Every once in a while, I sit straight up in my chair and think aloud "HOLY SH*T - THAT'S COOL!" It doesn't happen very often - but when it does, the reaction is involuntarily audible. The last time it happened was when I discovered the usefulness of a program called
AIDA32 for auditing the firm's networked workstations.
AIDA32 is a small program, with a small network footprint that accomplishes some BIG auditing tasks. Triggered by a command line in your login script, AIDA32 will quickly scour (and I mean SCOUR) each workstation whenever a user logs onto your network. Each login generates a csv report containing a level of detail that is, quite honestly, beyond frightening (read the whole list, slowly):
Computer name, user name, operating system (including service pack), logon domain, motherboard name and chipset, memory, bios type, comm ports, video adapter(s), monitor(s), audio adapter, disk drive(s), optical drives, keyboard, mouse, ip address, MAC address, network adapter, modem, printer drivers, usb devices, cpu type, original clock speed, physical memory free / used, swap space, OS installation date, OS ID, OS Key, computer uptime, database drivers, monitor manufacture week and year, monitor serial number, physical drive partition type & size, date DHCP lease was obtained (and is set to expire), MTU, connection speed, the name and version of EVERY PIECE OF SOFTWARE INSTALLED, all processes and services, whether Windows Update is turned on and when the updates are scheduled to install, all Microsoft fixes, and the name of the anti virus software and dat versions installed.
And, believe it or not, that's the scaled back report - 500 lines on average - dumped into a csv file and named based on the user id, computer name, and date / time of login. I forgo the feature that allows me to capture the user's entire internet browsing history and cookies (seriously). I created two separate network shares - one to hold the exe and one for the reports - assigning different rights to each share. The AUDIT share allows users to read and execute and that's where I store the executable and the parameters for the report to be generated. The AUDITREPORTS share allows users to write and list the contents of the directory, but not to open or read the reports - that way they can't snoop through anyone else's reports. A professional
User Guide is also available.
You can configure the program to run every time the user logs in - or at whatever other interval you might prefer. The program runs silently and users are, therefore, not even aware of the process. You can, if you choose, load the program as a TSR on each workstation - allowing you to query the computer at any time. When a user reports a problem with their computer, the AIDA32 report logs are my first stop in diagnosing the problem.
A very cool program named
Excel Compare allows us to generate a report of the differences between two Excel (or csv) files. Thus, we start with the problematic workstation's most recent report and compare it against the next most recent report from the same workstation. Excel Compare generates the report in about 3 seconds - and pinpoints what changed on the workstation. Those differences are the prime suspects in determining what caused the problem. Sometimes, the issues trace to a new software update - or some ridiculous program the user saw fit to install themselves so they could insert smiley faces in their corporate email.
Did I mention that AIDA32 is free?
