Add user to admin group on remote client - KiXtart.org

You are not logged in. [Log In] KiXtart.org website » Forums » KiXtart » Basic Scripting » Add user to admin group on remote client

Page 1 of 1

Topic Options

#157277 - 2006-02-15 08:40 PM Add user to admin group on remote client
1984 1984 Starting to like KiXtart Registered: 2003-08-14 Posts: 150	Hey all kix fans A Q to u gurus: Is there a way to add a "user account" to a "Remote" machines local administrators gruop? I think the DOS net command works only on local machine. Code: net localgroup administrators domain\userid /add Any clever way? (Not via logonscript) _________________________ "... Great minds talk about idea' s, average minds talk about events and samll minds talks about people...!"
Top

#157278 - 2006-02-15 09:31 PM Re: Add user to admin group on remote client
Les Les KiX Master Registered: 2001-06-11 Posts: 12734 Loc: fortfrances.on.ca	cusrmgr.exe can do it remotely _________________________ Give a man a fish and he will be back for more. Slap him with a fish and he will go away forever.
Top

#157279 - 2006-02-15 09:43 PM

Re: Add user to admin group on remote client

NTDOC

Administrator

Registered: 2000-07-28
Posts: 11631
Loc: CA

Function AddToLocalAdmin($Computer,$GroupToAddTo,$Domain,optional $GroupToAdd,optional $AccountToAdd)
  Dim $Group,$User,$Admin,$Err
  $Group   = GetObject('WinNT://' + $Computer +  '/' + $GroupToAddTo + ',group')
  If $GroupToAdd<>""
    $User  = GetObject('WinNT://' + $Domain + '/' + $GroupToAdd + ',group')
  EndIf
  If $AccountToAdd<>""
    $User  = GetObject('WinNT://' + $Domain + '/' + $AccountToAdd + ',user')
  EndIf
  $Group.Add($User.ADsPath)
  $Err = @ERROR
  $AddToLocalAdmin=$Err
EndFunction

Edited by NTDOC (2006-02-15 09:44 PM)

Top

#157280 - 2006-02-15 10:28 PM

Re: Add user to admin group on remote client

Benny69 Offline

Moderator

Registered: 2003-10-29
Posts: 1036
Loc: Lincoln, Ne

if you have to create the local user account you might try something like:
Code:


;Password Is NOT Compliant with the System Password Complexity Policy

;The information in this article applies to:
;Microsoft Windows 2000 Server
;Microsoft Windows 2000 Advanced Server
;Microsoft Windows 2000 Professional
;Microsoft Small Business Server 2000

;This article was previously published under Q279890 

;SYMPTOMS:
;If the administrator generates passwords For a user through the Add User Wizard,
;it may NOT meet the requirements that are Set by the System Password Complexity
;policy but they may be accepted anyway. The same behavior can occur If the administrator
;attempts to specify the Password For a user. 

;CAUSE:
;This behavior occurs because the Password is NOT compliant with the System Password
;Complexity policy. The Passfilt.dll file implements the following Password policy: 
	
   ;Passwords must be AT least SIX or EIGHT characters long.
      ;(Check your local password policies)
   ;Passwords may NOT contain your user name OR any part of your full name.
   ;Passwords must contain characters from AT least three of the following four classes:

      ;Description Examples: 
      ;English upper Case letters A, B, C, ... Z 
      ;English lower Case letters a, b, c, ... z 
      ;Westernized Arabic numerals 0, 1, 2, ... 9 
      ;Non-alphanumeric ("special characters") Punctuation marks AND other symbols 

;These requirements are hard-coded in the Passfilt.dll file AND cannot be changed
;through the user interface OR registry. If you want to change these requirements,
;you must write your own .dll AND implement it in the same way as the Microsoft
;version that is available with Windows NT 4.0 Service Pack 2. 

;WORKAROUND:
;To work around this behavior, as the administrator, when you Use the Add User Wizard,
;Select the I will specify user's password option, and then type in a password that
;meets the System Password Complexity policy requirements.

$Computer = "Dclnwpurch"
$NewUser = "TUser"
$NewPassword = "ABcd12!@"
$Group = "Administrators"
$FullName = "Test User"
$Domain = "DCL"

CreateLocalUserAccount ($Computer,$Domain,$NewPassword,$NewUser,$FullName,$Group)

Function CreateLocalUserAccount ($Computer,$Domain,$NewPassword,$NewUser,$FullName,$Group)

   $Accounts = GetObject("WinNT://" + $Domain + "/" + $Computer + ",Computer")
   $User = $Accounts.Create("user", $NewUser)
   $SetUserPassword = $User.ChangePassword("", $NewPassword)
   $User.SetPassword ($NewPassword)
   $User.Put ("FullName", $FullName)
   $User.Put ("Description", "Script Automated Discription")
   $User.Put ("HomeDirDrive", "T")
   $User.Put ("HomeDirectory", "C:\Users\" + $NewUser)
   $User.Put ("Profile", "C:\Profiles\" + $NewUser)
   $User.Put ("LoginScript", "C:\Scripts\logonscript.exe")
   $User.SetInfo
   
   AddUserToLocalGroup ($Computer,$NewUser,$Group)

EndFunction

Function AddUserToLocalGroup ($Computer,$NewUser,$Group)

   $objGroup = GetObject("WinNT://" + $Computer + "/" + $Group + ",group")
   $objUser = GetObject("WinNT://" + $Computer + "/" + $NewUser + ",user")
   $objGroup.Add($objUser.ADsPath)

EndFunction

_________________________
Wait don't order yet,... get KiXforms Designer .NET 2.0 (Beta)
KiXforms Designer .NET 2.0 (Beta)

Top

#157281 - 2006-02-16 10:21 PM Re: Add user to admin group on remote client
Howard Bullock Howard Bullock KiX Supporter Registered: 2000-09-15 Posts: 5809 Loc: Harrisburg, PA USA	You can also use AddToAdmin.exe at http://home.comcast.net/~habullock/Perlutilities.htm _________________________ Home page: http://www.kixhelp.com/hb/
Top

#157282 - 2006-02-21 06:44 PM Re: Add user to admin group on remote client
1984 1984 Starting to like KiXtart Registered: 2003-08-14 Posts: 150	Thanx dudes... Well, the create user part works fine... But got error "-2147352567" on AddToLocalAdmin function. ...and the AddUserToLocalGroup seems not doing anything. no error. any clue, whats going on? _________________________ "... Great minds talk about idea' s, average minds talk about events and samll minds talks about people...!"
Top

#157283 - 2006-02-21 06:57 PM Re: Add user to admin group on remote client
Benny69 Benny69 Moderator Registered: 2003-10-29 Posts: 1036 Loc: Lincoln, Ne	does the user account(Administrator) that is being used to create the new user and or add the user to the admin group have admin priv on the domain and on the PC? _________________________ Wait don't order yet,... get KiXforms Designer .NET 2.0 (Beta) KiXforms Designer .NET 2.0 (Beta)
Top

#157284 - 2006-02-21 07:15 PM

Re: Add user to admin group on remote client

1984

Starting to like KiXtart

Registered: 2003-08-14
Posts: 150

yeap ... otherwise it could'nt create the account in first place.

The problem is in the secound part when it tries to add the created account to local admin gruop.

Code:



$Computer = "192.168.0.10"
$NewUser = "David"
$NewPassword = "passwd"
$Group = "Administrators"
$FullName = "David J"
$Domain = "Home"



CreateLocalUserAccount ($Computer,$Domain,$NewPassword,$NewUser,$FullName,$Group)

Function CreateLocalUserAccount ($Computer,$Domain,$NewPassword,$NewUser,$FullName,$Group)

   $Accounts = GetObject("WinNT://" + $Domain + "/" + $Computer + ",Computer")
   $User = $Accounts.Create("user", $NewUser)
   $SetUserPassword = $User.ChangePassword("", $NewPassword)
   $User.SetPassword ($NewPassword)
   $User.Put ("FullName", $FullName)
   $User.SetInfo
   
   AddUserToLocalGroup ($Computer,$NewUser,$Group)

EndFunction


Function AddUserToLocalGroup ($Computer,$NewUser,$Group)

   $objGroup = GetObject("WinNT://" + $Computer + "/" + $Group + ",group")
   $objUser = GetObject("WinNT://" + $Computer + "/" + $NewUser + ",user")
   $objGroup.Add($objUser.ADsPath)

EndFunction

_________________________
"... Great minds talk about idea' s, average minds talk about events and samll minds talks about people...!"

Top

#157285 - 2006-02-21 08:37 PM Re: Add user to admin group on remote client
Benny69 Benny69 Moderator Registered: 2003-10-29 Posts: 1036 Loc: Lincoln, Ne	what is the OS on the: machine runing the script & machine the account is bing created on what is the ver of KiXtart on the machine running the script? Edited by benny69 (2006-02-21 08:40 PM) _________________________ Wait don't order yet,... get KiXforms Designer .NET 2.0 (Beta) KiXforms Designer .NET 2.0 (Beta)
Top

#157286 - 2006-02-21 11:57 PM Re: Add user to admin group on remote client
1984 1984 Starting to like KiXtart Registered: 2003-08-14 Posts: 150	Windows 2000 SP4 on both machines. KiXtart v4.51 (KiXtart 2010) _________________________ "... Great minds talk about idea' s, average minds talk about events and samll minds talks about people...!"
Top

#157287 - 2006-02-22 12:21 AM Re: Add user to admin group on remote client
Benny69 Benny69 Moderator Registered: 2003-10-29 Posts: 1036 Loc: Lincoln, Ne	delete the user 'David' try this for a password: Code: $NewPassword = "ABcd12!@" and recreate the user. _________________________ Wait don't order yet,... get KiXforms Designer .NET 2.0 (Beta) KiXforms Designer .NET 2.0 (Beta)
Top

#157288 - 2006-02-22 12:09 PM Re: Add user to admin group on remote client
1984 1984 Starting to like KiXtart Registered: 2003-08-14 Posts: 150	??? nop, its not working. What has the password part with the "add to local admin group" to do? There is no problem creating the account. The problem is to add the account to local admin group on the machine!!! _________________________ "... Great minds talk about idea' s, average minds talk about events and samll minds talks about people...!"
Top

#157289 - 2006-02-22 01:40 PM Re: Add user to admin group on remote client
Benny69 Benny69 Moderator Registered: 2003-10-29 Posts: 1036 Loc: Lincoln, Ne	the reason that i asked you to use the dif password is outlined in the rem'ed info in the earlier post, the code that Doc and i have given you is solid, i don't know why it is not working for you. try the solution that Les has offered, idk. _________________________ Wait don't order yet,... get KiXforms Designer .NET 2.0 (Beta) KiXforms Designer .NET 2.0 (Beta)
Top

#157290 - 2006-02-22 02:05 PM Re: Add user to admin group on remote client
1984 1984 Starting to like KiXtart Registered: 2003-08-14 Posts: 150	dont wanne use external tools for that. Im sure kix will do it just fine... need to find why its not working... thanx anyway benny. _________________________ "... Great minds talk about idea' s, average minds talk about events and samll minds talks about people...!"
Top

#157291 - 2006-02-22 02:30 PM Re: Add user to admin group on remote client
1984 1984 Starting to like KiXtart Registered: 2003-08-14 Posts: 150	Need trouble shooting tips.... dont get much of this "-2147352567" error... _________________________ "... Great minds talk about idea' s, average minds talk about events and samll minds talks about people...!"
Top

#157292 - 2006-02-22 04:25 PM Re: Add user to admin group on remote client
Radimus Radimus Moderator Registered: 2000-01-06 Posts: 5187 Loc: Tampa, FL	So let me see if I can sum up the problem. 1. You need to create a LOCAL user on a remote PC 2. you need to add that local user into the remote PC's Administrators group Environment: Win2k desktops on domain, you have adminstative permissions on the remote PC already. So far: you can create the remote user, but not add to admin group? Is all of the above accurate? use RemoteExec() UDF $nul = RemoteExec('cmd /c net user '+$newusername+' '+$userpassword+' /add',$computer) $nul = RemoteExec('cmd /c net localgroup administrators /add '+$newusername,$computer) _________________________ How to ask questions the smart way <-----------> Before you ask
Top

#157293 - 2006-02-22 08:12 PM Re: Add user to admin group on remote client
1984 1984 Starting to like KiXtart Registered: 2003-08-14 Posts: 150	Right Radimus. And I used RemoteExec, for both creating and adding the account to local admin gruop. But it did'nt work that all. No account was created and nothing to add to local admin gruop. So what I did to make the hole thing work is to use benny's code for creating the account, and your secound part of RemoteExec to add it to local admin gruop: [Code] $Computer = "192.168.0.10" $NewUser = "David" $NewPassword = "passwd" $Group = "Administrators" $FullName = "David J" $Domain = "Home" CreateLocalUserAccount ($Computer,$Domain,$NewPassword,$NewUser,$FullName,$Group) Function CreateLocalUserAccount ($Computer,$Domain,$NewPassword,$NewUser,$FullName,$Group) $Accounts = GetObject("WinNT://" + $Domain + "/" + $Computer + ",Computer") $User = $Accounts.Create("user", $NewUser) $SetUserPassword = $User.ChangePassword("", $NewPassword) $User.SetPassword ($NewPassword) $User.Put ("FullName", $FullName) $User.SetInfo $nul = fnRemoteExec('cmd /c net localgroup administrators /add '+$NewUser,$computer) EndFunction Function fnRemoteExec($sCommand,Optional $sComputer,Optional $sUser,Optional $sPwd) Dim $objLocator,$objSvc,$objSet $objLocator = CreateObject("WbemScripting.SwbemLocator") $objSvc = IIf($sComputer='',$objLocator.ConnectServer(),$objLocator.ConnectServer($sComputer,,$sUser,$sPwd)) If @ERROR Exit @ERROR EndIf $objSet = $objSvc.Get("Win32_Process") If @ERROR Exit @ERROR EndIf $fnRemoteExec = $objSet.Create($sCommand) Exit @ERROR EndFunction Well I used fnRemoteExec instead of RemoteExec. This way both operations was succeded. So at last Im happy. It works fine, creating and adding the accout as it should. Many thanx to u all. _________________________ "... Great minds talk about idea' s, average minds talk about events and samll minds talks about people...!"
Top

Page 1 of 1

Previous Topic View All Topics

Index Next Topic

Moderator: Jochen, Allen, Radimus, Glenn Barnas, ShaneEP, Ruud van Velsen, Arend_, Mart

Hop to:

Shout Box

Search the board with:
superb Board Search
or try with google:

	Web kixtart.org