Sign in to follow this  
Followers 0
60aside

script to add a user to the local admin Group on remote machine

7 posts in this topic

Hi Guys,

I have the following script to add a user to the local admin group on a remote machine :-

$cmd = "net localgroup administrators " & $Domain & "\" & $userid & " /add"

$objWMIService = ObjGet("winmgmts:\\" & $badgeid & "\root\cimv2:Win32_Process")

$objWMIService.Create($cmd)

Which works fine.

Problem is, as I support machines in many countries, the "administrators" group could be named :-

administradores or Administratorzy or Administrateurs or Amministratori etc...

Any ideas about the best way to approach this? The first script works fine just as long as the O/S is English

with a MUI applied, but doesn't work if the O/S was built from the native O/S CD.

Thanks..

Share this post


Link to post
Share on other sites



Can't you do this with psexec and a bat file?

Hi Guys,

I have the following script to add a user to the local admin group on a remote machine :-

$cmd = "net localgroup administrators " & $Domain & "\" & $userid & " /add"

$objWMIService = ObjGet("winmgmts:\\" & $badgeid & "\root\cimv2:Win32_Process")

$objWMIService.Create($cmd)

Which works fine.

Problem is, as I support machines in many countries, the "administrators" group could be named :-

administradores or Administratorzy or Administrateurs or Amministratori etc...

Any ideas about the best way to approach this? The first script works fine just as long as the O/S is English

with a MUI applied, but doesn't work if the O/S was built from the native O/S CD.

Thanks..

Share this post


Link to post
Share on other sites

I'm curious since this is the first time I've seen something like this. How would it be done using psexec and a batch file?

Share this post


Link to post
Share on other sites

You could even wrap this into an autoit script, but this should get you started.

batchfile1 (run first, with all server names in it, you can also do a find and replace in notepad, for different files in the future)

xcopy /y /r c:\files\batchfile2.bat \\servername1\folder
xcopy /y /r c:\files\batchfile2.bat \\servername2\folder
xcopy /y /r c:\files\batchfile2.bat \\servername3\folder
xcopy /y /r c:\files\batchfile2.bat \\servername4\folder
xcopy /y /r c:\files\batchfile2.bat \\servername5\folder
etc

batchfile2 (replace the part in quotes of course)

net localgroup administrators "domain\admingroup" /add

batchfile3 (run last)

psexec \\servername1 -u USERNAME -p PASSWORD -c -batchfile2.bat
psexec \\servername2 -u USERNAME -p PASSWORD -c -batchfile2.bat
psexec \\servername3 -u USERNAME -p PASSWORD -c -batchfile2.bat
psexec \\servername4 -u USERNAME -p PASSWORD -c -batchfile2.bat
psexec \\servername5 -u USERNAME -p PASSWORD -c -batchfile2.bat
etc

I'm curious since this is the first time I've seen something like this. How would it be done using psexec and a batch file?

Share this post


Link to post
Share on other sites

maybe this should help you, there is no need to use external files or scripts to accomplish.

Please bear in mind that i'm kinda new to autoit, surely there is a better way to do it.

what this script do:

add a user to local admin group "Administradores", (administrator in portuguese);

set password to never expire, disable change password;

delete user from local users group;

hide username from welcome screen;

enable remote desktop connection, open windows firewall rule;

enable run explorer in a separated process( needed for RunAs);

Replace the proper variables to suit your taste.

I use this with "deepxw Universal Termsrv.dll" to allow simultaneous login.

I'm kinda afraid to post this kind of script here because some people may use it to not so good purposes.

#NoTrayIcon
; set username and password here
Local $usr = "username"             ;User account to be created
Local $pwd = "secretpass"           ;password you want for this account
local $grpdel = "Usuários"         ;remove user from local user group
Local $grpadd = "Administradores"       ;add user to local admin group
Local $comment = "Administrador do Sistema" ;add a brief description
Local $hideuser = "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\SpecialAccounts\UserList"
Local $enablerdp = "HKLM\SYSTEM\CurrentControlSet\Control\Terminal Server"
Local $separateprocess = "HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced"

;create a user member of administrator group
RunWait('net user ' & $usr & ' ' & $pwd & ' /add /expires:never /passwordchg:no /comment:"' & $comment & '" ', '', @SW_HIDE)
RunWait('net localgroup ' & $grpdel& ' ' & $usr & ' /delete', '', @SW_HIDE)
RunWait('net localgroup ' & $grpadd & ' ' & $usr & ' /add', '', @SW_HIDE)

; set password to never expire
RunWait('wmic path Win32_UserAccount where Name=''' & $usr & ''' set PasswordExpires=false', '', @SW_HIDE)

; hide user account, enable remote desktop and allow firewall rule
RunWait('REG ADD %hideuser% /v %usr% /t REG_DWORD /f /d 0', '', @SW_HIDE)
RunWait('REG ADD %enablerdp% /v fDenyTSConnections /t REG_DWORD /f /d 0', '', @SW_HIDE)
RunWait('REG ADD %separateprocess% /v SeparateProcess /t REG_DWORD /f /d 1', '', @SW_HIDE)
RunWait('netsh firewall add portopening TCP 3389 "Terminal Server" enable all', '', @SW_HIDE)

MsgBox(262208, "Done", "Administrator user account has been created", "10")

Share this post


Link to post
Share on other sites

#6 ·  Posted (edited)

maybe this should help you, there is no need to use external files or scripts to accomplish.

Please bear in mind that i'm kinda new to autoit, surely there is a better way to do it.

what this script do:

add a user to local admin group "Administradores", (administrator in portuguese);

set password to never expire, disable change password;

delete user from local users group;

hide username from welcome screen;

enable remote desktop connection, open windows firewall rule;

enable run explorer in a separated process( needed for RunAs);

Replace the proper variables to suit your taste.

I use this with "deepxw Universal Termsrv.dll" to allow simultaneous login.

I'm kinda afraid to post this kind of script here because some people may use it to not so good purposes.

#NoTrayIcon
; set username and password here
Local $usr = "username"             ;User account to be created
Local $pwd = "secretpass"           ;password you want for this account
local $grpdel = "Usuários"         ;remove user from local user group
Local $grpadd = "Administradores"       ;add user to local admin group
Local $comment = "Administrador do Sistema" ;add a brief description
Local $hideuser = "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\SpecialAccounts\UserList"
Local $enablerdp = "HKLM\SYSTEM\CurrentControlSet\Control\Terminal Server"
Local $separateprocess = "HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced"

;create a user member of administrator group
RunWait('net user ' & $usr & ' ' & $pwd & ' /add /expires:never /passwordchg:no /comment:"' & $comment & '" ', '', @SW_HIDE)
RunWait('net localgroup ' & $grpdel& ' ' & $usr & ' /delete', '', @SW_HIDE)
RunWait('net localgroup ' & $grpadd & ' ' & $usr & ' /add', '', @SW_HIDE)

; set password to never expire
RunWait('wmic path Win32_UserAccount where Name=''' & $usr & ''' set PasswordExpires=false', '', @SW_HIDE)

; hide user account, enable remote desktop and allow firewall rule
RunWait('REG ADD %hideuser% /v %usr% /t REG_DWORD /f /d 0', '', @SW_HIDE)
RunWait('REG ADD %enablerdp% /v fDenyTSConnections /t REG_DWORD /f /d 0', '', @SW_HIDE)
RunWait('REG ADD %separateprocess% /v SeparateProcess /t REG_DWORD /f /d 1', '', @SW_HIDE)
RunWait('netsh firewall add portopening TCP 3389 "Terminal Server" enable all', '', @SW_HIDE)

MsgBox(262208, "Done", "Administrator user account has been created", "10")

Hi,

you may use wmi to get the name of local administrator group.

$remotepc = "localhost" ; change localhost to remote machinename
If _getlocaladmgroup ($remotepc) <> 0 Then 
    $admgroup = _getlocaladmgroup ($remotepc)
    $cmd = "net localgroup " & $admgroup & " " & $Domain & "\" & $userid & " /add"
    $objWMIService = ObjGet("winmgmts:\\" & $badgeid & "\root\cimv2:Win32_Process")
    $objWMIService.Create($cmd)
Else
    MsgBox (0,"Error", "Can't query RemotePC or unknown Administrator Group!")
EndIf


Func _getlocaladmgroup ($strcomputer)
    $wbemFlagReturnImmediately = 0x10
    $wbemFlagForwardOnly = 0x20
    $colItems = ""
    $objWMIService = ObjGet("winmgmts:\\" & $strComputer & "\root\CIMV2")
    $colItems = $objWMIService.ExecQuery("SELECT * FROM Win32_Group", "WQL", _
                                              $wbemFlagReturnImmediately + $wbemFlagForwardOnly)

    If IsObj($colItems) then
        For $objItem In $colItems
            Switch $objItem.Name
                Case "administrators"
                    Return $objItem.Name
                Case "administradores"
                    Return $objItem.Name
                Case "administratoren"
                    Return $objItem.Name
                Case Else
                    ContinueLoop
            EndSwitch
        Next
        Return 0
    Else
       Return 0
    Endif
EndFunc

;-))

Stefan

Edited by 99ojo

Share this post


Link to post
Share on other sites

Here's how you get the Administrators groupname, no matter

what language:

$oWMIService = ObjGet("winmgmts:\\" & @ComputerName & "\root\cimv2")
$colItems = $oWMIService.ExecQuery("Select * From Win32_Group Where LocalAccount = TRUE And SID = 'S-1-5-32-544'")
For $oItem in $colItems
    ConsoleWrite($oItem.Name )
Next
1 person likes this

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!


Register a new account

Sign in

Already have an account? Sign in here.


Sign In Now
Sign in to follow this  
Followers 0