Sign in to follow this  
Followers 0
stev379

Renaming local user account

6 posts in this topic

We rename the guest user account when building new servers. The line below works great except if the user account has already been renamed.

The entire script sets a number of OS options...

But it errors on this line if the Guest account has already been renamed or removed. How can error handling be set on this line? I haven't found a good way to enumerate the local accounts in AutoIT to run an if statement.

$oNewUser = $oComputer.MoveHere($oUser.ADsPath, $NewUser)

Snippet

#include <Array.au3>

$oWshNet = ObjCreate("WScript.Network")
$ComputerName = $oWshNet.ComputerName

$OldUser = "Guest"
$NewUser = "guestuser"


$oUser = ObjGet("WinNT://" & $ComputerName & "/" _
                & $OldUser & ",user")


    
$oComputer = ObjGet("WinNT://" & $ComputerName)
; rename user
$oNewUser = $oComputer.MoveHere($oUser.ADsPath, $NewUser)
_SetPW()
        
        
Func _SetPW()
    $NewPW = InputBox("Reset Password", "Enter password here", "", "*", "", 100)    
    Run(@ComSpec & " /C Net User " & $NewUser & " " & $NewPW, "", @SW_MINIMIZE)
    Run(@ComSpec & " /C net user " & $NewUser & " /active:no", "", @SW_MINIMIZE)
EndFunc;_RenameUsr()

Share this post


Link to post
Share on other sites



We handle this through a an Active Directory group policy setting.


[u]Helpful tips:[/u]If you want better answers to your questions, take the time to reproduce your issue in a small "stand alone" example script whenever possible. Also, make sure you tell us 1) what you tried, 2) what you expected to happen, and 3) what happened instead.[u]Useful links:[/u]BrettF's update to LxP's "How to AutoIt" pdfValuater's Autoit 1-2-3 Download page for the latest versions of Autoit and SciTE[quote]<glyph> For example - if you came in here asking "how do I use a jackhammer" we might ask "why do you need to use a jackhammer"<glyph> If the answer to the latter question is "to knock my grandmother's head off to let out the evil spirits that gave her cancer", then maybe the problem is actually unrelated to jackhammers[/quote]

Share this post


Link to post
Share on other sites

We handle this through a an Active Directory group policy setting.

so we do with the local administrator, problem is only, the documents and settings folder name is not beeing renamed to the new name....


das beste Windows Support Forum: Windows 2000 Helpline und tschüss den WindowsfehlernProgrammieren: Autoit 3 - wer braucht noch VBS ?!Programmieren: Autoit 3 Forum?

Share this post


Link to post
Share on other sites

Interesting concept...renaming. We prefer to disable the account as soon as the OS build checks in with the server.

Possibly your concept is stronger security wise; but it takes an Admin to unlock a disabled account.

Share this post


Link to post
Share on other sites

I haven't found a good way to enumerate the local accounts in AutoIT to run an if statement.

Try this from Scriptomatic AutoIT:

; Generated by AutoIt Scriptomatic

$wbemFlagReturnImmediately = 0x10
$wbemFlagForwardOnly = 0x20
$colItems = ""
$strComputer = "localhost"

$Output=""
$Output = $Output & "Computer: " & $strComputer  & @CRLF
$Output = $Output & "==========================================" & @CRLF
$objWMIService = ObjGet("winmgmts:\\" & $strComputer & "\root\CIMV2")
$colItems = $objWMIService.ExecQuery("SELECT * FROM Win32_UserAccount", "WQL", _
                                          $wbemFlagReturnImmediately + $wbemFlagForwardOnly)

If IsObj($colItems) then
   For $objItem In $colItems
      $Output = $Output & "AccountType: " & $objItem.AccountType & @CRLF
      $Output = $Output & "Caption: " & $objItem.Caption & @CRLF
      $Output = $Output & "Description: " & $objItem.Description & @CRLF
      $Output = $Output & "Disabled: " & $objItem.Disabled & @CRLF
      $Output = $Output & "Domain: " & $objItem.Domain & @CRLF
      $Output = $Output & "FullName: " & $objItem.FullName & @CRLF
      $Output = $Output & "InstallDate: " & WMIDateStringToDate($objItem.InstallDate) & @CRLF
      $Output = $Output & "LocalAccount: " & $objItem.LocalAccount & @CRLF
      $Output = $Output & "Lockout: " & $objItem.Lockout & @CRLF
      $Output = $Output & "Name: " & $objItem.Name & @CRLF
      $Output = $Output & "PasswordChangeable: " & $objItem.PasswordChangeable & @CRLF
      $Output = $Output & "PasswordExpires: " & $objItem.PasswordExpires & @CRLF
      $Output = $Output & "PasswordRequired: " & $objItem.PasswordRequired & @CRLF
      $Output = $Output & "SID: " & $objItem.SID & @CRLF
      $Output = $Output & "SIDType: " & $objItem.SIDType & @CRLF
      $Output = $Output & "Status: " & $objItem.Status & @CRLF
      if Msgbox(1,"WMI Output",$Output) = 2 then ExitLoop
      $Output=""
   Next
Else
   Msgbox(0,"WMI Output","No WMI Objects Found for class: " & "Win32_UserAccount" )
Endif


Func WMIDateStringToDate($dtmDate)

    Return (StringMid($dtmDate, 5, 2) & "/" & _
    StringMid($dtmDate, 7, 2) & "/" & StringLeft($dtmDate, 4) _
    & " " & StringMid($dtmDate, 9, 2) & ":" & StringMid($dtmDate, 11, 2) & ":" & StringMid($dtmDate,13, 2))
EndFunc

...by the way, it's pronounced: "JIF"... Bob Berry --- inventor of the GIF format

Share this post


Link to post
Share on other sites

We prefer to disable the account as soon as the OS build checks in with the server.

We do the same thing at work, we disable the admin account and rename the guest account to Administrator and change the description so it look like the real administrator account but with guest rights...


AutoIt Scripts:NetPrinter - Network Printer UtilityRobocopyGUI - GUI interface for M$ robocopy command line

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!


Register a new account

Sign in

Already have an account? Sign in here.


Sign In Now
Sign in to follow this  
Followers 0