Jump to content

localgroup limitation error

DigitalVagrant
 Share

Recommended Posts

DigitalVagrant Seeker

DigitalVagrant

Posted
Posted

Hi folks

Sorry if this has been addressed elsewhere and I just couldn't find it, but aside from being very new to the scripting world, I am trying to add a security group to the power users group that is over 20 characters, a microslob no-no, obviously works fine with anything 20 chars and under. 

RunWait ( @Comspec & ' /c Net localgroup "Power Users" "extremely-long-name-that-makes-no-sense-for-a-security-group" /add' )

The below works .vbs workst great, but I can't seem to trick it into autoit (keep in mind, scripting noob...more like virgin). I know I could just point to it with run/runas etc or call it, but it would negate the reason for adding it in. I'm also fairly confident I could pull it off with PSEXEC, but need to stay away from 3rd party, including the windows admin pack files.

Dim DomainName
Dim UserAccount
Set net = WScript.CreateObject("WScript.Network")
local = net.ComputerName
DomainName = "DOMAIN"
UserAccount = "extremely-long-name-that-makes-no-sense-for-a-security-group"

set group = GetObject("WinNT://"& local &"/Power Users")

on error resume next
group.Add "WinNT://"& DomainName &"/"& UserAccount &""
CheckError

sub CheckError; 
    if not err.number=0 then
    set ole = CreateObject("ole.err")
    MsgBox ole.oleError(err.Number), vbCritical
    err.clear
else
    MsgBox "Done."
end if
end sub

The search options used were mainly "net localgroup or just localgroup" that pointed out some suggestions that looked promising, but I mostly likely couldn't figure it out. Much like importing the above vb.

Is there something anyone may be able to point out that can steer me on the right course? (preferably along the first example, but very doubtul). Any help would be appreciated.

Thanks.

Link to comment
Share on other sites
99ojo Universalist

99ojo

Posted
Posted

You can convert the VBS to AutoIt

Hi,

since the 20 characters is a limitation of the net.exe command, you can use api call instead.

Because i haven't had no experience with DLL calls someone may help.

This is the description of the API you should use:

http://msdn.microsoft.com/en-us/library/aa370436(VS.85).aspx

;-))

Stefan

Link to comment
Share on other sites
DigitalVagrant Seeker

DigitalVagrant

Posted
  • Author
Posted

Thanks for the replies

You can convert the VBS to AutoIt

I haven't been able to figure out how to convert it yet (only about a week and half worth of any scripting experience), however I think I'm getting closer.

Hi,

since the 20 characters is a limitation of the net.exe command, you can use api call instead.

Because i haven't had no experience with DLL calls someone may help.

This is the description of the API you should use:

http://msdn.microsoft.com/en-us/library/aa370436(VS.85).aspx

;-))

Stefan

Thanks for the tip, but if I'm reading this right, it looks like I may run into the same problem. Quote from the remarks section "User account names are limited to 20 characters and group names are limited to 256 characters"

Won't know until I try...and the second problem with that is figuring out how, this should be interesting.

Link to comment
Share on other sites
99ojo Universalist

99ojo

Posted
Posted (edited)

Hi,

i thought you want to add a group, although you use the variablename $username, but "extremely-long-name-that-makes-no-sense-for-a-security-group".

User account names are limited to 20 characters and group names are limited to 256 characters

;-))

Stefan

Edited by 99ojo
Link to comment
Share on other sites
Juvigy Universalist

Juvigy

Posted
Posted

I was trying to make the DLL function work but failed.

Tried several variations but it seems i am missing something.

The last thing i tried was :

$str = "wstr var1"

$a = DllStructCreate($str)

DllStructSetData($a,"var1","domain\user")

$result = DllCall("Netapi32.dll", "", "NetLocalGroupAddMembers", "wstr",Default, "wstr", "Administrators", "int", 3,"wstr", DllStructGetPtr($a),"dword", 1)

MsgBox(0,"",$result)

I dont get any errors but the account is not added...

Link to comment
Share on other sites
PsaltyDS Universalist

PsaltyDS

Posted
Posted

This is an AutoIt translation of the VBScript you said worked: 

Global $oCOMError = ObjEvent("AutoIt.Error", "COMError")
Global $f_COMError = False

Global $sDomainName = "DOMAIN"
Global $sGlobalGroup = "extremely-long-name-that-makes-no-sense-for-a-security-group"
Global $oLocalGroup = ObjGet("WinNT://" & @ComputerName & "/Power Users")

$oLocalGroup.Add("WinNT://" & $sDomainName & "/" & $sGlobalGroup)
If $f_COMError Then
    MsgBox(16, "Error", "Rats!")
Else
    MsgBox(64, "Success", "Woohoo!")
EndIf


Func COMError()
    Local $HexNumber = Hex($oCOMError.number, 8)
    MsgBox(16, "", "COM Error!" & @CRLF & _
            "Error Number:  " & $HexNumber & @CRLF & _
            "Description:  " & $oCOMError.windescription)

    $f_COMError = True
EndFunc   ;==>COMError

:)

Valuater's AutoIt 1-2-3, Class... Is now in Session!For those who want somebody to write the script for them: RentACoder"Any technology distinguishable from magic is insufficiently advanced." -- Geek's corollary to Clarke's law
Link to comment
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
 Share
Go to topic listing

  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...