You are using an ad blocker that is interfering with our web typography and internal javascript. Please whitelist our domain to live in a more beautiful world. No ads here, just really great software!

Windows Information

Provide information that is useful for troubleshooting common Windows issues and gaining better insight into the health of your devices. Also, retrieve memory dumps of BSOD errors or system/application crashes and provide a thorough diagnostic from them.

Script Copy Windows Small Memory Dump Files

  • Version 1.0.0.0 – Initial release

Script Description

During execution, script copies collected Windows small memory dump files to the network shared folder provided as an input parameter.

Execution context and suggested scheduling

Run the script as local system. The script should be executed manually.

Parameters

ID Label Description
1 Network Path Absolute path to the network shared folder where memory dumps should be copied. UNC path format is required (e.g. \\Server\SharedFolderName)
2 Maximum Delay In Seconds Maximum random delay set to avoid server overload. Provide number of seconds less than 600

Outputs

ID Label Type Description
1 Number Of Small Dumps Int Number of copied Windows small memory dump files
2 Output Network Path String Output folder created in network shared folder provided as an input parameter

Further Information

Local machine account must have access to provided network shared location. In multidomain environment, domains must be in trust relationship. Small memory dump can be enabled by setting value of registry key HKLM\SYSTEM\CurrentControlSet\Control\CrashControl\CrashDumpEnabled to 3.

Restrictions

  • The script should not be concurrently executed on many devices copying files to the same server.
  • The script collects and copies Windows memory dumps only from devices with small memory dumps creation enabled.
  • The script is designed to collect memory dumps only from default location %SystemRoot%\Minidump.

Script Get Device Boot Duration

  • Version 1.0.0.1 – Modified default date constant to fix bug
  • Version 1.0.0.0 – Initial release

Script Description

Collects a wide range of information about device boot – total boot number, average boot time, boot times of various Windows components and most recent boot date.

Execution context and suggested scheduling

Run the script as local system. The script should be executed manually.

Parameters

None.

Outputs

ID Label Type Description
1 Last Boot Date DateTime The most recent boot date
2 Oldest Recorded Boot DateTime The oldest boot date
3 Number Of Boots Int Total number of boots
4 Last Boot Time Millisecond Duration time of the most recent boot
5 Last Main Path Boot Time Millisecond Duration time from Windows Logo first appearing on screen and until desktop is presented. Measured for the most recent boot
6 Last Post Boot Time Millisecond Duration time from desktop showing up until system has reached 80% idle during a 10-second idle time. Measured for the most recent boot
7 Last Kernel Init Boot Time Millisecond Duration time of kernel boot. Measured for the most recent boot
8 Last Driver Init Boot Time Millisecond Duration time of device drivers load. Measured for the most recent boot
9 Last Device Init Boot Time Millisecond Duration time of device hardware initialization. Measured for the most recent boot
10 Average Boot Time Millisecond Average duration time of all boots
11 Average Main Path Boot Time Millisecond Average time from desktop showing up until system has reached 80% idle during a 10-second idle time
12 Average Post Boot Time Millisecond Average time from Windows Logo first appearing on screen and until desktop is presented

Script Get Folder Size

  • Version 1.0.0.0 – Initial release

Script Description

Script provides total size, total number of detected subdirectories and files in provided path.

Execution context and suggested scheduling

Run the script as local system. The script should be executed manually.

Parameters

ID Label Description
1 Input Path Path to investigate
2 Maximum Delay In Seconds Maximum random delay set to avoid overloading server hosting virtual machines. Provide number of seconds less than 600

Outputs

ID Label Type Description
1 Total Directories Int Total number of directories and subdirectories in provided path
2 Total Files Int Total number of files in provided path
3 Total Size Size Total size of objects in provided path

Further Information

Depending on the input path, this script can have a significant performance impact. Use on small folder structures only!
Parameter ‘MaximumDelayInSeconds’ can be used to add random script execution delay. It should be used in virtualized environments to spread over time number of I/O requests on server hosting virtual machines.
Script uses all available CPU on Windows 7 and approximately 15% CPU on Windows 10.

Restrictions

  • Path cannot be UNC.
  • Path cannot contain illegal characters.
  • Root folder c:\ (or c:) cannot be used as input path due to Finder parsing.

Script Get Gpo Startup Impact

  • Version 1.0.0.0 – Initial release

Script Description

Obtains from Windows Event Log a wide range of information about user/machine GPOs applied during user logon/device startup. The script is designed for Windows 7 and 10.

Execution context and suggested scheduling

Run the script as local system. The script should be executed manually.

Parameters

None.

Outputs

ID Label Type Description
1 User Gpo Successfully Applied Bool Status of last user GPOs applied during user logon
2 Dc Connection Time Millisecond Duration time necessary for the device to connect to Domain Controller during user logon
3 Dc Information String Domain Controller DNS name and IP used during user logon
4 Total User Gpo Applied Time Millisecond Duration time necessary for the device to apply all user policies
5 User Gpo Categories String List of all user GPOs categories applied on the device
6 User Total Gpo Processing Time Millisecond Duration time necessary for the device to connect to the domain controller, download user policies and apply them
7 Computer Gpo Successfully Applied Bool Status of last computer GPOs applied during device startup
8 Total Computer Gpo Applied Time Millisecond Duration time necessary for device to apply all computer policies
9 Computer Gpo Categories String List of all device GPOs categories applied on the device
10 Computer Total Gpo Processing Time Millisecond Duration time device needed to connect to the domain controller, download computer policies, apply them and run startup scripts

Further Information

Useful for troubleshooting Active Directory issues on the domain joined devices.

Script Get Startup Impact

  • Version 2.0.0.0 – Script returns UserSID instead of UserName
  • Version 1.1.0.0 – Refactoring and performance improvements
  • Version 1.0.0.0 – Initial release

Script Description

Retrieves information similar to the information in the Startup tab in Windows Task Manager.

Execution context and suggested scheduling

Run the script as local system. The script should be executed manually.

Parameters

None.

Outputs

ID Label Type Description
1 User SID String User SID (Security Identifier) to whom the XML file containing the stats belongs
2 Last Start Up Analysis Date DateTime Last time the startup information was updated on the device
3 High Impact Count Int Number of applications with a high startup impact
4 High Impact Applications StringList Details (CPU time in ms, Disk I/O in MB) of programs with a high startup impact
5 Medium Impact Count Int Number of applications with a medium startup impact
6 Medium Impact Applications StringList Details (CPU time in ms, Disk I/O in MB) of programs with a medium startup impact
7 Low Impact Count Int Number of applications with a low startup impact
8 Low Impact Applications StringList Details (CPU time in ms, Disk I/O in MB) of programs with a low startup impact
9 Not Measured Impact Applications StringList Applications that were started but whose startup impacts were not measured by Windows

Script Get Windows Information

  • Version 5.0.0.0 – Added python, java and .Net versions
  • Version 4.0.0.1 – Modified default date constant to fix bug
  • Version 4.0.0.0 – Major refactoring and added PowerShell version output
  • Version 3.0.0.0 – Renamed two output fields and fixed description
  • Version 2.0.0.0 – Added boot mode and secure boot status
  • Version 1.0.0.0 – Initial release

Script Description

Returns the following information:
* Windows build name.
* Date on which Windows has been installed.
* Display language currently set in Windows.
* List of the user accounts defined on the local computer.
* PowerShell, Java, Python and .Net versions.
* Execution policies for PowerShell.
* Status of the BitLocker Drive Encryption.
* Reboot information.

Execution context and suggested scheduling

Run the script as local system. The script should be executed manually.

Parameters

ID Label Description
1 Disk Drive Volume for which the Bitlocker information should be returned (e.g. C)

Outputs

ID Label Type Description
1 Windows Build String Windows build name
2 Windows Install Date DateTime Date on which Windows has been installed
3 Windows Display Language String Display language currently set in Windows
4 Windows Local Accounts StringList List of the user accounts defined on the local computer
5 PS Version String PowerShell version (Major.Minor)
6 PS Policy Process String Execution policy affecting the remote actions executed by the current Windows PowerShell session. It is set within a PowerShell session via a variable
7 PS Machine Policy String Execution policy set through the machine GPO
8 PS user Policy String Execution policy set through the user GPO
9 PS Policy Current User String Execution policy affecting only the current user. It is set for the current user on a machine through a registry key
10 PS Policy Local Machine String Execution policy affecting all users of the computer. It is set for the local machine through a registry key
11 Bit Locker Protection Status String Indicates whether the volume and its encryption key (if any) are secured
12 Bit Locker Conversion Status String The status of the encryption or decryption on the volume
13 Bit Locker Percentage Encrypted Float The percentage of volume that is currently encrypted
14 Bit Locker Encryption Method String The encryption algorithm and key size used on the volume
15 Bit Locker Key Protectors StringList Lists of protectors used to secure the volume’s encryption key
16 Last Reboot DateTime Date and time of last reboot. It also considers reboots performed while the device was offline (no connection between the Nexthink Collector and the Engine)
17 Number Of Days Since Last Reboot Int Number of days since the last time the machine was rebooted. It also considers reboots performed while the device was offline (no connection between the Nexthink Collector and the Engine)
18 Startup Mode String Name of machine startup mode: ‘UEFI’ or ‘BIOS’
19 Secure Boot Enabled String Status of Secure Boot feature: ‘Yes’, ‘No’, ‘Not available’
20 Dot Net Version String Latest version of .Net
21 Python Version String Default version of Python
22 Java Version String Default version of Java

Further Information

SecureBoot functionality only available for Windows 10.
Python must be installed for all users to present version information.

Content

Remote Actions

Required Modules

Nexthink Act

Platforms

Windows

Compatibility

V6.14 and later
Thank you!