White_Rabbit 0 Posted October 3, 2007 Hi. Is there any way to login as administrator on a Windows 2000 Client the remote way? I tried to use PSTools (Sysinternals) but there seems no way to do it. Now I thought that AutoIt may be another way to do it - but how? In other words: is it possible to send "CTRL+ALT+DEL" over the Network and the login as "administrator" anyhow? It would be extremely helpful to execute an autoit-exe via psexec on several machines that way. Can anyone help? Thank you! Share this post Link to post Share on other sites
lordofthestrings 3 Posted October 3, 2007 (edited) enable autologon? @Echo off Echo Enable Autologon administrator ... Title Enable Autologon administrator If not exist %systemdrive%\logfiles\install md %systemdrive%\Logfiles\Install ::"%~dp0autosec" -a "%~dp0Administrator.inf" >> %systemdrive%\logfiles\install\_Staging.log @echo net user Administrator P@ssw0rd007 /add >> %systemdrive%\logfiles\install\_Staging.log net user Administrator P@ssw0rd007 /add >> %systemdrive%\logfiles\install\_Staging.log @echo net localgroup administrators Administrator /add >> %systemdrive%\logfiles\install\_Staging.log net localgroup administrators Administrator /add >> %systemdrive%\logfiles\install\_Staging.log @echo Creating autologon >> %systemdrive%\logfiles\install\_Staging.log REG ADD "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon" /v Defaultusername /d Administrator /t REG_SZ /f REG ADD "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon" /v DefaultDomainName /d %COMPUTERNAME% /t REG_SZ /f REG ADD "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon" /v AutoAdminLogon /d 1 /t REG_SZ /f REG ADD "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon" /v DefaultPassword /d P@ssw0rd007 /t REG_SZ /f Reg delete "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon" /v "AutoLogonCount" /f Reg Query "HKLM" to disable autologon: @Echo off Title Disable Autologon Administrator ... Echo Disable Autologon Administrator If not exist %systemdrive%\logfiles\install md %systemdrive%\Logfiles\Install %~dp0autosec -p >> %systemdrive%\logfiles\install\_Staging.log @echo net user Administrator /del >> %systemdrive%\logfiles\install\_Staging.log net user Administrator /del >> %systemdrive%\logfiles\install\_Staging.log @echo Remove autologon Reg add "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon" /v "DefaultUserName" /d "" /t REG_SZ /f Reg add "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon" /v "AltDefaultUserName" /d "" /t REG_SZ /f Reg add "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon" /v "DefaultDomainName" /d "TPT_DOM" /t REG_SZ /f Reg add "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon" /v "AltDefaultDomainName" /d "TPT_DOM" /t REG_SZ /f Reg add "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon" /v "DefaultPassword" /d "" /t REG_SZ /f Reg add "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon" /v "AutoAdminLogon" /d "0" /t REG_SZ /f Edited October 3, 2007 by lordofthestrings Hide lordofthestrings's signature Hide all signatures Share this post Link to post Share on other sites
White_Rabbit 0 Posted October 3, 2007 does that mean that you have to restart between these two scripts? would be a possible way then... Share this post Link to post Share on other sites
lordofthestrings 3 Posted October 3, 2007 well you enable autologon, you execute what you wish (execute locally or from a network share) reboot all you want, when you're done, you disable autologon and PC is back to normal... if you need help with this setup, please ask.. if I can help I would like to.. Hide lordofthestrings's signature Hide all signatures Share this post Link to post Share on other sites
White_Rabbit 0 Posted October 3, 2007 that is great! It's easy to add some lines to the script like Run("rundll Shell32.dll,SHExitWindowsEx 4") and it should reboot automatically, right? The psexec is easy then, too. Thanks! Share this post Link to post Share on other sites
lordofthestrings 3 Posted October 3, 2007 to reboot you could do many things - shutdown -r -t 0 (windows XP and 2003) - psshutdown (pstools) - Shutdown ( code ) (AutoIt) - unplug power cable and put it back in PC (not easily done in AutoIt) where did you come across that funky rundll reboot command? Hide lordofthestrings's signature Hide all signatures Share this post Link to post Share on other sites
White_Rabbit 0 Posted October 3, 2007 hehe -- look here:http://www.google.de/search?hl=de&q=ru...Suche&meta= Share this post Link to post Share on other sites
White_Rabbit 0 Posted October 3, 2007 another question before I test your script: Does it run on Windows 2000 Clients? Does it run in a domain? (Just to be sure as you "net user /del" the Administrator...) Share this post Link to post Share on other sites
lordofthestrings 3 Posted October 3, 2007 1) run on 2000 : I suppose so, please use a test PC.. One that you can use to test what you want. I would advise you to always test on a testPC, under VMWare or whatever. I've seen people get fired for less.. 2) net user Username /del = local SAM account net user /del /domain (or /DOM or /DO) = on domain controller (domain account) (be carefull not to delete administrator /DOMAIN) :-) Hide lordofthestrings's signature Hide all signatures Share this post Link to post Share on other sites
