Thursday, June 17, 2010

Neat-O Windows Admin Tricks: Automating a Help Desk Web Form

Scenario:

Within your Microsoft Windows Active Directory network environment, you have an intranet web site.  That web site serves up a Help Desk web page for users/customers/losers/idiots/crackheads/ to use for requesting things.  It has a form to fill-out, and when they submit the form, it generates an e-mail or stores the info in a database table (and sends an e-mail), etc. whatever.  But the form has a text box for the user to manually type in the name of their computer and their user name and other general contact info.  You'd really like to have that general contact info, and the computer name info, automatically filled in, so that users/losers don't enter stupid or incorrect information.

What to Do:

This scenario involves two (2) general issues that need to be addressed.  Each of these issues can be addressed in a variety of ways.  I'm only covering one (1) way to address each.

Part 1 - Automating the User Contact information

User information is typically stored in Active Directory.  If you (or whomever) did their job properly, each user account object should have all the pertinent information entered, such as e-mail address, phone number, department, first and last name, location info, etc.  AD information is stored and shared via LDAP and ADSI.  You can leverage built-in LDAP and ADSI features within ASP (or pretty much any COM or .NET scripting platform) to access that information.  An ASP web application can use the following code to query Active Directory for user account information.

The catch?  You have to make sure you enable "Integrated" authentication for your intranet web site in order to capture the user account name in the background.  This is silent and automatic if the visitor's use Internet Explorer.  Otherwise, they will be prompted to provide their domain credentials before accessing the web page (username and password).  I will explain the code shown below just below that.



<%

Function UserName()
Dim tmp, domain : domain = "mydomain"
If Session("username") <> "" Then
UserName = Session("username")
Else
tmp = Trim(Request.ServerVariables("REMOTE_USER"))
If tmp <> "" Then
Session("username") = Ucase(Mid(tmp, Len(domain)+2))
UserName = Session("username")
Else
UserName = ""
End If
End If
End Function

%>




Part 2 - Automating the Computer Name information



This is only a tiny bit more complicated, but still pretty easy.  Because capturing the visitor's computer name is not nearly as straightforward, you have to try alternate methods.  One method is to capture the remote IP address, and perform some sort of background lookup to find the computer name.  Messy.  Ugly.  Painful.  Another method is a bit more circuitous, but it works very well: create a desktop (or start menu) shortcut which contains the computer name in the URL parameters.  Consider the following URL which would be requested from a shortcut on the desktop of a user working on computer named "Computer123":



URL: http:// intranet/helpdesk/helpform.asp?cn=Computer123



The small catch here is that you will need to make sure your web form can read the "cn=" parameter and transfer the assigned value (e.g. "Computer123") into the form edit box.  If your web form is ASP or ASP.NET, this is very simple to enable.  The example below shows how to capture this value with an ASP web page:











helpform.asp

<% cn = Trim(Request.QueryString("cn"))%>
<html>
<head>
<title>Help Desk Request Form</title>
</head>
<body>
<h1>Help Desk Request Form</h1>
<form id="user" method="post" name="form1" action="request.asp">
Your Name: <input type="text" name="user" size="20" value="<%=UserName()%>"/>
<br/>
Computer: <input type="text" name="comp" size="30" value="<%=cn%>"/>
<br/>
Details:<br/>
<textarea name="details" cols="55" rows="8"></textarea>
<br/>
<input value="Submit" type="submit" name="btnSubmit"/>
<input value="Reset" type="reset" name="btnReset"/>
</form>
</body>
</html>



There are many "easy" ways to create shortcuts, but they usually come down to using the Wscript.Shell object.  If you want/need to deploy a shortcut to a large number of desktops, you may want to consider scripting it.  You can "blast" out the change by running a script from your desktop or from a server, etc.  Or you can make it part of your login script, or deploy it as a package via Group Policy or SMS, SCCM, Altiris, etc.  Whichever way you deploy it doesn't really matter.  You should be able to automate the capturing of the computer name and use that to concatenate a URL text string to use for creating the shortcut target value.  The examples below show how you can do this within a login script (both VBScript and KiXtart flavors are shown).



Which way (script language, utility, etc.) you choose to go doesn't matter as long as it works.  Once you fetch the computer name, you can take that and concatenate the URL string and make the shortcut for the user to click on to access the Help Desk web form.  The script code below will create a shortcut on the user's desktop using the URL example above.











login.vbs

Function ComputerName()

Dim objShell
Set objShell = Wscript.CreateObject("Wscript.Shell")
ComputerName = objShell.ExpandEnvironmentStrings("%computername%")
End Function


url = "http:// intranet/helpdesk/helpform.asp?cn=" & _
ComputerName()
cap = "Help Desk Request Form"


Set wshShell = CreateObject("Wscript.Shell")
Set objFSO = CreateObject("Scripting.FileSystemObject")
strPath = wshShell.SpecialFolders("Desktop")
scPath = strPath & "\" & cap & ".url"
If objFSO.FileExists(scPath) = False Then
Set objShortcutURL = wshShell.CreateShortcut(scPath)
objShortcutURL.TargetPath = url
objShortcutURL.Save
Set objShortcutURL = Nothing

End If




 











login.kix

$url = "http:// intranet/helpdesk/helpform?cn="+@wksta
$cap = "Help Desk Request Form"
$wshShell = CreateObject("Wscript.Shell")
$strPath = $wshShell.SpecialFolders("Desktop")
$scPath = $strpath+"\"+$cap+".url"
if exist($scPath) = 0
$objShortcutURL = $wshShell.CreateShortcut($scPath)

$objShortcutURL.TargetPath = $url

$objShortcutURL.Save()

$objShortcutURL = 0

endif




Putting it All Together



Duct tape, Elmer's Glue, staples, chewing gum, rubber bands… ok, you should now have a "helpform.asp" file sitting on your web server and shared from an IIS site on the server which has integrated authentication configured (do not enable any other authentication options).  Then you would have either a "login.vbs" or "login.kix" login script file.  Target that using Group Policy or simply send a link to the script to one of your test users (aka minion guinea pigs) to test out.  The script should be executed under the user context, not the system context, so it can grab the user information and computer information as well.



Now, when a user logs on, it will create a shortcut on their desktop to "Help Desk Request Form" which contains the URL shown in RED above (except with their actual computer name filled in, instead of "Computer123").



When the user launches the shortcut, it requests the URL along with the computer name.  The ASP form reads the "cn=" parameter to fetch the computer name.  The ASP form also uses the ServerVariables collection to fetch the user account name.  You can modify the **** out of this to suit your needs/whims, etc.  Read the following disclaimer however. – Cheers!



IMPORTANT DISCLAIMER:



Test this in an isolated NON-PRODUCTION environment before attempting to use it in a real production environment.  There is no warranty or guarantee of ANY KIND WHATSOEVER provided for this information, either explicitly or implicitly.  I assume no responsibility or liabilities for any stupid shit dumbass crap, loss of data, downtime, anger, resentment, hostility, depression, angst, mood swings, etc., that may occur as a result of what happens if you don't test it thoroughly before letting it lose on your network.

No comments: