DaGbyte

Multiple flags in creating local user account

6 posts in this topic

I have a script that creates a local user account. I'm trying to set 2 flags at one and am having a hard time. When I run it like this, it doesn't set any flags. I've tried adding or, and a fre others, but the syntax is wrong. Any ideas?

As an aside - if the account already exists, is there an easy way to force to update the account with the settings?

 

$ProgVer = "Disable Admin v 1.00"

;Set variables
$wShell = ObjCreate( "WScript.Shell" )
$sComputerName = @ComputerName
Const $ADS_UF_PASSWD_CANT_CHANGE = 0X40
Const $ADS_UF_DONT_EXPIRE_PASSWD = 0X10000

;Disable Guest account
$oUser = ObjGet("WinNT://" & $sComputerName & "/Guest")
$oUser.AccountDisabled=True
$oUser.SetInfo

;Disable Administrator account
$oUser = ObjGet("WinNT://" & $sComputerName & "/Administrator")
$oUser.AccountDisabled=True
$oUser.SetInfo

; Check if account exists .. if not create it
$oUser = ObjGet("WinNT://" & $sComputerName & "/PCAdmin")
If @Error then
    $colAccounts = ObjGet("WinNT://" & $sComputerName & "")
    $oUser = $colAccounts.Create("user", "PCadmin")
    $oUser.SetPassword ("password")
    $oUser.Put ("Fullname", "PCadmin")
    $oUser.Put ("UserFlags", $ADS_UF_PASSWD_CANT_CHANGE or $ADS_UF_DONT_EXPIRE_PASSWD)
    $oUser.SetInfo
EndIf

;Add PCAdmin into admin group
$oGroup = ObjGet("WinNT://" & $sComputerName & "/Administrators,group")
$oUser = ObjGet("WinNT://" & $sComputerName & "/PCAdmin,user")
$oGroup.Add($oUser.ADsPath)

Exit

 

Share this post


Link to post
Share on other sites



Seems like a lot of code for a 4 line script.

#RequireAdmin
Run('net user PCadmin password /add /fullname:"PCadmin" /expires:never /passwordchg:no') ; create the user account and set the password, don't allow it to be changed by the user
Run('net localgroup administrators PCadmin /add') ; add the account to the administrators group
Run("wmic USERACCOUNT Where Name='PCadmin' SET PasswordExpires=False") ; set the password to never expire.

Whether the account already exists or not, this will make sure it's set correctly. If it already exists, the first Run command will cause a non-fatal error. The quotation marks may need to be tweaked, I haven't tested this from AutoIt, but it's what I use in a batch file to do the same thing.


If I posted any code, assume that code was written using the latest release version unless stated otherwise. Also, if it doesn't work on XP I can't help with that because I don't have access to XP, and I'm not going to.
Give a programmer the correct code and he can do his work for a day. Teach a programmer to debug and he can do his work for a lifetime - by Chirag Gude
How to ask questions the smart way!

I hereby grant any person the right to use any code I post, that I am the original author of, on the autoitscript.com forums, unless I've specifically stated otherwise in the code or the thread post. If you do use my code all I ask, as a courtesy, is to make note of where you got it from.

Back up and restore Windows user files _Array.au3 - Modified array functions that include support for 2D arrays.  -  ColorChooser - An add-on for SciTE that pops up a color dialog so you can select and paste a color code into a script.  -  Customizable Splashscreen GUI w/Progress Bar - Create a custom "splash screen" GUI with a progress bar and custom label.  -  _FileGetProperty - Retrieve the properties of a file  -  SciTE Toolbar - A toolbar demo for use with the SciTE editor  -  GUIRegisterMsg demo - Demo script to show how to use the Windows messages to interact with controls and your GUI.  -   Latin Square password generator

Share this post


Link to post
Share on other sites

the + worked like a charm, thanks!

@BrewManNH - I was hoping to avoid using external commands or programs. Of course those would work, but since I am passing passwords and usernames, I'd like to minimize the potential, however slight, of passing them to an external object.

It would be helpful if there was a user function I could use instead - maybe there is - I'll check ;)

 

Share this post


Link to post
Share on other sites

How do you think the Objects are getting the information, magic? Your script isn't secure, so nothing you do will make it any securer, you aren't going to win that battle.


If I posted any code, assume that code was written using the latest release version unless stated otherwise. Also, if it doesn't work on XP I can't help with that because I don't have access to XP, and I'm not going to.
Give a programmer the correct code and he can do his work for a day. Teach a programmer to debug and he can do his work for a lifetime - by Chirag Gude
How to ask questions the smart way!

I hereby grant any person the right to use any code I post, that I am the original author of, on the autoitscript.com forums, unless I've specifically stated otherwise in the code or the thread post. If you do use my code all I ask, as a courtesy, is to make note of where you got it from.

Back up and restore Windows user files _Array.au3 - Modified array functions that include support for 2D arrays.  -  ColorChooser - An add-on for SciTE that pops up a color dialog so you can select and paste a color code into a script.  -  Customizable Splashscreen GUI w/Progress Bar - Create a custom "splash screen" GUI with a progress bar and custom label.  -  _FileGetProperty - Retrieve the properties of a file  -  SciTE Toolbar - A toolbar demo for use with the SciTE editor  -  GUIRegisterMsg demo - Demo script to show how to use the Windows messages to interact with controls and your GUI.  -   Latin Square password generator

Share this post


Link to post
Share on other sites

If those flags are set on an account with the string 'admin' in the name, you don't care about security.


,-. .--. ________ .-. .-. ,---. ,-. .-. .-. .-.
|(| / /\ \ |\ /| |__ __||| | | || .-' | |/ / \ \_/ )/
(_) / /__\ \ |(\ / | )| | | `-' | | `-. | | / __ \ (_)
| | | __ | (_)\/ | (_) | | .-. | | .-' | | \ |__| ) (
| | | | |)| | \ / | | | | | |)| | `--. | |) \ | |
`-' |_| (_) | |\/| | `-' /( (_)/( __.' |((_)-' /(_|
'-' '-' (__) (__) (_) (__)

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!


Register a new account

Sign in

Already have an account? Sign in here.


Sign In Now