Batch file to MASS ping group of computers on network by name, check reply, and resolve hostname
Solution 1
Here's a batch file for you:
@echo off
rem Loop thru list of computer names specified on command-line
for /f %%i in (%1) do call :check_machine %%i
goto end
:check_machine
rem Check to see if machine is up.
ping -n 2 %1 >NUL 2>NUL
if errorlevel 1 goto down
rem Reverse-lookup machine name and report
for /f "usebackq tokens=2" %%d in (`ping -n 1 -a %1 ^| find "Pinging"`) do echo %1:Up:%%d
goto end
:down
rem Report machine down
echo %1:Down
:end
Pass it a text file with a list of computer names in it and it'll PING them (2 tries-- you can increase that by increasing the number after "-n" on the 1st PING command-line), and if it gets a response, perform a reverse-lookup of the name. It returns results as:
computer-name-1:Up:name-it-resolved-to
computer-name-2:Down
computer-name-3:Up:name-it-resolved-to
...
To run multiple in parallel, just make multiple text files w/ different lists of machine names and launch a few copies in parallel.
Quick and dirty saves the day.
Solution 2
Do you really need to ping? The computer account will automatically change its password every 30 days. On a 200/2003/2008 functional level you can use dsquery computer -stalepwd X where X is the number of days since the last password change. This process is usually automated by moving the computer accounts that respond to this to an "OLD" OU and then after an additional 30-90 days they are automatically deleted if the password still has not changed.
Solution 3
You can also use nmap for scanning:
nmap -sn -PE -oG scan.txt 192.168.1.1 192.168.2.0/24
Quoting from the man page:
-sn: Ping Scan - disable port scan
The default host discovery done with -sn consists of an ICMP echo request,
TCP SYN to port 443, TCP ACK to port 80, and an ICMP timestamp request
by default.
-oN/-oX/-oS/-oG <file>: Output scan in normal, XML, s|<rIpt kIddi3,
and Grepable format, respectively, to the given filename.
-PE; -PP; -PM (ICMP Ping Types) .
In addition to the unusual TCP, UDP and SCTP host discovery types discussed
previously, Nmap can send the standard packets sent by the ubiquitous ping
program. Nmap sends an ICMP type 8 (echo request) packet to the target IP
addresses, expecting a type 0 (echo reply) in return from available hosts.
[...] Use the -PE option to enable this echo request behavior.
scan.txt will look something like this:
# Nmap 5.50 scan initiated Fri Aug 19 17:59:59 2011 as: nmap -vv -sn -PE -oG /tmp/scan.txt 192.168.1.1 192.168.2.0/24
# Ports scanned: TCP(0;) UDP(0;) SCTP(0;) PROTOCOLS(0;)
Host: 192.168.1.1 () Status: Down
Host: 192.168.2.0 (www.dummy.example.org) Status: Up
Host: 192.168.2.1 (www.foo.example.org) Status: Down
...
# Nmap done at Fri Aug 19 18:03:26 2011 -- NNN IP addresses (1 host up) scanned in 4.02 seconds
Solution 4
I had a similar need to do this for several thousand computers and developed a PowerShell script to take care of it. This script runs multiple background jobs concurrently to speed up the ping process and can optionally do a DnsLookup to lookup IP Address and Fully qualified domain name. Performance will vary depending on how many timeouts are encountered, but I have had the script complete for 12,000+ hosts in as little as 15 minutes.
The script is too big to post here, but you can see (and download) it here:
http://poshtips.com/2011/03/28/bgping-a-high-performance-bulk-ping-utility/
Solution 5
Another method that may work for you is to get the "Network Guys" to spit out the DHCP server leases. Pinging 5000 computers will take a while.
Related videos on Youtube
01 : 48
04 : 50
03 : 43
05 : 20
03 : 01
tbone
Updated on September 17, 2022Comments
-
tbone over 1 year
So, I have a list of 5000 computers on my Windows Active Directory network that may or may not still exist (I know, don't ask...I need to know for a project, and of course little help from the network people, and so many errors in the data they give me)
The computer names fall within SAT1 to SAT5000. However, some of them may have been upgraded to a new OS and renamed. so in this case i would like to detect the new name as well.
I wonder if someone might have a script that would, given a text file containing a list of computer names, for each: 1. ping the computer to check for existence (yes, it must be on, I know)
2. after receiving the ip from the 1st ping, do a ping -a to get a hostname
3. write the results out to a text file(Even better...is it possible to somehow split the initial file into mutliples, and spawn several batch files to run concurrently, to get down the slowness of synchronously pinging 5000 machines??)
Update
This article seems to be somewhat related to what I am looking for: http://www.enterpriseitplanet.com/networking/features/article.php/1571771
Update 2
This is what I ended up with:
@echo off rem del output.txt rem Loop thru list of computer names in file specified on command-line for /f %%i in (%1) do call :check_machine %%i goto end :check_machine rem Check to see if machine is up. echo %1 ping -n 2 %1 >NUL 2>NUL if errorlevel 1 goto down rem Reverse-lookup machine name and report for /f "usebackq tokens=2,3" %%d in (`ping -n 1 -a %1 ^| find "Pinging "`) do echo %1, %%d,%%e >> output.txt goto end :down rem Report machine down echo %1 >> output.txt :endAnd output is in this format:
SAT10 SAT1209 SAT601, CGY2601.na.sat.com,[110.3.111.70] SAT3592, CGY3592.na.sat.com,[110.0.237.45]If you split the computers list into mutliple smaller files, you can ping asynchronously like so:
del output.txt start MassPing.cmd Computers1.txt start MassPing.cmd Computers2.txt start MassPing.cmd Computers3.txt start MassPing.cmd Computers4.txt start MassPing.cmd Computers5.txt start MassPing.cmd Computers6.txt-
Abraxas over 7 yearsWould a powershell script be acceptable?
-
-
Doug Luxem over 14 years+1 or use "dsquery computer -inactive 4 -limit 0" to see computers which haven't been on in 4 weeks.
-
Spence over 14 years+1 - This is what I would do, too. Having said that, I couldn't resist cobbling together a batch file.
-
MDMarra over 14 yearsWoah, I got a +1 from EA. I feel like a real SFer now :) -
MDMarra over 14 years@DLux, he doesn't say what functional level his domain is. -inactive is probably as good of a choice, except that it is only supported on a 2003/2008 functional level, unless I am mistaken.
-
Denys over 14 yearsNot if you use nmap. :)
-
tbone over 14 yearsUnless I misunderstand, I don't think this will work for me because of the 30 day delay...by pinging, I can discover all computer names today (if turned on). The death of an old computer name (due to an OS upgrade and rename) wouldn't show up for 30 days by this method, isn't that correct?
-
MDMarra over 14 yearsIn an environment of 5000 objects, the dsquery will likely be much more accurate than expecting everything to be on and respond to a ping
-
tbone over 14 yearsfyi: some mods I made are posted in original question. Thanks Evan, very helpful!!!!
-
tbone over 14 yearsFor my particular situation, despite the drawback of the computer having to be on, Evan's answer was more applicable. Your answer may work better for someone in a different situation than mine.
-
simon over 13 yearsI agree this is a good way. In a Win2k3 dhcp server, it's a case of right clicking in the leases table and doinf export list. Done. Or you could achieve the same thing in the netsh.
