Does a user exist , If not create one

[Docfxit]

I'd like to know if a user exists.  If it doesn't I'd like to create one.

This script doesn't get to the msgbox on line 24 if the user does exist.

; This script will add a user
;~^~^~^~^~^~^~^~^~^~^~^~^~^~^~^~^~^~^~^~^~^
; Please be caucus:  This WILL add a user to your system
;
;~^~^~^~^~^~^~^~^~^~^~^~^~^~^~^~^~^~^~^~^~^

_NetUser('UserID', 'Password')

; Add User Accounts
Func _NetUser($sName, $sPassword = '', $sGroupName = 'Administrators', $iAutoLogon = 0)
    ; Creates user accounts. Only 1 user can have autologon, if set.
    If Not FileExists(EnvGet('AllUsersProfile') & '\..\' & $sName) Then
        RunWait(@ComSpec & ' /c ' & _
                'Net User ' & $sName & ' ' & $sPassword & ' /add &&' & _
                'Net LocalGroup ' & $sGroupName & ' ' & $sName & ' /add &' & _
                'Net Accounts /MaxPwAge:UnLimited', '', @SW_HIDE)
        If $iAutoLogon Then
            Local $sRegKey = 'HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon'
            RegWrite($sRegKey, 'DefaultUserName', 'Reg_sz', $sName)
            RegWrite($sRegKey, 'DefaultPassword', 'Reg_sz', $sPassword)
            RegWrite($sRegKey, 'AutoAdminLogon', 'Reg_sz', 1)
        EndIf
    Else
        MSGBOX(0, "", "User " & $sName & "Exists"
EndIf
EndFunc   ;==>_NetUser

Thank you,

Docfxit

[jguinch]

Here is a simple way to check if a local user exists, without having to search for a profile path (which is also not necessarily present) :

If _UserExists("jerome") Then
    MsgBox(0, "", "user exists")
Else
    MsgBox(16, "", "user does not exist")
EndIf

Func _UserExists($sUsername)
    Return IsObj( ObjGet("WinNT://./" & $sUsername & ", user") )
EndFunc

Note you can find on the forum some functions that avoid the use of external commands such as "net user / group ..." : '?do=embed' frameborder='0' data-embedContent>>

Edited October 29, 2014 by jguinch

[Docfxit]

Thank you very much.

That is a great help.

Docfxit

[undee]

Hello to everybody,

 

this function is nearly what I was looking for. Unfortunately it does check only if a user exists, but not if it is active. How can I realize that also?

Thank you very much!!!

[Nikolas92]

Undie, try this:

If _UserExistsAndActive(@UserName) Then
    MsgBox(0, "", "user exists")
Else
    MsgBox(16, "", "user does not exist")
EndIf

Func _UserExistsAndActive($sUsername)
   If not IsObj(ObjGet("WinNT://./" & $sUsername & ", user")) or $sUsername <> @UserName Then Return False
   Return True
EndFunc

 

[spudw2k]

I assume, @undee, by active you mean not disabled, right?   Here's how I would do it.
 

$sUserName = "Guest"
$bAccountIsActive = _IsLocalUserActive($sUserName)
Msgbox(0,$sUserName & " is active",$bAccountIsActive)

Func _IsLocalUserActive(ByRef $sUserName)
    ;Get User Object
    $oUser = _GetUser($sUserName)
    ;Get User Object AccountDisabled Property
    Local $bResult = _IsUserDisabled($oUser)
    ;Close User Object
    $oUser = 0
    ;If $bResult is Not Boolean (error condition) Return -1 and Set Error
    If Not IsBool($bResult) Then Return SetError(1,0,-1)
    ;If User Account is Disabled Return False, else Return True
    Return ($bResult = True ? False : True)
EndFunc

Func _GetUser(ByRef $sUserName, $sServer = @ComputerName)
    ;Get WinNT User Object
    Local $oUser = ObjGet("WinNT://" & $sServer & "/" & $sUserName & ", user")
    ;If WinNT User Object not valid, Return -1 and Set Error, else Return User Object
    If IsObj($oUser) Then
        Return $oUser
    Else
        SetError(@error,0,-1)
    EndIf
EndFunc

Func _IsUserDisabled(ByRef $oUser)
    ;Return @error is not valid User Object
    If Not IsObj($oUser) Then Return SetError(1,0,-1)
    ;Return User Object AccountDisabled property value
    Return $oUser.AccountDisabled
EndFunc

 

 

[undee]

Hi spudw2k,

 

that's what I was looking for, thank you very much!

Next step was to activate the user if it's no active already. Tried to manage it like this:

$admin_user = "administrator"
$admin_pass = "his_password"
$install_user = "another_user_that_is_admin_and_active_for_sure"
; install_user has same pass as administrator user

if _IsLocalUserActive("administrator") <> "True" then
  $command = "net user "&$admin_user&" "&$admin_pass&" /active:yes"
  $result = RunAsWait($install_user,@ComputerName,$admin_pass,0,@ComSpec & " /c " & $command)
EndIf

I don't get any error message but the administrator user remains disabled, what's wrong with my script? 

[spudw2k]

Firstly, I suspect you need to run the script elevated in order for the WinNT provider code to function.

What is the value of $result after you execute the RunAsWait function?

Are you sure you need to provide the password in the $command string you are executing?  You can also change @comspec /c to @comspec /k to keep the window open in case there is some useful output you may be missing if it executes and closes to quickly to see it.

Also, I believe you can set the AccountDisabled property of the account using the WinNT provider, similar to how I used it to "get" the current state of the account.

i.e.

;untested

Func _EnableUser(ByRef $oUser)
    ;Return @error is not valid User Object
    If Not IsObj($oUser) Then Return SetError(1,0,-1)
    ;Set AccountDisabled property to False and Return
    Return $oUser.AccountDisabled = False
EndFunc

Might be worth playing with, unless you absolutely need to enable the account with a "different admin" user like you are with the RunAsWait command.  Just keep in mind, in the _IsLocal... function I put together, I close the $oUser object before analyzing the state of the account, so you'll want to modify accordingly.

Also...I can't stress enough, it is not a good practice to embed user account username and passwords (especially admin permissions ones) in a script.  You might want to consider storing the password external to the script and preferably encrypted; or just run the script with a proper, elevated account and avoid storing any account credentials unnecessarily.