Actually, it worked just fine for WinXP and Win2K3, because the whole command line is something like "c:\windows\cscript.exe" "<pathtoscript>\<scriptname>". Using RegExp, it's easy to ferret out the script name and compare it to Wscript.Scriptname. ..if the CommandLine property exists. So the upshot is, this technique won't work on Win2K not because the OS-supplied MOFs doesn't accommodate it, but because the underlying bits dont provide it. Jim Harrison MCP(NT4, W2K), A+, Network+, PCG http://isaserver.org/Jim_Harrison/ http://isatools.org Read the help / books / articles! On Sun, 16 May 2004 18:36:54 -0700 "cismic" <cismic@xxxxxxx> wrote: http://www.ISAserver.org Yeah, that is one of the down falls of the process the command line is not liked :( CommandLine Data type: string Access type: Read-only Command line used to start a specific process, if applicable. This property is new for Windows XP What really happens is that from the command line the program to watch actaully becomes "cscript.exe" But, when we run our scripts we usually type "cscript somescript.vbs" I think that the process could be still usable if we pass in a parameter like this, "cscript somescript.vbs "cscript.exe" and then change the gProgram variable to "cscript.exe". Or as I'm researching, how to create a custom *.mof file that can utilize that parameter and update the wmi stuff for 2000. Joseph ----- Original Message ----- From: "Jim Harrison" <jim@xxxxxxxxxxxx> To: "[ISAserver.org Discussion List]" <isalist@xxxxxxxxxxxxx> Sent: Sunday, May 16, 2004 3:13 PM Subject: [isalist] Re: Idea for ISA Blocking Scripts on isatools.org http://www.ISAserver.org DAMNDAMNDAMN!!! The "CommandLine" property isn't valid for Windows 2000!!! @$#%$njhq4-0595#$%T!@#4j1 bqr-t134!34tv qrt536!!! (sorry, ladies...) Jim Harrison MCP(NT4, W2K), A+, Network+, PCG http://isaserver.org/Jim_Harrison/ http://isatools.org Read the help / books / articles! On Sun, 16 May 2004 14:39:00 -0700 Jim Harrison <jim@xxxxxxxxxxxx> wrote: http://www.ISAserver.org Hi Joe, Thanks for the kick-in-the-head; not only does the W32_Process have that information, it's brain-dead easy to validate: Option Explicit On Error Resume Next Dim Wmi Dim RegEx Dim processes Dim process Dim Count: Count = 0 Set Wmi = GetObject( "winmgmts:root\cimv2" ) Set RegEx = New RegExp RegEx.global = True RegEx.IgnoreCase = True RegEx.Pattern = WScript.ScriptName Set processes = Wmi.ExecQuery( "select CommandLine, Name from Win32_Process where ( Name='wscript.exe' or Name='cscript.exe' )" ) For Each process In processes WScript.Echo "WScript.ScriptName = " & WScript.ScriptName WScript.Echo "process.CommandLine = " & process.CommandLine If RegEx.Test( process.CommandLine ) AND Count > 0 Then WScript.Echo "Too many of me running!" WScript.Quit Else Count = Count + 1 End If Next While 1 = 1 WScript.Sleep 5000 Wend Test it by : 1. start two separate console sessions 2. in session one, start the script 3. in session 2, start the script .session 2 should give out the message "There are too many of me running!" Jim Harrison MCP(NT4, W2K), A+, Network+, PCG http://isaserver.org/Jim_Harrison/ http://isatools.org Read the help / books / articles! On Sun, 16 May 2004 12:57:14 -0700 "cismic" <cismic@xxxxxxx> wrote: http://www.ISAserver.org Hi there, I disagree. You can do effect monitoring of running instances of wscript.exe. So, if you add something like this to the start of your scripts then you can effectively monitor and close out running the script again. However, it dosen't work so well if you have tons of wscript.echo commands running during the processing and while you answer those start the script again when the last wscript.echo was hit. Option Explicit Stop On error Resume Next Dim gstrUser,gstrDomain, gwshShell, gstrUserName, gLocal, gLocalService, gobjProcessList, gProcess, lRetValue, gProgram Set oArgs =WScript.Arguments set gLocal = createObject("WbemScripting.SWbemLocator") Set gwshShell = CreateObject("Wscript.Shell") gProgram = "wscript.exe" 'needs to be lower case the system "proc.name" sends it this way. ggstrUserName = gwshShell.ExpandEnvironmentStrings("%Username%") gLocal.security_.impersonationLevel = 3 'impersonate set gLocalService = gLocal.connectServer(".","root\cimv2") set gobjProcessList = gLocalService.ExecQuery("Select * from Win32_Process") for each gProcess in gobjProcessList lRetValue = gProcess.GetOwner(gstrUser,gstrDomain) If gProcess.name = gProgram then MsgBox gProgram & " Is already running you cannot open another instance ",vbexclamation,"Warning" WScript.quit End If NEXT Thank you, Joseph ----- Original Message ----- From: "Jim Harrison" <jim@xxxxxxxxxxxx> To: "[ISAserver.org Discussion List]" <isalist@xxxxxxxxxxxxx> Sent: Sunday, May 16, 2004 8:19 AM Subject: [isalist] Re: Idea for ISA Blocking Scripts on isatools.org http://www.ISAserver.org I thought about something like that, but it creates a potential "race" condition where the file might not yet be created when a later script runs. This could actually cause both scripts to fail, leaving you even more confused... Plus, depending on how the scripts fail, the file may not get cleaned up and the system becomes more cluttered. VB Scripting has some really bad error handling, but I use it because it's easier for most folks to read... Jim Harrison MCP(NT4, W2K), A+, Network+, PCG http://isaserver.org/Jim_Harrison/ http://isatools.org Read the help / books / articles! On Mon, 17 May 2004 02:40:22 +1200 "Surago Jones" <surago@xxxxxxxxxxxx> wrote: http://www.ISAserver.org Ah Sweet. :) One possibility to detect if the script it already running, would be to create a temporary file at the beginning of the script, then remove it at the end of the script, and use a check to see if it exists before continuing within the script. :) (not sure if that is possible, but an idea at least. :) ) heh, Tho i guess i should just be a little more careful with my keypresses. :) Cheers Surago Jones -----Original Message----- From: Jim Harrison [mailto:jim@xxxxxxxxxxxx] Sent: Friday, 14 May 2004 04:03 To: [ISAserver.org Discussion List] Subject: [isalist] Re: Idea for ISA Blocking Scripts on isatools.org http://www.ISAserver.org Actually, you do have a valid bug, just not the one you think... You get popup-after-popup when you run them because: 1. the default scripting engine in Windows is WScript (popups for every message) 2. not everyone knows (how) to change the default scripting engine to CScript (console output). Unfortunately, there's no way for a script to know if there is more than one instance of itself (HTA does, though). Fortunately, the fix is to make the script(s) aware of the scripting engine that ran them and adjust accordingly. That's a completely brain-dead change (ISAInfo does it already) that you can look for by this weekend. Thanks for the bug report! in the meantime, open a cmd window and type: cscript //h:cscript now all scripts will run as console apps, not windows. Jim Harrison MCP(NT4, W2K), A+, Network+, PCG http://www.microsoft.com/isaserver http://isaserver.org/Jim_Harrison http://isatools.org Read the help, books and articles! ----- Original Message ----- From: "Surago Jones" <surago@xxxxxxxxxxxx> To: "[ISAserver.org Discussion List]" <isalist@xxxxxxxxxxxxx> Sent: Thursday, May 13, 2004 06:59 Subject: [isalist] Idea for ISA Blocking Scripts on isatools.org http://www.ISAserver.org Hi All, I can't remember whom it was that developed the virus blocking scripts on ISATools.org, however i have a suggestion. Would it be possible to have the script stop it from running again if it has already been started. As i was running the MyDoom script which creates quite a few Protocol Rules, unfortunately i got a tad carried away with hitting the enter key to all the prompts that appear, and somehow managed to get it to run several copies of the script at the same time. :) (Yep i'm a dumbass) Anyways, just thought this idea would improve the script if the author can be bothered. :) Cheers Surago Jones ------------------------------------------------------ List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ ------------------------------------------------------ Other Internet Software Marketing Sites: Leading Network Software Directory: http://www.serverfiles.com No.1 Exchange Server Resource Site: http://www.msexchange.org Windows Security Resource Site: http://www.windowsecurity.com/ Network Security Library: http://www.secinf.net/ Windows 2000/NT Fax Solutions: http://www.ntfaxfaq.com ------------------------------------------------------ You are currently subscribed to this ISAserver.org Discussion List as: jim@xxxxxxxxxxxx To unsubscribe send a blank email to $subst('Email.Unsub') ------------------------------------------------------ List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ ------------------------------------------------------ Other Internet Software Marketing Sites: Leading Network Software Directory: http://www.serverfiles.com No.1 Exchange Server Resource Site: http://www.msexchange.org Windows Security Resource Site: http://www.windowsecurity.com/ Network Security Library: http://www.secinf.net/ Windows 2000/NT Fax Solutions: http://www.ntfaxfaq.com ------------------------------------------------------ You are currently subscribed to this ISAserver.org Discussion List as: surago@xxxxxxxxxxxx To unsubscribe send a blank email to $subst('Email.Unsub') ------------------------------------------------------ List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ ------------------------------------------------------ Other Internet Software Marketing Sites: Leading Network Software Directory: http://www.serverfiles.com No.1 Exchange Server Resource Site: http://www.msexchange.org Windows Security Resource Site: http://www.windowsecurity.com/ Network Security Library: http://www.secinf.net/ Windows 2000/NT Fax Solutions: http://www.ntfaxfaq.com ------------------------------------------------------ You are currently subscribed to this ISAserver.org Discussion List as: jim@xxxxxxxxxxxx To unsubscribe send a blank email to $subst('Email.Unsub') ------------------------------------------------------ List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ ------------------------------------------------------ Other Internet Software Marketing Sites: Leading Network Software Directory: http://www.serverfiles.com No.1 Exchange Server Resource Site: http://www.msexchange.org Windows Security Resource Site: http://www.windowsecurity.com/ Network Security Library: http://www.secinf.net/ Windows 2000/NT Fax Solutions: http://www.ntfaxfaq.com ------------------------------------------------------ You are currently subscribed to this ISAserver.org Discussion List as: cismic@xxxxxxx To unsubscribe send a blank email to $subst('Email.Unsub') ------------------------------------------------------ List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ ------------------------------------------------------ Other Internet Software Marketing Sites: Leading Network Software Directory: http://www.serverfiles.com No.1 Exchange Server Resource Site: http://www.msexchange.org Windows Security Resource Site: http://www.windowsecurity.com/ Network Security Library: http://www.secinf.net/ Windows 2000/NT Fax Solutions: http://www.ntfaxfaq.com ------------------------------------------------------ You are currently subscribed to this ISAserver.org Discussion List as: jim@xxxxxxxxxxxx To unsubscribe send a blank email to $subst('Email.Unsub') ------------------------------------------------------ List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ ------------------------------------------------------ Other Internet Software Marketing Sites: Leading Network Software Directory: http://www.serverfiles.com No.1 Exchange Server Resource Site: http://www.msexchange.org Windows Security Resource Site: http://www.windowsecurity.com/ Network Security Library: http://www.secinf.net/ Windows 2000/NT Fax Solutions: http://www.ntfaxfaq.com ------------------------------------------------------ You are currently subscribed to this ISAserver.org Discussion List as: jim@xxxxxxxxxxxx To unsubscribe send a blank email to $subst('Email.Unsub') ------------------------------------------------------ List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ ------------------------------------------------------ Other Internet Software Marketing Sites: Leading Network Software Directory: http://www.serverfiles.com No.1 Exchange Server Resource Site: http://www.msexchange.org Windows Security Resource Site: http://www.windowsecurity.com/ Network Security Library: http://www.secinf.net/ Windows 2000/NT Fax Solutions: http://www.ntfaxfaq.com ------------------------------------------------------ You are currently subscribed to this ISAserver.org Discussion List as: cismic@xxxxxxx To unsubscribe send a blank email to $subst('Email.Unsub') ------------------------------------------------------ List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ ------------------------------------------------------ Other Internet Software Marketing Sites: Leading Network Software Directory: http://www.serverfiles.com No.1 Exchange Server Resource Site: http://www.msexchange.org Windows Security Resource Site: http://www.windowsecurity.com/ Network Security Library: http://www.secinf.net/ Windows 2000/NT Fax Solutions: http://www.ntfaxfaq.com ------------------------------------------------------ You are currently subscribed to this ISAserver.org Discussion List as: jim@xxxxxxxxxxxx To unsubscribe send a blank email to $subst('Email.Unsub')