKLM\....<BR> <BR> Same as the version that comes with W2K resource kit.</P>

Eric J. Wang- February 18, 2004

<P>I keep getting the following error when I run this program: <I>Installed Software for *machine name*. The syntax of the command is incorrect.</I> I believe the code in callout B in QueryInstalledSoftware.cmd is in error but I just can't "see" the actual error.</P> <P><B>A note from Steve:</B> Without more information, it's hard to tell whether there’s an error with the code or if the code was copied incorrectly. If you email me (steve@seguis.com) a copy of the script you’re using and the command you’re typing to execute the script, I should be able to find out. </P>

B. Nicholl- March 05, 2004

<P>If you change the code:<BR> <BR> <DD>If %ERRORLEVEL% EQU 0 Echo %targetcomp% is <BR> <DD>unavailable at this time & Goto :EOF<BR> <BR> to <BR> <BR> <DD>If %ERRORLEVEL% EQU 1 Echo %targetcomp% is <BR> <DD>unavailable at this time & Goto :EOF <BR> <BR> it's going to continue the script.</P>

Gustavo Pinto- March 16, 2004

<P>This is the right command-line code to get remote computer info <BR> <BR> <DD>For /f "tokens=1,2,*" %%i in <BR> <DD>('Reg Query \\%targetcomp%\HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall <BR> <DD> /S ^| Find /I "DisplayName" ^| Find /V /I "Quiet"')</P>

Gustavo Pinto- March 16, 2004

for /f "tokens=*" %%a in ('reg query hklm\software\microsoft\windows\currentversion\uninstall') do ( for /f "tokens=*" %%b in ('reg query %%a /v displayname ^| find "displayname" /I') do echo "%%b")

browolf- May 24, 2006

Article Rating 5 out of 5

Having made the changes noted by Gustavo, I still get a "syntax of the command is incorrect" error running the batch. However, if I run the 'Reg Query...' component on it's own at the command prompt, I get output.

I'm really not sure what's wrong!

nqetech- February 28, 2008

Article Rating 5 out of 5

ADS BY GOOGLE

	SQL Server Magazine Register Subscribe FAQ for Windows WinInfoNews
	Contact Us / Customer Service Editorial Calendar Media Kit Affiliates / Licensing Technology Resource Directory
	Windows IT Pro Office & SharePoint Pro Windows Dev Pro IT Library Connected Home Windows Excavator SuperSite IT Job Hound ITTV

	Copyright © 2008 Penton Media, Inc. All rights reserved. Terms and Use Privacy Statement Reprints and Licensing