Jump to content

This site uses cookies. By continuing to browse the site you are agreeing to our use of cookies. Find out more here. X
X


Photo

Create Local User Accounts


  • Please log in to reply
20 replies to this topic

#1 savj14

savj14

    Wayfarer

  • Active Members
  • Pip
  • 62 posts

Posted 11 October 2007 - 08:59 PM

I have a VBS script to create a Local User and adds them to the Administrator Group. I am trying to convert that script to AutoIt. I will eventually make a GUI and make it look nice. I can't get it to work though.

Here is what I have so far.

AutoIt         
#include <GUIConstants.au3> ; RETRIEVE Computer Name Dim $objNetwork, $strComputerName $objNetwork = ObjCreate("WScript.Network") $strComputer = $objNetwork.ComputerName $strUserName = ("testuser") $strFullName = ("Test User") $strPassword = ("password") $strGroup = ("administrator") ; Code To add User $objSystem = ObjGet("WinNT://" & $strComputer) $objUser = $objSystem.Create("user", $strUserName) $objUser.FullName = $strFullName $objUser.SetPassword ($strPassword) $objUser.SetInfo ; Code to add User to Group $objGroup = ObjGet("WinNT://" & $strComputer & "/" & $strGroup) $objGroup.Add("WinNT://" (& $strComputer & "/" & $strUserName)) Exit


I can't seem to get it to work properly and add the user







#2 DW1

DW1

    Central Scrutinizer

  • Active Members
  • PipPipPipPipPipPip
  • 2,107 posts

Posted 11 October 2007 - 09:36 PM

I know that you can add a user like this localy
$username = InputBox( "Input", "User Name: " ) $password = InputBox( "Input", "Password: " ) Run(@ComSpec & " /c " & 'Net User ' & $username & " " & $password & " /add", "", @SW_HIDE) Run(@ComSpec & " /c " & "Net Localgroup Administrators " & $username & " /add", "", @SW_HIDE)


But I don't know if you are trying to do this remotely or not....

Maybe this helps, maybe not, either way free bump :)

#3 evilertoaster

evilertoaster

  • Active Members
  • PipPipPipPipPipPip
  • 1,203 posts

Posted 11 October 2007 - 10:00 PM

$objSystem = ObjGet("WinNT://localhost") $objUser = $objSystem.Create("user", $strUserName) $objUser.FullName = "Test User" $objUser.SetPassword ("password") $objUser.SetInfo $objGroup = ObjGet("WinNT://localhost/Administrators") $objGroup.Add("WinNT://"&$strUserName)


#4 savj14

savj14

    Wayfarer

  • Active Members
  • Pip
  • 62 posts

Posted 12 October 2007 - 01:05 PM

All right so I am doing all right with adding the user and adding the user to certain groups.

Now I am wondering if I can check addition options when creating a user. The following options are available when creating a user account via Computer Management and would like to incorporate these in my script.

Options Are:
  • User must change password at next logon
  • User cannot change password
  • Password never expires
  • Account is disabled
I'm sure there is a way to do this I just have no clue how to code it.

Any ideas?

#5 ptrex

ptrex

    Universalist

  • MVPs
  • 2,420 posts

Posted 12 October 2007 - 01:26 PM

@savj14

Maybe this can get you started.

ADSI Object Model for WinNT Providers

regards,

ptrex

#6 savj14

savj14

    Wayfarer

  • Active Members
  • Pip
  • 62 posts

Posted 12 October 2007 - 01:57 PM

How would I go about checking to see if a user account already exists?

I'd like to do this check so I can give an error message back if the user account I am trying to add already exists

#7 Jos

Jos

    Je maintiendrai

  • Developers
  • 23,355 posts

Posted 12 October 2007 - 02:43 PM

something to study :)

Plain Text         
; Init objects Const $ADS_UF_DONT_EXPIRE_PASSWD = 0X10000 Const $ADS_UF_PASSWD_CANT_CHANGE = 0X40 $UserName = 'Fred' $Password = 'Wilma123' $oMyError = ObjEvent("AutoIt.Error","MyErrFunc"); Install a custom error handler $strComputer = @ComputerName ; Check if account exists .. if not create it $objUser = ObjGet("WinNT://" & $strComputer & "/" & $UserName) If @Error then     $colAccounts = ObjGet("WinNT://" & $strComputer & "")     $objUser = $colAccounts.Create("user", $UserName)     $objUser.SetPassword ($Password)     $objUser.Put ("Fullname", "Test User")     $objUser.Put ("Description", "Test User description")     $objUser.SetInfo EndIf ; ; Read current settings and Bitor to ensure the "Don't expire password swith is on" $oldFlags = $objUser.Get("UserFlags") $newFlags = BitOR($oldFlags,$ADS_UF_DONT_EXPIRE_PASSWD) $objUser.Put ("UserFlags", $newFlags) ;expire the password $objUser.SetInfo msgBox(262144,'Debug line ~' & @ScriptLineNumber,'Selection:' & @lf & ' dont Password Expired');### Debug MSGBOX ; ; Read current settings and Xor to ensure the "Don't expire password swith is off" $oldFlags = $objUser.Get("UserFlags") $newFlags = BitXOR($oldFlags,$ADS_UF_DONT_EXPIRE_PASSWD) $objUser.Put ("UserFlags", $newFlags) ;expire the password $objUser.SetInfo ; Set the Password expire now $objUser.Put ("PasswordExpired", 1) ;expire the password $objUser.SetInfo msgBox(262144,'Debug line ~' & @ScriptLineNumber,'Selection:' & @lf & 'PasswordExpired');### Debug MSGBOX ; ; Disable User ACcount $objUser.AccountDisabled=1 $objUser.SetInfo ; ;Add User to group ;$objGroup = ObjGet("WinNT://" & $strComputer & "/Administrators,group") ;$objGroup.Add($objUser.ADsPath) ; ; ; This is my custom error handler ;~ $OldUser = "Fred" ;~ $NewUser = "Fredrenamed" ;~ $oUser = ObjGet("WinNT://" & @ComputerName & "/" _ ;~               & $OldUser & ",user") ;~ $oComputer = ObjGet("WinNT://" & @ComputerName) ;~                                                                  MsgBox(262144,'Debug line ~25','Selection:' & @lf & '$oComputer' & @lf & @lf & 'Return:' & @lf & $oComputer & @lf & @lf & '@Error:' & @lf & @Error);### Debug MSGBOX ;~; rename user ;~ $oNewUser = $oComputer.MoveHere($oUser.ADsPath, $NewUser) Func MyErrFunc()    $HexNumber=hex($oMyError.number,8)    Msgbox(0,"","We intercepted a COM Error !" & @CRLF & _                 "Number is: " & $HexNumber & @CRLF & _                 "Linenbr is: " & $oMyError.scriptline  & @CRLF & _                 "Description is: " & $oMyError.description  & @CRLF & _                 "Windescription is: " & $oMyError.windescription )    SetError(1); something to check for when this function returns Endfunc

Visit the SciTE4AutoIt3 Download page for the latest versions                                                                 Forum Rules
 
Live for the present,
Dream of the future,
Learn from the past.
  :)


#8 ptrex

ptrex

    Universalist

  • MVPs
  • 2,420 posts

Posted 12 October 2007 - 03:03 PM

@all


My 2 cents

This returns all the Users. If one exists you could check upon this returned list and EXIT.

AutoIt         
#include <Array.au3> Dim $strDomain Do     $strDomain = inputbox( "Please enter a domainname", "Input" ) until $strDomain <> "" ListUsers( $strDomain ) Func ListUsers( $strDomain )     $objComputer = ObjGet("WinNT://" & $strDomain )     $objComputer.Filter = _ArrayCreate( "User" )     For $objUser In $objComputer         Consolewrite( "Name: " & $objUser.Name & @CRLF)         Consolewrite( "Fullname: " & $objUser.Fullname & @CRLF)         Consolewrite( "Description: " & $objUser.Description & @CRLF)         Consolewrite( "AccountDisabled: " & $objUser.AccountDisabled & @CRLF)         Consolewrite( "IsAccountLocked: " & $objUser.IsAccountLocked & @CRLF)         Consolewrite( "Profile: " & $objUser.Profile & @CRLF)         Consolewrite( "LoginScript: " & $objUser.LoginScript & @CRLF)         Consolewrite( "HomeDirectory: " & $objUser.HomeDirectory & @CRLF)         Consolewrite( @CRLF)        Next EndFunc


regards,

ptrex

#9 savj14

savj14

    Wayfarer

  • Active Members
  • Pip
  • 62 posts

Posted 12 October 2007 - 05:41 PM

What I have so far will find the existing User if it is typed into the GUI, and shoot back the Msgbox. Except after it still continues and tries to add the user instead of returning until the user is not found.

Here is what I have.

;Check to see if User Already Exists $strComputer = @ComputerName     $objComputer = ObjGet("WinNT://" & $strComputer)     $objComputer.Filter = _ArrayCreate( "User" )     For $objUser In $objComputer         If $objUser.Name = GuiCtrlRead($username) Then             MsgBox(0,"Error", "Found You")         ContinueLoop         EndIf         Next


What am I doing wrong?

#10 savj14

savj14

    Wayfarer

  • Active Members
  • Pip
  • 62 posts

Posted 15 October 2007 - 03:48 PM

Anyone???

#11 Jos

Jos

    Je maintiendrai

  • Developers
  • 23,355 posts

Posted 15 October 2007 - 03:59 PM

Anyone???

my last posted script has a simple way to test the existence of the userid... have you tried ?

Jos

Visit the SciTE4AutoIt3 Download page for the latest versions                                                                 Forum Rules
 
Live for the present,
Dream of the future,
Learn from the past.
  :)


#12 weaponx

weaponx

    I'm coming for blood, no code of conduct, no law.

  • MVPs
  • 5,366 posts

Posted 15 October 2007 - 04:11 PM

Dude the answer was in the script above:

; Check if account exists .. if not create it $objUser = ObjGet("WinNT://" & $strComputer & "/" & $UserName) If @Error then     $colAccounts = ObjGet("WinNT://" & $strComputer & "")     $objUser = $colAccounts.Create("user", $UserName)     $objUser.SetPassword ($Password)     $objUser.Put ("Fullname", "Test User")     $objUser.Put ("Description", "Test User description")     $objUser.SetInfo EndIf


#13 ynbIpb

ynbIpb

    Seeker

  • Active Members
  • 46 posts

Posted 28 March 2010 - 05:31 PM

;Add User to group
;$objGroup = ObjGet("WinNT://" & $strComputer & "/Administrators,group")
;$objGroup.Add($objUser.ADsPath)

How do I know what groups exist on the local machine?
For example, administrators at other locales written differently

#14 ptrex

ptrex

    Universalist

  • MVPs
  • 2,420 posts

Posted 29 March 2010 - 08:11 PM

@ynbIpb

Maybe this can help.

#include <Array.au3> $strComputer = "." $colGroups = ObjGet("WinNT://" & $strComputer & "") $colGroups.Filter = _ArrayCreate("group") For $objGroup In $colGroups     For $objUser in $objGroup.Members         ;If $objUser.name = "UserName" Then         If $objGroup.Name = "Administrators" Then             ConsoleWrite("Local Group " & $objGroup.Name & " Local User " & $objUser.name & @CRLF)         EndIf     Next Next


rgds

ptrex

#15 MJPollard

MJPollard

    Seeker

  • Active Members
  • 6 posts

Posted 24 April 2010 - 12:46 PM

How do I know what groups exist on the local machine?
For example, administrators at other locales written differently


Microsoft has a KB article that lists the SIDs for all of the standard accounts/groups.

Read KB 243330.

The SID for the Administrators group is S-1-5-32-544 and always will be regardless of the name.

#16 NDog

NDog

    Adventurer

  • Active Members
  • PipPip
  • 107 posts

Posted 20 December 2011 - 11:55 PM

Ok I am trying to modify this script for my own needs. I am not able to query WinNT://. so therefore cannot get any usable data from it

What I am trying to do is to determine if there are at least one administrator account which is not disabled.

First I need to loop through $objGroup.Members and get administrators and add them to an array
Secondly I need to loop through $objComputer using the administrator as a loop and then determining if the account is disabled or enabled.
If at least one admin account is enabled I can return a good value otherwise return a bad value.

I am having difficulty getting whether the account is enabled of not since the for loop is not working properly. I am new to arrays and probably am doing it wrong.

please help! :)

Plain Text         
#include <Array.au3> Dim $Array[1] $strComputer = "." $colGroups = ObjGet("WinNT://" & $strComputer & "") $colGroups.Filter = _ArrayCreate("group") For $objGroup In $colGroups     For $objUser in $objGroup.Members         ;If $objUser.name = "UserName" Then         If $objGroup.Name = "Administrators" Then             ;ConsoleWrite("Local Group " & $objGroup.Name & " Local User " & $objUser.name & @CRLF)    _ArrayAdd($Array, $objUser.name)         EndIf     Next Next ;Msgbox(0,"",Ubound($Array)-1) $Array[0] = Ubound($Array)-1 ;Msgbox(0,"",$Array[0]) ;_ArrayDisplay($Array) ;~ For $i = 1 to $Array[0] ;~  ConsoleWrite($Array[$i] & @LF) ;~ Next Dim $2Array[1] Dim $strDomain ;Do ;   $strDomain = inputbox( "Please enter a domainname", "Input" ) ;until $strDomain <> "" $strDomain = "localhost" ListUsers( $strDomain ) Func ListUsers( $strDomain )     $objComputer = ObjGet("WinNT://" & $strDomain )     $objComputer.Filter = _ArrayCreate( "User" )     For $objUser In $objComputer   For $i = 1 to $Array[0]    ;ConsoleWrite($Array[$i] & @LF)    If $objUser.Name = $Array[$i] Then      Consolewrite( "Name: " & $objUser.Name & " AccountDisabled: " & $objUser.AccountDisabled & @CRLF)      ;_ArrayAdd($2Array, $objUser.name & $objUser.AccountDisabled)    EndIf   Next         ;Consolewrite( "Name: " & $objUser.Name & @CRLF)         ;Consolewrite( "Fullname: " & $objUser.Fullname & @CRLF)         ;Consolewrite( "Description: " & $objUser.Description & @CRLF)         ;Consolewrite( "AccountDisabled: " & $objUser.AccountDisabled & @CRLF)         ;Consolewrite( "IsAccountLocked: " & $objUser.IsAccountLocked & @CRLF)         ;Consolewrite( "Profile: " & $objUser.Profile & @CRLF)         ;Consolewrite( "LoginScript: " & $objUser.LoginScript & @CRLF)         ;Consolewrite( "HomeDirectory: " & $objUser.HomeDirectory & @CRLF)         ;Consolewrite( @CRLF)       Next EndFunc


#17 Pennsta39

Pennsta39

    Seeker

  • New Members
  • 3 posts

Posted 26 April 2012 - 02:21 PM

Hey guys, dumb question...
Everytime i copy onme of these scripts into Primalscript(New VBScript), i get invalid character errors. Im sure im doing something stupid, but what is it?

#18 JLogan3o13

JLogan3o13

    115 and holding

  • MVPs
  • 4,327 posts

Posted 26 April 2012 - 02:35 PM

Hi, Pennsta39, welcome to the forum. This is an AutoIt forum, and these are AutoIt scripts, not vbscripts. If you copy directly into PrimalScript you are going to have issues. They would need to be converted from AutoIt to vbscript (although why you would want to do that is beyond me). If you would like to use these scripts, you'll need to download and install AutoIt to use them natively.

If you put a million monkeys on a million keyboards, one of them will eventually write a Java program. The rest of them will write Perl programs.

 

My Scripts: SCCM UDFInclude Source with Compiled Script, Disk Maintenance for Windows XP, "Deal-A-Day" Sites, Windows Firewall UDF


#19 Pennsta39

Pennsta39

    Seeker

  • New Members
  • 3 posts

Posted 26 April 2012 - 03:00 PM

Thank you for the response J. I want to run a script to add a local user into the login scrpt of one of out Domain admin acounts, so that when i login to a computer with the Domain Admin account(which has local admin rights), a new local admin account is created. I surely do not want to have to download Autoit program on every computer(would i even need to do that, or just make the script with the program, and it would run on other computers?) Any additional advice on how to accomplish my goal is greatly appreciated!

#20 Pennsta39

Pennsta39

    Seeker

  • New Members
  • 3 posts

Posted 26 April 2012 - 03:20 PM

easy, run batch file at login script


net user admin password01 /add
net localgroup Administrators admin /add




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users