adrigalilea Posted December 2, 2013 Share Posted December 2, 2013 (edited) Hi, I need to know the local Administrator name, then i need to know if that account is enabled. I have the code from Guiness and Rover to know if the admin is enabled or not, but if i dont know his name i cant actually check if its enabled or not ConsoleWrite(_IsAdminEnabled() & @CRLF) Func _IsAdminEnabled() ; By Rover and guinness Local $oWMIService = ObjGet('winmgmts:\\localhost\root\CIMV2') Local $oColItems = $oWMIService.ExecQuery('SELECT * FROM Win32_UserAccount WHERE Name = "Administrador"', "WQL", 0x30) If IsObj($oColItems) Then For $oItem In $oColItems Return $oItem.Disabled = False Next EndIf Return True EndFunc ;==>_IsAdminEnabled The script is meant to run in other languages too thats why i need to know his name. I also know how to retrieve the name of the administrators group or anything given a SID (so i can use too to retrieve the administrator name when i know his SID): #include <Security.au3> Local $aArrayOfData = _Security__LookupAccountSid("S-1-5-32-544") ; Print returned data if no error occured If IsArray($aArrayOfData) Then ConsoleWrite("Account name = " & $aArrayOfData[0] & @CRLF) ConsoleWrite("Domain name = " & $aArrayOfData[1] & @CRLF) ConsoleWrite("SID type = " & _Security__SidTypeStr($aArrayOfData[2]) & @CRLF) EndIf But this does not work since administrator account does not always have the same SID: SID: S-1-5-21domain-500 Name: Administrator Description: A user account for the system administrator. By default, it is the only user account that is given full control over the system. From this Microsoft article So i basically need to know the domain SID from the local computer to then retrieve the Administrator name and then check if its enabled or not. Or if you have another method im open to new ideas... Apologize for my english Thank you. ___________________________________________________________________________________ EDIT: SOLUTION: ConsoleWrite(_IsAdminEnabled(_RetrieveAdminName()) & @CRLF) Func _IsAdminEnabled($AdminName) ; By Rover and guinness Local $oWMIService = ObjGet('winmgmts:\\localhost\root\CIMV2') Local $oColItems = $oWMIService.ExecQuery('SELECT * FROM Win32_UserAccount WHERE Name = "' & $AdminName & '"', "WQL", 0x30) If IsObj($oColItems) Then For $oItem In $oColItems Return $oItem.Disabled = False Next EndIf Return True EndFunc ;==>_IsAdminEnabled Func _RetrieveAdminName() ; Adapted by adrigalilea from http://blogs.technet.com/b/heyscriptingguy/archive/2005/07/22/how-can-i-determine-if-the-local-administrator-account-has-been-renamed-on-a-computer.aspx $strComputer = @ComputerName $objWMIService = ObjGet("winmgmts:\\" & $strComputer & "\root\cimv2") $colAccounts = $objWMIService.ExecQuery("Select * From Win32_UserAccount Where Domain = '" & $strComputer & "'") For $objAccount in $colAccounts If StringLeft ($objAccount.SID, 6) = "S-1-5-" and StringRight($objAccount.SID, 4) = "-500" Then Return ($objAccount.Name) EndIf Next EndFunc ;==>_RetrieveAdminName Working... Edited December 2, 2013 by adrigalilea Link to comment Share on other sites More sharing options...
lordofthestrings Posted December 2, 2013 Share Posted December 2, 2013 check water's AD Functions Au3 or check in a dosbox the "set" command. this gives you the %username% and in Autoit it's a macro ConsoleWrite(@LogonDomain & "\" & @UserName & @CRLF) Link to comment Share on other sites More sharing options...
adrigalilea Posted December 2, 2013 Author Share Posted December 2, 2013 (edited) check water's AD Functions Au3 or check in a dosbox the "set" command. this gives you the %username% and in Autoit it's a macro ConsoleWrite(@LogonDomain & "\" & @UserName & @CRLF) I know the set command, and checking currently the "water's AD Functions Au3", but this command is not what im looking for... i dont want the current user domain nor his name, i want to know the name from the Administrator account in every language have a differnet name by default and i need to know the name of this account on the machine runing the script. OK NVM i got this: strComputer = "." Set objWMIService = GetObject("winmgmts:\\" & strComputer & "\root\cimv2") Set colAccounts = objWMIService.ExecQuery _ ("Select * From Win32_UserAccount Where LocalAccount = TRUE") For Each objAccount in colAccounts If Left (objAccount.SID, 6) = "S-1-5-" and Right(objAccount.SID, 4) = "-500" Then Wscript.Echo objAccount.Name End If Next this is vbs but easy to adapt to autit Thank you @lordofthestrings and nice nick hahaha Edited December 2, 2013 by adrigalilea Link to comment Share on other sites More sharing options...
Gianni Posted December 2, 2013 Share Posted December 2, 2013 you can get members of group administrators:>with WMI or> without WMI Chimp small minds discuss people average minds discuss events great minds discuss ideas.... and use AutoIt.... Link to comment Share on other sites More sharing options...
adrigalilea Posted December 2, 2013 Author Share Posted December 2, 2013 (edited) you can get members of group administrators:>with WMI or> without WMI Thanks, i googled and found that thread too but both methods fails on my needs, since i dont want a list of administrators, plus you cant get "net localgroup administrators" if the name of the group in other language is different too. Thats why i need to know that specific name with the SID or any method that will work in any machine. EDITED:Solution In the first post Edited December 2, 2013 by adrigalilea Link to comment Share on other sites More sharing options...
Solution UEZ Posted December 2, 2013 Solution Share Posted December 2, 2013 (edited) Try this: MsgBox(0, "Test", "Built-in admin account name: " & WMI_GetLocalBuiltInAdminName()) Func WMI_GetLocalBuiltInAdminName($sHost = @ComputerName) ;coded by UEZ 2013 If $sHost = "Localhost" Then $sHost = @ComputerName Local $objWMIService = ObjGet("winmgmts:\\" & $sHost & "\root\cimv2") If @error Then Return SetError (1, 0, 0) Local $colItems = $objWMIService.ExecQuery("Select * FROM Win32_UserAccount WHERE LocalAccount=True AND SID LIKE 'S-1-5-%-500'", "WQL", 0x30), $objItem If IsObj($colItems) Then For $objItem In $colItems Return $objItem.Name Next Else Return SetError (2, 0, 0) ;No WMI objects found for class Win32_UserAccount EndIf EndFunc ;==>WMI_GetLocalBuiltInAdminName Br, UEZ Edited December 2, 2013 by UEZ Please don't send me any personal message and ask for support! I will not reply! Selection of finest graphical examples at Codepen.io The own fart smells best! ✌Her 'sikim hıyar' diyene bir avuç tuz alıp koşma!¯\_(ツ)_/¯ ٩(●̮̮̃•̃)۶ ٩(-̮̮̃-̃)۶ૐ Link to comment Share on other sites More sharing options...
adrigalilea Posted December 2, 2013 Author Share Posted December 2, 2013 Try this: MsgBox(0, "Test", "Built-in admin account name: " & WMI_GetLocalBuiltInAdminName()) Func WMI_GetLocalBuiltInAdminName($sHost = @ComputerName) ;coded by UEZ 2013 If $sHost = "Localhost" Then $sHost = @ComputerName Local $objWMIService = ObjGet("winmgmts:\\" & $sHost & "\root\cimv2") If @error Then Return SetError (1, 0, 0) Local $colItems = $objWMIService.ExecQuery("Select * FROM Win32_UserAccount WHERE LocalAccount=True AND SID LIKE 'S-1-5-%-500'", "WQL", 0x30), $objItem If IsObj($colItems) Then For $objItem In $colItems Return $objItem.Name Next Else Return SetError (2, 0, 0) ;No WMI objects found for class Win32_Group EndIf EndFunc ;==>WMI_GetLocalBuiltInAdminName Br, UEZ Perfect, thank you MR UEZ Link to comment Share on other sites More sharing options...
Recommended Posts
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
Register a new accountSign in
Already have an account? Sign in here.
Sign In Now