Sign in to follow this  
Followers 0

Detecting if built in admin account is enabled or disabled

18 posts in this topic

Posted

I'm working on something to enable the built in admin account on windows 7

ie the one that is hidden on install of windows.

I know how to enable it but i want to be able to detect it so if its already active i don't try and make it active again.

so some sort of function etc that i can run a check with maybe?

im using net user to change it to active

Is there a way to detect it?

any pointers helpfull.

Share this post


Link to post
Share on other sites



Posted (edited)

WMI rootCIMV2 "SELECT Disabled FROM Win32_UserAccount WHERE Name = 'Administrator'"

or parse Account Active from STDOUT of Run("Net user Administrator")

Edited by rover

Share this post


Link to post
Share on other sites

Posted

WMI rootCIMV2 "SELECT Disabled FROM Win32_UserAccount WHERE Name = 'Administrator'"

I started Scriptomatic but got a little distracted, that's one to add to my function folder. Thanks.

Share this post


Link to post
Share on other sites

Posted (edited)

ConsoleWrite(_IsAdminEnabled() & @CRLF)

Func _IsAdminEnabled()
    Local $oWMIService = ObjGet('winmgmts:localhostrootCIMV2')
    Local $oColItems = $oWMIService.ExecQuery('SELECT * FROM Win32_UserAccount WHERE Name = "Administrator"', "WQL", 0x30)
    If IsObj($oColItems) Then
        For $oItem In $oColItems
            Return $oItem.Disabled = False
        Next
    EndIf
    Return True
EndFunc   ;==>_IsAdminEnabled

Edited by guinness

Share this post


Link to post
Share on other sites

Posted

"Return $oItem.Disabled = False"

Would that not return false when it is Enabled?

Share this post


Link to post
Share on other sites

Posted (edited)

If the Admin account is Disabled it returns True, not False.

Edited by guinness

Share this post


Link to post
Share on other sites

Posted

Seems a little unintuitive bud, unless you named it "IsAdminDisabled.

Share this post


Link to post
Share on other sites

Posted

I wouldn't worry about that line, if the Admin account is enabled then _IsAdminEnabled returns True.

Share this post


Link to post
Share on other sites

Posted

Must be this brain block I've had of late.

Cheers.

Share this post


Link to post
Share on other sites

Posted

It's OK. It feels more natural to write the True statement first and then the False statement e.g.

; This is how the majority of users write code.
If _IsAdminEnabled() Then
    ; It's True
Else
    ; It's False
EndIf

; So using _IsAdminDisabled would result in this.
If _IsAdminDisabled() = False Then
    ; It's True
Else
    ; It's False
EndIf

Share this post


Link to post
Share on other sites

Posted (edited)

How about that?

Func _IsAccountDisabled($sUser = @UserName, $sCompName = ".")
Local $aCall = DllCall("netapi32.dll", "int", "NetUserGetInfo", "wstr", $sCompName, "wstr", $sUser, "dword", 1, "ptr*", 0)
If @error Or $aCall[0] Then Return SetError(1, 0, False)
Local $Return = (BitAND(DllStructGetData(DllStructCreate("ptr;ptr;dword;dword;ptr;ptr;dword;ptr", $aCall[4]), 7), 2) <> 0)
DllCall("netapi32.dll", "int", "NetApiBufferFree", "ptr", $aCall[4])
Return $Return
EndFunc

ConsoleWrite(_IsAccountDisabled('Administrator') & @CRLF)
Edited by JFX

Share this post


Link to post
Share on other sites

Posted

One returns false (guinness) and the other returns true (JFX)

Share this post


Link to post
Share on other sites

Posted

Yeh, because JFX is checking if the Admin account is disabled.

Share this post


Link to post
Share on other sites

Posted

lol

I need a few more days off.

Share this post


Link to post
Share on other sites

Posted

I suppose I'm just an optimistic person and prefer enabled.

Share this post


Link to post
Share on other sites

Posted

Geez i step out the house and the thread has gone mad..

Many thanks to all who contributed

I was still working on this

$colItems = ""
$Output=""
$objWMIService = ObjGet("winmgmts:\\localhost\root\CIMV2")
$colItems = $objWMIService.ExecQuery("SELECT * FROM Win32_UserAccount", "WQL")
If IsObj($colItems) then
   For $objItem In $colItems
      $Output &= "Caption: " & $objItem.Caption & @CRLF
      $Output &= "Disabled: " & $objItem.Disabled & @CRLF
      if Msgbox(1,"WMI Output",$Output) = 2 then ExitLoop
      $Output=""
   Next
Else
   Msgbox(0,"WMI Output","No WMI Objects Found for class: " & "Win32_UserAccount" )
Endif

Share this post


Link to post
Share on other sites

Posted

See post #4 for a working function.

Share this post


Link to post
Share on other sites

Posted

Using the method of 'net user' and reading the Standard Output Stream >>

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!


Register a new account

Sign in

Already have an account? Sign in here.


Sign In Now
Sign in to follow this  
Followers 0