Sign in to follow this  
Followers 0
Naveed

Obtaining Logged On Users SID on Remote Machine

11 posts in this topic

strComputer = "."
Set objWMIService = GetObject("winmgmts:\\" & strComputer & "\root\cimv2")

Set objAccount = objWMIService.Get _
("Win32_UserAccount.Name='LANID',Domain='DOMAINNAME'")
Wscript.Echo objAccount.SID

I am able to retrieve the SID using the vbs script above by specifying the computer name and lanid and domain.

However i am creating an autoit script which needs to be able to determine the SID and then use it in a function?

I have tried to use the vbs to au3 converter, doesnt work.

Any help with this will be greatly appreciated.

Here is what i have tried already but it doesnt work.

$wbemFlagReturnImmediately = 0x10
$wbemFlagForwardOnly = 0x20
$strComputer = "ASSETNUMBER"

$objWMIService = ObjGet("winmgmts:\\" & $strComputer & "\root\CIMV2")
$colitems = $objWMIService.Get("SELECT * FROM Win32_UserAccount.Name='LANID','DOMAIN'")

If IsObj($colItems) then
    For $objItem In $colItems
        $sid = $objItem.SID ; in seconds
        MsgBox(1,"",$SID)
        $Output=""
    Next
Else
    Msgbox(0,"WMI Output","No WMI Objects Found" )
Endif

Thanks

Naveed

Share this post


Link to post
Share on other sites



Scriptomatic generated the following AutoIt code (and it works):

; Generated by AutoIt Scriptomatic

$wbemFlagReturnImmediately = 0x10
$wbemFlagForwardOnly = 0x20
$colItems = ""
$strComputer = "PCTS29"

$Output=""
$Output = $Output & "Computer: " & $strComputer & @CRLF
$Output = $Output & "==========================================" & @CRLF
$objWMIService = ObjGet("winmgmts:\\" & $strComputer & "\root\CIMV2")
$colItems = $objWMIService.ExecQuery("SELECT * FROM Win32_UserAccount", "WQL", _
    $wbemFlagReturnImmediately + $wbemFlagForwardOnly)

If IsObj($colItems) then
 For $objItem In $colItems
    $Output = $Output & "AccountType: " & $objItem.AccountType & @CRLF
    $Output = $Output & "Caption: " & $objItem.Caption & @CRLF
    $Output = $Output & "Description: " & $objItem.Description & @CRLF
    $Output = $Output & "Disabled: " & $objItem.Disabled & @CRLF
    $Output = $Output & "Domain: " & $objItem.Domain & @CRLF
    $Output = $Output & "FullName: " & $objItem.FullName & @CRLF
    $Output = $Output & "InstallDate: " & WMIDateStringToDate($objItem.InstallDate) & @CRLF
    $Output = $Output & "LocalAccount: " & $objItem.LocalAccount & @CRLF
    $Output = $Output & "Lockout: " & $objItem.Lockout & @CRLF
    $Output = $Output & "Name: " & $objItem.Name & @CRLF
    $Output = $Output & "PasswordChangeable: " & $objItem.PasswordChangeable & @CRLF
    $Output = $Output & "PasswordExpires: " & $objItem.PasswordExpires & @CRLF
    $Output = $Output & "PasswordRequired: " & $objItem.PasswordRequired & @CRLF
    $Output = $Output & "SID: " & $objItem.SID & @CRLF
    $Output = $Output & "SIDType: " & $objItem.SIDType & @CRLF
    $Output = $Output & "Status: " & $objItem.Status & @CRLF
    if Msgbox(1,"WMI Output",$Output) = 2 then ExitLoop
    $Output=""
 Next
Else
 Msgbox(0,"WMI Output","No WMI Objects Found for class: " & "Win32_UserAccount" )
Endif


Func WMIDateStringToDate($dtmDate)

    Return (StringMid($dtmDate, 5, 2) & "/" & _
    StringMid($dtmDate, 7, 2) & "/" & StringLeft($dtmDate, 4) _
    & " " & StringMid($dtmDate, 9, 2) & ":" & StringMid($dtmDate, 11, 2) & ":" & StringMid($dtmDate,13, 2))
EndFunc

My UDFs and Tutorials:

Spoiler

UDFs:
Active Directory (NEW 2017-04-18 - Version 1.4.8.0) - Download - General Help & Support - Example Scripts - Wiki
OutlookEX (NEW 2017-02-27 - Version 1.3.1.0) - Download - General Help & Support - Example Scripts - Wiki
ExcelChart (2015-04-01 - Version 0.4.0.0) - Download - General Help & Support - Example Scripts
Excel - Example Scripts - Wiki
Word - Wiki
PowerPoint (2015-06-06 - Version 0.0.5.0) - Download - General Help & Support

Tutorials:
ADO - Wiki

 

Share this post


Link to post
Share on other sites

Scriptomatic generated the following AutoIt code (and it works):

; Generated by AutoIt Scriptomatic

$wbemFlagReturnImmediately = 0x10
$wbemFlagForwardOnly = 0x20
$colItems = ""
$strComputer = "PCTS29"

$Output=""
$Output = $Output & "Computer: " & $strComputer & @CRLF
$Output = $Output & "==========================================" & @CRLF
$objWMIService = ObjGet("winmgmts:\\" & $strComputer & "\root\CIMV2")
$colItems = $objWMIService.ExecQuery("SELECT * FROM Win32_UserAccount", "WQL", _
    $wbemFlagReturnImmediately + $wbemFlagForwardOnly)

If IsObj($colItems) then
 For $objItem In $colItems
    $Output = $Output & "AccountType: " & $objItem.AccountType & @CRLF
    $Output = $Output & "Caption: " & $objItem.Caption & @CRLF
    $Output = $Output & "Description: " & $objItem.Description & @CRLF
    $Output = $Output & "Disabled: " & $objItem.Disabled & @CRLF
    $Output = $Output & "Domain: " & $objItem.Domain & @CRLF
    $Output = $Output & "FullName: " & $objItem.FullName & @CRLF
    $Output = $Output & "InstallDate: " & WMIDateStringToDate($objItem.InstallDate) & @CRLF
    $Output = $Output & "LocalAccount: " & $objItem.LocalAccount & @CRLF
    $Output = $Output & "Lockout: " & $objItem.Lockout & @CRLF
    $Output = $Output & "Name: " & $objItem.Name & @CRLF
    $Output = $Output & "PasswordChangeable: " & $objItem.PasswordChangeable & @CRLF
    $Output = $Output & "PasswordExpires: " & $objItem.PasswordExpires & @CRLF
    $Output = $Output & "PasswordRequired: " & $objItem.PasswordRequired & @CRLF
    $Output = $Output & "SID: " & $objItem.SID & @CRLF
    $Output = $Output & "SIDType: " & $objItem.SIDType & @CRLF
    $Output = $Output & "Status: " & $objItem.Status & @CRLF
    if Msgbox(1,"WMI Output",$Output) = 2 then ExitLoop
    $Output=""
 Next
Else
 Msgbox(0,"WMI Output","No WMI Objects Found for class: " & "Win32_UserAccount" )
Endif


Func WMIDateStringToDate($dtmDate)

    Return (StringMid($dtmDate, 5, 2) & "/" & _
    StringMid($dtmDate, 7, 2) & "/" & StringLeft($dtmDate, 4) _
    & " " & StringMid($dtmDate, 9, 2) & ":" & StringMid($dtmDate, 11, 2) & ":" & StringMid($dtmDate,13, 2))
EndFunc

Thanks once again mate, i have tested it and it works what did you use to generate the code?

Share this post


Link to post
Share on other sites

Hi Naveed,

I used the AutoIt version of Scriptomatic - it can be found here.

Greetings

water


My UDFs and Tutorials:

Spoiler

UDFs:
Active Directory (NEW 2017-04-18 - Version 1.4.8.0) - Download - General Help & Support - Example Scripts - Wiki
OutlookEX (NEW 2017-02-27 - Version 1.3.1.0) - Download - General Help & Support - Example Scripts - Wiki
ExcelChart (2015-04-01 - Version 0.4.0.0) - Download - General Help & Support - Example Scripts
Excel - Example Scripts - Wiki
Word - Wiki
PowerPoint (2015-06-06 - Version 0.0.5.0) - Download - General Help & Support

Tutorials:
ADO - Wiki

 

Share this post


Link to post
Share on other sites

Hi Naveed,

I used the AutoIt version of Scriptomatic - it can be found here.

Greetings

water

Hi Water,

I tested the script on my windows 7 laptop and it worked fine, however when i am testing on my main administrator xp machine the script returns SID values for multiple accounts? any idea how i would isolate the id for the currently logged on user on MachineX?

Thanks

Naveed

Share this post


Link to post
Share on other sites

Hi Naveed,

change the Select statement accordingly:

$colItems = $objWMIService.ExecQuery("SELECT * FROM Win32_UserAccount Where Name='" & @UserName & "'", "WQL", _
    $wbemFlagReturnImmediately + $wbemFlagForwardOnly)

My UDFs and Tutorials:

Spoiler

UDFs:
Active Directory (NEW 2017-04-18 - Version 1.4.8.0) - Download - General Help & Support - Example Scripts - Wiki
OutlookEX (NEW 2017-02-27 - Version 1.3.1.0) - Download - General Help & Support - Example Scripts - Wiki
ExcelChart (2015-04-01 - Version 0.4.0.0) - Download - General Help & Support - Example Scripts
Excel - Example Scripts - Wiki
Word - Wiki
PowerPoint (2015-06-06 - Version 0.0.5.0) - Download - General Help & Support

Tutorials:
ADO - Wiki

 

Share this post


Link to post
Share on other sites

Or you could have a look at the "_Security__GetAccountSid" function in the Security UDF (its part of Autoit).


My UDFs and Tutorials:

Spoiler

UDFs:
Active Directory (NEW 2017-04-18 - Version 1.4.8.0) - Download - General Help & Support - Example Scripts - Wiki
OutlookEX (NEW 2017-02-27 - Version 1.3.1.0) - Download - General Help & Support - Example Scripts - Wiki
ExcelChart (2015-04-01 - Version 0.4.0.0) - Download - General Help & Support - Example Scripts
Excel - Example Scripts - Wiki
Word - Wiki
PowerPoint (2015-06-06 - Version 0.0.5.0) - Download - General Help & Support

Tutorials:
ADO - Wiki

 

Share this post


Link to post
Share on other sites

Or you could have a look at the "_Security__GetAccountSid" function in the Security UDF (its part of Autoit).

Thanks once again, i have managed to get the SID using the above method, however when i try to read the registry entry with the SID included for a remote machine, it comes back blank, any ideas??

Share this post


Link to post
Share on other sites

Could you please post the code you have so far?


My UDFs and Tutorials:

Spoiler

UDFs:
Active Directory (NEW 2017-04-18 - Version 1.4.8.0) - Download - General Help & Support - Example Scripts - Wiki
OutlookEX (NEW 2017-02-27 - Version 1.3.1.0) - Download - General Help & Support - Example Scripts - Wiki
ExcelChart (2015-04-01 - Version 0.4.0.0) - Download - General Help & Support - Example Scripts
Excel - Example Scripts - Wiki
Word - Wiki
PowerPoint (2015-06-06 - Version 0.0.5.0) - Download - General Help & Support

Tutorials:
ADO - Wiki

 

Share this post


Link to post
Share on other sites

Hi Naveed,

change the Select statement accordingly:

$colItems = $objWMIService.ExecQuery("SELECT * FROM Win32_UserAccount Where Name='" & @UserName & "'", "WQL", _
    $wbemFlagReturnImmediately + $wbemFlagForwardOnly)

Hi,

I tried to use this code however it gives me below error:

Variable must be of type "Object".:
$colItems = $objWMIService.ExecQuery("SELECT * FROM Win32_UserAccount Where Name='" & @UserName & "'", "WQL", $wbemFlagReturnImmediately + $wbemFlagForwardOnly)
$colItems = $objWMIService^ ERROR
 
I am trying to run it on WIN7. Any help is much appreciated.

Share this post


Link to post
Share on other sites

Can you post the complete code you run?


My UDFs and Tutorials:

Spoiler

UDFs:
Active Directory (NEW 2017-04-18 - Version 1.4.8.0) - Download - General Help & Support - Example Scripts - Wiki
OutlookEX (NEW 2017-02-27 - Version 1.3.1.0) - Download - General Help & Support - Example Scripts - Wiki
ExcelChart (2015-04-01 - Version 0.4.0.0) - Download - General Help & Support - Example Scripts
Excel - Example Scripts - Wiki
Word - Wiki
PowerPoint (2015-06-06 - Version 0.0.5.0) - Download - General Help & Support

Tutorials:
ADO - Wiki

 

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!


Register a new account

Sign in

Already have an account? Sign in here.


Sign In Now
Sign in to follow this  
Followers 0