Hi,

Is there a way to capture changes done to a Windows XP machine. I need to find out what file/registry changes are done on a desktop on a regular basis. Say I have a Windows XP workstation, I need to find out what are the changes a user(with admin access) is performing on the workstation.

Thanks,
Praveen
0 Comments   [ + ] Show Comments

Comments

Please log in to comment

Rating comments in this legacy AppDeploy message board thread won't reorder them,
so that the conversation will remain readable.

Answers

0
There are innumerable snapshot tools available, not the least of which is the one provided with whatever you're using to author packages. As a lightweight tool which doesn't require installation, try Ziff-Davis's In Control. Search for 'InCtrl5.ZIP'.
Answered 02/25/2008 by: VBScab
Red Belt

Please log in to comment
0
Thanks for the resoponse.
I'm not looking for the normal snapshot tools. I need this to run in the background as a service and I need a admin console to open and view the changes.
Answered 02/25/2008 by: nvdpraveen
Orange Belt

Please log in to comment
0
How much more useful it would have been if you had stated this requirement at the outset :) If you had stated the need for such a tool to run as a service, then any response would have been tailored to that requirement. As it is, I don't know of any *snapshot* tool which works as you have specified. There are, however, any number of inventory-taking tools available. You could also use a WMI-driven script, the beauty here being that you can tailor scripts to suit your own requirements, plus there's no need to install a workstation service. Again, there are many examples available on the web. Try http://www.computerperformance.co.uk/ or http://cwashington.netreach.net as start points.
Answered 02/25/2008 by: VBScab
Red Belt

Please log in to comment
0
Thanks again.

Are there any tools with which I can

1. Store the state of the machine (say A) in the morning, - any silent command line tool will do.
2. Store the state of the machine (say B) in the evening.
3. Display the diff of A and B.
Answered 02/25/2008 by: nvdpraveen
Orange Belt

Please log in to comment
0

I need to find out what are the changes a user(with admin access) is performing on the workstation.



I need this to run in the background as a service



Are there any tools with which I can

1. Store the state of the machine (say A) in the morning, - any silent command line tool will do.


So which is it to be ? A command line tool or one that runs as a service - I think you need to articulate the requirement a little more clearly.

Reading between the lines (and correct me if I am wrong) you appear to be wishing to track changes that an administrator level user is making on the system. Perhaps the approach should be to question whether the user(s) making changes really need administrator privileges. Enterprises do not spend substantial amounts on locking down their corporate environments for nothing [;)]

Regards,

Spartacus
Answered 02/25/2008 by: spartacus
Black Belt

Please log in to comment
0
Hi,

A command line tool which saves the desktop state and provide an option to take a diff will do. Well let's not get in to the locking permissions part. That's out of my scope.

Thanks.
Answered 02/25/2008 by: nvdpraveen
Orange Belt

Please log in to comment
0
ORIGINAL: nvdpraveen
A command line tool which saves the desktop state and provide an option to take a diff will do.
So now you're only interested in changes to the Desktop? Again, we're having to interpret your requirement, as I'm sure you *meant* to say that you want to save the workstation state.

EXACTLY what is it you want to catch this guy doing? Installing non-supported or unlicensed software? Making system changes e.g. disabling anti-virus software? If you were able to tell us exactly what you want to monitor, maybe we could provide some help, although once again, I'm struggling to work out what on *earth* this has to do with 'Package Development'...
Answered 02/25/2008 by: VBScab
Red Belt

Please log in to comment
0
To explain the scenario.

I have a user who has 10 desktops. If he makes any configuration change to one of his machines (say he changes his start menu option, adds a new toolbar to an application) I need to replicate it to the remaining machines. The user will not be telling us where he changed a particular setting. Based on the system snapshot/diff I need to judge and push the settings to remaining machines. Hope it's clear.
Answered 02/25/2008 by: nvdpraveen
Orange Belt

Please log in to comment
0
These desktops...are they in VMs, by any chance? Anything user-based e.g. shortcuts, stuff in HKCU etc we can ignore, as the user profile ought to take care of that. For the VMs, you could clone the 'base' disk and then create clones from that: there's a setting in VMWare Workstation to have changes in a base disk cascaded to its clones. If we're not talking VMs, what are these Desktops contained in?
Answered 02/25/2008 by: VBScab
Red Belt

Please log in to comment
0
Hi,
The desktops are dell desktop h/w machines, couple of them are laptops.

Thanks.
Answered 02/25/2008 by: nvdpraveen
Orange Belt

Please log in to comment
0
(sigh...) So, actually, you mean he has 10 MACHINES, separate MACHINES, not Desktops. I imagined he was using virtual machines e.g. VMWare or Virtual PC, or that they were separate Desktops, such as some graphics card vendors supply.

I don't know what to suggest here. I guess you could use Briefcase (as it's free, supplied with XP) but I think that requires manual intervention to start it. Oh, BTW, what does this have do with Package Development? This really isn't the correct forum for this discussion. I'd suggest somewhere like the fora at Windows IT Pro or a MS newsgroup...?
Answered 02/26/2008 by: VBScab
Red Belt

Please log in to comment
0
Hi,

I have not quite able to figure out the reason why one would want to do such a thing. By that I mean I have not heard of any organisations/enterprises following this practice.
nvdpraveen or anyone else, If you tell us the reason for such a requirement??
Answered 02/26/2008 by: India_Repackaging
Blue Belt

Please log in to comment
0
Why not do profile redirection then?
Answered 02/26/2008 by: revizor
Third Degree Blue Belt

Please log in to comment
0
All the settings are not stored in profile. Say a config file is stored in a file under program files(.gvim for gvim application).
Answered 02/26/2008 by: nvdpraveen
Orange Belt

Please log in to comment
Answer this question or Comment on this question for clarity