adding a user to all servers ( local user) - KiXtart.org

You are not logged in. [Log In] KiXtart.org website » Forums » KiXtart » Basic Scripting » adding a user to all servers ( local user)

Page 1 of 1

Topic Options

#114564 - 2004-02-22 10:17 AM adding a user to all servers ( local user)
juanbabi juanbabi Fresh Scripter Registered: 2004-02-09 Posts: 15	Hi !! I need to write a script that will run on all the servers in my domain . the script needs to create a local user name test and pass 1234 with admin rights.I looked for an adduser or something close in the manual and didnt find any thing.can some one just tell me the direction ( the initial command that my script will be based upon ?) ,I also search this site and didnt found a clue... thanks
Top

#114565 - 2004-02-22 02:32 PM Re: adding a user to all servers ( local user)
Co Co MM club member Registered: 2000-11-20 Posts: 1342 Loc: NL	Maybe this can help you.... Automating Updates to Local Groups on Member Servers AddUsers Automates Creation of a Large Number of Users _________________________ Co
Top

#114566 - 2004-02-22 04:46 PM Re: adding a user to all servers ( local user)
Howard Bullock Howard Bullock KiX Supporter Registered: 2000-09-15 Posts: 5809 Loc: Harrisburg, PA USA	Quote: Creating Users on Member Servers and Windows 2000 Professional [This is preliminary documentation and subject to change.] To create a user on a member server or computer running Windows 2000 Professional Bind to the computer using the following rules: Use an account that has sufficient rights to access that computer. Use the following binding string format using the WinNT provider, computer name, and an extra parameter to tell ADSI that it is binding to a computer: <a href="WinNT://sComputerName" target="_blank">WinNT://sComputerName</a>, computer where sComputerName is the name of the computer who groups you want to access. In the binding string, the ",computer" parameter tells ADSI that it is binding to a computer and allows the WinNT: provider's parser to skip some ambiguity resolution queries to determine what type of object you are binding to. Bind to the IADsContainer interface. Specify "user" as the class using IADsContainer::Create to add the user. Write the user to the computer's security database using IADs::SetInfo. This code should work but is currently giving me an error on my computer. Maybe I screwed something up... Your mileage may vary... Code: break On $Server = "Bullockha" $oComputer = GetObject("WinNT://" + $Server + ",computer") ? ConvertCOMerror(@error) $oUser = $oComputer.Create("user", "MyNewUser") ? ConvertCOMerror(@error) $oUser.SetPassword("NewPassword") ? ConvertCOMerror(@error) $oUser.SetInfo ? ConvertCOMerror(@error) Function ConvertCOMerror($error) $error = val("&"+Right(DecToHex($error),4)) ? "Error: $error" shell "net helpmsg $error" Endfunction [edit] The problem was that we enforce STRONG passwords via policy and "NewPassword" did not meet those requirements. $oUser.SetPassword("NewPassword2") made the program work. [/edit] Edited by Howard Bullock (2004-02-22 04:48 PM) _________________________ Home page: http://www.kixhelp.com/hb/
Top

#114567 - 2004-02-22 05:42 PM Re: adding a user to all servers ( local user)
Les Les KiX Master Registered: 2001-06-11 Posts: 12734 Loc: fortfrances.on.ca	Quote: I need to write a script that will run on all the servers in my domain Why does it it have to run on every server? Would it not be adequate to run on one admin wksta and touch every server? This could be easily done as well with the cusrmgr.exe reskit util. _________________________ Give a man a fish and he will be back for more. Slap him with a fish and he will go away forever.
Top

#114568 - 2004-02-22 06:55 PM Re: adding a user to all servers ( local user)
AndyD AndyD Fresh Scripter Registered: 2001-11-26 Posts: 17	sniff sniff yuk...smells fishy in here ! :-/ _________________________ AndyD England, UK.
Top

#114569 - 2004-02-22 07:39 PM Re: adding a user to all servers ( local user)
Sealeopard Sealeopard KiX Master Registered: 2001-04-25 Posts: 11165 Loc: Boston, MA, USA	Quote: sniff sniff yuk...smells fishy in here ! :-/ Would you mind explaining this extremely constructive comment? juanbabi: Why not add a domain group to the local server with admin privs. Then you have to add the user to just the group and e.g. password management will be extremely simplified. _________________________ There are two types of vessels, submarines and targets.
Top

#114570 - 2004-02-22 09:30 PM Re: adding a user to all servers ( local user)
Co Co MM club member Registered: 2000-11-20 Posts: 1342 Loc: NL	Maybe Andy thinks it is normal behaviour on this Board.. Open a 2nd cmd prompt Edited by Co (2004-02-22 09:41 PM) _________________________ Co
Top

#114571 - 2004-02-23 01:29 AM Re: adding a user to all servers ( local user)
AndyD AndyD Fresh Scripter Registered: 2001-11-26 Posts: 17	Quote: Quote: sniff sniff yuk...smells fishy in here ! :-/ Would you mind explaining this extremely constructive comment? I do not think for one minute that you are nieve enough to not think that such a loosly worded question about adding an admin user to servers isn't just ever so slightly dubious (fishy) ? Especially when a user only needs to be added to one server in a domain, thanx to replication. I work with education networks and consider anything on that line of questioning from unknowns to be treated very cautiously. If you don't think much to my sense of humour.....tough....I'm not going to appologise because some of you are anally retentive ! For God's sake smile ...lighten up a bit...I can't believe you are all sun fearing geeks !? Edited by AndyD (2004-02-23 01:32 AM) _________________________ AndyD England, UK.
Top

#114572 - 2004-02-23 04:27 AM

Re: adding a user to all servers ( local user)

NTDOC

Administrator

Registered: 2000-07-28
Posts: 11631
Loc: CA

Well here is something I came up with which is quite similar to Howards

But mine also adds the new user to the local Administrators group as well which is what I think you also asked for.

NOTE: - ANDY
I would typically agree with you about showing noobies how to circumvent security, but this code does not do that.
The person running this script MUST already have local Administrative rights on the system there attempting to add a user to otherwise this script will fail.

Code:

Debug Off
Break On
Dim $iRC
$iRC=SetOption('Explicit','On')
$iRC=SetOption('NoVarsInStrings','On')
Dim $NewUser
$NewUser = CreateUser('NameOfComputer','johndoe','1234')

Function CreateUser($Remote,$Name,$Password)
Dim $System,$NewUser,$Group,$User
$System  = GetObject("WinNT://" + $Remote + ",Computer")
$NewUser = $System.Create("User", $Name)
$NewUser.SetPassword($Password)
$NewUser.SetInfo
fnCOMErr(@ERROR)
? 'Account creation: ' +@ERROR +" : " +@SERROR
$Group = GetObject("WinNT://" + $Remote + "/Administrators,Group")
$User  = GetObject("WinNT://" + $Remote + "/"+$Name+",User")
$Group.Add($User.ADsPath)
fnCOMErr(@ERROR)
? 'Add to Admin Group: ' +@ERROR +" : " +@SERROR
EndFunction

Function fnCOMErr($lErr)
If $lErr<0 $lErr=VAL("&"+Right(DecToHex($lErr),4)) EndIf
Exit $lErr
Endfunction

Top

#114573 - 2004-02-23 07:44 AM Re: adding a user to all servers ( local user)
NTDOC NTDOC Administrator Registered: 2000-07-28 Posts: 11631 Loc: CA	You could also read from an array or a text file if you wanted to run this against multiple machines at the same time.
Top

Page 1 of 1

Previous Topic View All Topics

Index Next Topic

Moderator: Jochen, Allen, Radimus, Glenn Barnas, ShaneEP, Ruud van Velsen, Arend_, Mart

Hop to:

Shout Box

Search the board with:
superb Board Search
or try with google:

	Web kixtart.org