Jump to content

Unlocking local account

exodius

By exodius,
in AutoIt General Help and Support

 Share

Recommended Posts

  • Developers
Jos Universalist

Jos

Posted
  • Developers
Posted

Anyone know of a way with AutoIt to unlock a local admin account (assuming that you yourself have admin privleges) without doing it the manual way (through the control panel)?

$oMyError = ObjEvent("AutoIt.Error", "ComError")
; Get Admin UserID
$objWMIService = objGet( "winmgmts:{impersonationLevel=impersonate}!//"  & @ComputerName & "/root/cimv2")
$oUserAccounts = $objWMIService.ExecQuery("Select Name, SID from Win32_UserAccount WHERE Domain = '" & @ComputerName & "'")
For $oUserAccount In $oUserAccounts
    If StringLeft($oUserAccount.SID, 9) = "S-1-5-21-" And _
        StringRight($oUserAccount.SID, 4) = "-500" Then
        ExitLoop
    Endif
Next
; Check disabled
ConsoleWrite('Administrator account:' & $oUserAccount.Name & @lf )
Local $objNetwork = ObjCreate("Wscript.Network")
$objUser = ObjGet("WinNT://" & @ComputerName & "/" & $oUserAccount.Name & ",user")
If $objUser.AccountDisabled Then 
    $objUser.AccountDisabled=0
    $objUser.SetInfo
    ConsoleWrite("Admin account enabled" & @lf)
EndIf
;
Func ComError()
    If IsObj($oMyError) Then
        $HexNumber = Hex($oMyError.number, 8)
        SetError($HexNumber)
        ConSoleWrite("Com Error:" & $HexNumber)
        ConSoleWrite("  ,Line:" & $oMyError.scriptline)
        ConSoleWrite("  ,LastDllErrc:" & $oMyError.lastdllerror)
        ConSoleWrite("  ,Desc:" & $oMyError.description)
        ConSoleWrite("  ,WinDesc:" & $oMyError.windescription)
        ConSoleWrite(@CRLF)
    Else
        SetError(1)
    EndIf
    Return 0
EndFunc   ;==>ComError

SciTE4AutoIt3 Full installer Download page   - Beta files       Read before posting     How to post scriptsource   Forum etiquette  Forum Rules 
 
Live for the present,
Dream of the future,
Learn from the past.  :)

Link to comment
Share on other sites
  • Developers
Jos Universalist

Jos

Posted
  • Developers
Posted (edited)

I doubt any program has access to that. I cannot see why Microsoft would allow that. It could be very dangerous.

Don't understand why that would be... When you have admin rights to the BOX then you should be able to do anything .... :lmao: Edited by JdeB

SciTE4AutoIt3 Full installer Download page   - Beta files       Read before posting     How to post scriptsource   Forum etiquette  Forum Rules 
 
Live for the present,
Dream of the future,
Learn from the past.  :)

Link to comment
Share on other sites
exodius Universalist

exodius

Posted
  • Author
Posted (edited) 

$oMyError = ObjEvent("AutoIt.Error", "ComError")
; Get Admin UserID
$objWMIService = objGet( "winmgmts:{impersonationLevel=impersonate}!//"  & @ComputerName & "/root/cimv2")
$oUserAccounts = $objWMIService.ExecQuery("Select Name, SID from Win32_UserAccount WHERE Domain = '" & @ComputerName & "'")
For $oUserAccount In $oUserAccounts
    If StringLeft($oUserAccount.SID, 9) = "S-1-5-21-" And _
        StringRight($oUserAccount.SID, 4) = "-500" Then
        ExitLoop
    Endif
Next
; Check disabled
ConsoleWrite('Administrator account:' & $oUserAccount.Name & @lf )
Local $objNetwork = ObjCreate("Wscript.Network")
$objUser = ObjGet("WinNT://" & @ComputerName & "/" & $oUserAccount.Name & ",user")
If $objUser.AccountDisabled Then 
    $objUser.AccountDisabled=0
    $objUser.SetInfo
    ConsoleWrite("Admin account enabled" & @lf)
EndIf
; Check if locked 
If $objUser.IsAccountLocked Then 
    $objUser.IsAccountLocked=0
    $objUser.SetInfo
    ConsoleWrite("Admin account unlocked" & @lf)
EndIf
;
Func ComError()
    If IsObj($oMyError) Then
        $HexNumber = Hex($oMyError.number, 8)
        SetError($HexNumber)
        ConSoleWrite("Com Error:" & $HexNumber)
        ConSoleWrite("  ,Line:" & $oMyError.scriptline)
        ConSoleWrite("  ,LastDllErrc:" & $oMyError.lastdllerror)
        ConSoleWrite("  ,Desc:" & $oMyError.description)
        ConSoleWrite("  ,WinDesc:" & $oMyError.windescription)
        ConSoleWrite(@CRLF)
    Else
        SetError(1)
    EndIf
    Return 0
EndFunc   ;==>ComError
Thanks for the reply JdeB, that works if the account is disabled, how about if the account is enabled but is simply locked out from trying it too many times? Edited by JdeB
Link to comment
Share on other sites
  • Developers
Jos Universalist

Jos

Posted
  • Developers
Posted (edited)

Thanks for the reply JdeB, that works if the account is disabled, how about if the account is enabled but is simply locked out from trying it too many times?

Untested but should be close:

If $objUser.IsAccountLocked Then 
    $objUser.IsAccountLocked=0
    $objUser.SetInfo
    ConsoleWrite("Admin account unlocked" & @lf)
EndIf
Edited by JdeB

SciTE4AutoIt3 Full installer Download page   - Beta files       Read before posting     How to post scriptsource   Forum etiquette  Forum Rules 
 
Live for the present,
Dream of the future,
Learn from the past.  :)

Link to comment
Share on other sites
  • Developers
Jos Universalist

Jos

Posted
  • Developers
Posted (edited)

That's so awesome JdeB, I tried changing your first post to something similar but I guess I didn't have it right. Thanks!

YW.. updated the first post with the addition...

Edited by JdeB

SciTE4AutoIt3 Full installer Download page   - Beta files       Read before posting     How to post scriptsource   Forum etiquette  Forum Rules 
 
Live for the present,
Dream of the future,
Learn from the past.  :)

Link to comment
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
 Share
Go to topic listing

  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...