Jump to content

Obtaining Logged On Users SID on Remote Machine


Naveed
 Share

Recommended Posts

strComputer = "."
Set objWMIService = GetObject("winmgmts:\\" & strComputer & "\root\cimv2")

Set objAccount = objWMIService.Get _
("Win32_UserAccount.Name='LANID',Domain='DOMAINNAME'")
Wscript.Echo objAccount.SID

I am able to retrieve the SID using the vbs script above by specifying the computer name and lanid and domain.

However i am creating an autoit script which needs to be able to determine the SID and then use it in a function?

I have tried to use the vbs to au3 converter, doesnt work.

Any help with this will be greatly appreciated.

Here is what i have tried already but it doesnt work.

$wbemFlagReturnImmediately = 0x10
$wbemFlagForwardOnly = 0x20
$strComputer = "ASSETNUMBER"

$objWMIService = ObjGet("winmgmts:\\" & $strComputer & "\root\CIMV2")
$colitems = $objWMIService.Get("SELECT * FROM Win32_UserAccount.Name='LANID','DOMAIN'")

If IsObj($colItems) then
    For $objItem In $colItems
        $sid = $objItem.SID ; in seconds
        MsgBox(1,"",$SID)
        $Output=""
    Next
Else
    Msgbox(0,"WMI Output","No WMI Objects Found" )
Endif

Thanks

Naveed

Link to comment
Share on other sites

Scriptomatic generated the following AutoIt code (and it works):

; Generated by AutoIt Scriptomatic

$wbemFlagReturnImmediately = 0x10
$wbemFlagForwardOnly = 0x20
$colItems = ""
$strComputer = "PCTS29"

$Output=""
$Output = $Output & "Computer: " & $strComputer & @CRLF
$Output = $Output & "==========================================" & @CRLF
$objWMIService = ObjGet("winmgmts:\\" & $strComputer & "\root\CIMV2")
$colItems = $objWMIService.ExecQuery("SELECT * FROM Win32_UserAccount", "WQL", _
    $wbemFlagReturnImmediately + $wbemFlagForwardOnly)

If IsObj($colItems) then
 For $objItem In $colItems
    $Output = $Output & "AccountType: " & $objItem.AccountType & @CRLF
    $Output = $Output & "Caption: " & $objItem.Caption & @CRLF
    $Output = $Output & "Description: " & $objItem.Description & @CRLF
    $Output = $Output & "Disabled: " & $objItem.Disabled & @CRLF
    $Output = $Output & "Domain: " & $objItem.Domain & @CRLF
    $Output = $Output & "FullName: " & $objItem.FullName & @CRLF
    $Output = $Output & "InstallDate: " & WMIDateStringToDate($objItem.InstallDate) & @CRLF
    $Output = $Output & "LocalAccount: " & $objItem.LocalAccount & @CRLF
    $Output = $Output & "Lockout: " & $objItem.Lockout & @CRLF
    $Output = $Output & "Name: " & $objItem.Name & @CRLF
    $Output = $Output & "PasswordChangeable: " & $objItem.PasswordChangeable & @CRLF
    $Output = $Output & "PasswordExpires: " & $objItem.PasswordExpires & @CRLF
    $Output = $Output & "PasswordRequired: " & $objItem.PasswordRequired & @CRLF
    $Output = $Output & "SID: " & $objItem.SID & @CRLF
    $Output = $Output & "SIDType: " & $objItem.SIDType & @CRLF
    $Output = $Output & "Status: " & $objItem.Status & @CRLF
    if Msgbox(1,"WMI Output",$Output) = 2 then ExitLoop
    $Output=""
 Next
Else
 Msgbox(0,"WMI Output","No WMI Objects Found for class: " & "Win32_UserAccount" )
Endif


Func WMIDateStringToDate($dtmDate)

    Return (StringMid($dtmDate, 5, 2) & "/" & _
    StringMid($dtmDate, 7, 2) & "/" & StringLeft($dtmDate, 4) _
    & " " & StringMid($dtmDate, 9, 2) & ":" & StringMid($dtmDate, 11, 2) & ":" & StringMid($dtmDate,13, 2))
EndFunc

My UDFs and Tutorials:

Spoiler

UDFs:
Active Directory (NEW 2022-02-19 - Version 1.6.1.0) - Download - General Help & Support - Example Scripts - Wiki
ExcelChart (2017-07-21 - Version 0.4.0.1) - Download - General Help & Support - Example Scripts
OutlookEX (2021-11-16 - Version 1.7.0.0) - Download - General Help & Support - Example Scripts - Wiki
OutlookEX_GUI (2021-04-13 - Version 1.4.0.0) - Download
Outlook Tools (2019-07-22 - Version 0.6.0.0) - Download - General Help & Support - Wiki
PowerPoint (2021-08-31 - Version 1.5.0.0) - Download - General Help & Support - Example Scripts - Wiki
Task Scheduler (NEW 2022-07-28 - Version 1.6.0.1) - Download - General Help & Support - Wiki

Standard UDFs:
Excel - Example Scripts - Wiki
Word - Wiki

Tutorials:
ADO - Wiki
WebDriver - Wiki

 

Link to comment
Share on other sites

Scriptomatic generated the following AutoIt code (and it works):

; Generated by AutoIt Scriptomatic

$wbemFlagReturnImmediately = 0x10
$wbemFlagForwardOnly = 0x20
$colItems = ""
$strComputer = "PCTS29"

$Output=""
$Output = $Output & "Computer: " & $strComputer & @CRLF
$Output = $Output & "==========================================" & @CRLF
$objWMIService = ObjGet("winmgmts:\\" & $strComputer & "\root\CIMV2")
$colItems = $objWMIService.ExecQuery("SELECT * FROM Win32_UserAccount", "WQL", _
    $wbemFlagReturnImmediately + $wbemFlagForwardOnly)

If IsObj($colItems) then
 For $objItem In $colItems
    $Output = $Output & "AccountType: " & $objItem.AccountType & @CRLF
    $Output = $Output & "Caption: " & $objItem.Caption & @CRLF
    $Output = $Output & "Description: " & $objItem.Description & @CRLF
    $Output = $Output & "Disabled: " & $objItem.Disabled & @CRLF
    $Output = $Output & "Domain: " & $objItem.Domain & @CRLF
    $Output = $Output & "FullName: " & $objItem.FullName & @CRLF
    $Output = $Output & "InstallDate: " & WMIDateStringToDate($objItem.InstallDate) & @CRLF
    $Output = $Output & "LocalAccount: " & $objItem.LocalAccount & @CRLF
    $Output = $Output & "Lockout: " & $objItem.Lockout & @CRLF
    $Output = $Output & "Name: " & $objItem.Name & @CRLF
    $Output = $Output & "PasswordChangeable: " & $objItem.PasswordChangeable & @CRLF
    $Output = $Output & "PasswordExpires: " & $objItem.PasswordExpires & @CRLF
    $Output = $Output & "PasswordRequired: " & $objItem.PasswordRequired & @CRLF
    $Output = $Output & "SID: " & $objItem.SID & @CRLF
    $Output = $Output & "SIDType: " & $objItem.SIDType & @CRLF
    $Output = $Output & "Status: " & $objItem.Status & @CRLF
    if Msgbox(1,"WMI Output",$Output) = 2 then ExitLoop
    $Output=""
 Next
Else
 Msgbox(0,"WMI Output","No WMI Objects Found for class: " & "Win32_UserAccount" )
Endif


Func WMIDateStringToDate($dtmDate)

    Return (StringMid($dtmDate, 5, 2) & "/" & _
    StringMid($dtmDate, 7, 2) & "/" & StringLeft($dtmDate, 4) _
    & " " & StringMid($dtmDate, 9, 2) & ":" & StringMid($dtmDate, 11, 2) & ":" & StringMid($dtmDate,13, 2))
EndFunc

Thanks once again mate, i have tested it and it works what did you use to generate the code?
Link to comment
Share on other sites

Hi Naveed,

I used the AutoIt version of Scriptomatic - it can be found here.

Greetings

water

My UDFs and Tutorials:

Spoiler

UDFs:
Active Directory (NEW 2022-02-19 - Version 1.6.1.0) - Download - General Help & Support - Example Scripts - Wiki
ExcelChart (2017-07-21 - Version 0.4.0.1) - Download - General Help & Support - Example Scripts
OutlookEX (2021-11-16 - Version 1.7.0.0) - Download - General Help & Support - Example Scripts - Wiki
OutlookEX_GUI (2021-04-13 - Version 1.4.0.0) - Download
Outlook Tools (2019-07-22 - Version 0.6.0.0) - Download - General Help & Support - Wiki
PowerPoint (2021-08-31 - Version 1.5.0.0) - Download - General Help & Support - Example Scripts - Wiki
Task Scheduler (NEW 2022-07-28 - Version 1.6.0.1) - Download - General Help & Support - Wiki

Standard UDFs:
Excel - Example Scripts - Wiki
Word - Wiki

Tutorials:
ADO - Wiki
WebDriver - Wiki

 

Link to comment
Share on other sites

Hi Naveed,

I used the AutoIt version of Scriptomatic - it can be found here.

Greetings

water

Hi Water,

I tested the script on my windows 7 laptop and it worked fine, however when i am testing on my main administrator xp machine the script returns SID values for multiple accounts? any idea how i would isolate the id for the currently logged on user on MachineX?

Thanks

Naveed

Link to comment
Share on other sites

Hi Naveed,

change the Select statement accordingly:

$colItems = $objWMIService.ExecQuery("SELECT * FROM Win32_UserAccount Where Name='" & @UserName & "'", "WQL", _
    $wbemFlagReturnImmediately + $wbemFlagForwardOnly)

My UDFs and Tutorials:

Spoiler

UDFs:
Active Directory (NEW 2022-02-19 - Version 1.6.1.0) - Download - General Help & Support - Example Scripts - Wiki
ExcelChart (2017-07-21 - Version 0.4.0.1) - Download - General Help & Support - Example Scripts
OutlookEX (2021-11-16 - Version 1.7.0.0) - Download - General Help & Support - Example Scripts - Wiki
OutlookEX_GUI (2021-04-13 - Version 1.4.0.0) - Download
Outlook Tools (2019-07-22 - Version 0.6.0.0) - Download - General Help & Support - Wiki
PowerPoint (2021-08-31 - Version 1.5.0.0) - Download - General Help & Support - Example Scripts - Wiki
Task Scheduler (NEW 2022-07-28 - Version 1.6.0.1) - Download - General Help & Support - Wiki

Standard UDFs:
Excel - Example Scripts - Wiki
Word - Wiki

Tutorials:
ADO - Wiki
WebDriver - Wiki

 

Link to comment
Share on other sites

Or you could have a look at the "_Security__GetAccountSid" function in the Security UDF (its part of Autoit).

My UDFs and Tutorials:

Spoiler

UDFs:
Active Directory (NEW 2022-02-19 - Version 1.6.1.0) - Download - General Help & Support - Example Scripts - Wiki
ExcelChart (2017-07-21 - Version 0.4.0.1) - Download - General Help & Support - Example Scripts
OutlookEX (2021-11-16 - Version 1.7.0.0) - Download - General Help & Support - Example Scripts - Wiki
OutlookEX_GUI (2021-04-13 - Version 1.4.0.0) - Download
Outlook Tools (2019-07-22 - Version 0.6.0.0) - Download - General Help & Support - Wiki
PowerPoint (2021-08-31 - Version 1.5.0.0) - Download - General Help & Support - Example Scripts - Wiki
Task Scheduler (NEW 2022-07-28 - Version 1.6.0.1) - Download - General Help & Support - Wiki

Standard UDFs:
Excel - Example Scripts - Wiki
Word - Wiki

Tutorials:
ADO - Wiki
WebDriver - Wiki

 

Link to comment
Share on other sites

Or you could have a look at the "_Security__GetAccountSid" function in the Security UDF (its part of Autoit).

Thanks once again, i have managed to get the SID using the above method, however when i try to read the registry entry with the SID included for a remote machine, it comes back blank, any ideas??

Link to comment
Share on other sites

Could you please post the code you have so far?

My UDFs and Tutorials:

Spoiler

UDFs:
Active Directory (NEW 2022-02-19 - Version 1.6.1.0) - Download - General Help & Support - Example Scripts - Wiki
ExcelChart (2017-07-21 - Version 0.4.0.1) - Download - General Help & Support - Example Scripts
OutlookEX (2021-11-16 - Version 1.7.0.0) - Download - General Help & Support - Example Scripts - Wiki
OutlookEX_GUI (2021-04-13 - Version 1.4.0.0) - Download
Outlook Tools (2019-07-22 - Version 0.6.0.0) - Download - General Help & Support - Wiki
PowerPoint (2021-08-31 - Version 1.5.0.0) - Download - General Help & Support - Example Scripts - Wiki
Task Scheduler (NEW 2022-07-28 - Version 1.6.0.1) - Download - General Help & Support - Wiki

Standard UDFs:
Excel - Example Scripts - Wiki
Word - Wiki

Tutorials:
ADO - Wiki
WebDriver - Wiki

 

Link to comment
Share on other sites

  • 3 years later...

Hi Naveed,

change the Select statement accordingly:

$colItems = $objWMIService.ExecQuery("SELECT * FROM Win32_UserAccount Where Name='" & @UserName & "'", "WQL", _
    $wbemFlagReturnImmediately + $wbemFlagForwardOnly)

Hi,

I tried to use this code however it gives me below error:

Variable must be of type "Object".:
$colItems = $objWMIService.ExecQuery("SELECT * FROM Win32_UserAccount Where Name='" & @UserName & "'", "WQL", $wbemFlagReturnImmediately + $wbemFlagForwardOnly)
$colItems = $objWMIService^ ERROR
 
I am trying to run it on WIN7. Any help is much appreciated.
Link to comment
Share on other sites

Can you post the complete code you run?

My UDFs and Tutorials:

Spoiler

UDFs:
Active Directory (NEW 2022-02-19 - Version 1.6.1.0) - Download - General Help & Support - Example Scripts - Wiki
ExcelChart (2017-07-21 - Version 0.4.0.1) - Download - General Help & Support - Example Scripts
OutlookEX (2021-11-16 - Version 1.7.0.0) - Download - General Help & Support - Example Scripts - Wiki
OutlookEX_GUI (2021-04-13 - Version 1.4.0.0) - Download
Outlook Tools (2019-07-22 - Version 0.6.0.0) - Download - General Help & Support - Wiki
PowerPoint (2021-08-31 - Version 1.5.0.0) - Download - General Help & Support - Example Scripts - Wiki
Task Scheduler (NEW 2022-07-28 - Version 1.6.0.1) - Download - General Help & Support - Wiki

Standard UDFs:
Excel - Example Scripts - Wiki
Word - Wiki

Tutorials:
ADO - Wiki
WebDriver - Wiki

 

Link to comment
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
 Share

  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...