"Jaco Niemand" <> wrote in message
news:51B4207E-EF6F-46A3-AD4C-...
>I am looking for a logon script to create a local user account on a
>computer and then to add that newly created account as a member of the
>local admins group. Can someone please point me in the right direction.
Most users should not have permissions to create users or add them to the
Administrators group. Such a script also exposes the password, but then if
this works the user running the logon scripts already must have
administrator privileges. However, the code would be similar to (not
tested):
==========
Option Explicit
Dim objNetwork, strComputer, strUser
Dim objUser, objAdmin, objComputer
' Determine name of local computer
Set objNetwork = CreateObject("Wscript.Network")
strComputer = objNetwork.ComputerName
' Bind to local computer object.
Set objComputer = GetObject("WinNT://" & strComputer)
' Specify name of local user account to be created.
strUser = "TestUser"
' Create local user. Trap error if it already exists,
' or the user lacks permissions.
On Error Resume Next
Set objUser = objComputer.Create("user", strUser)
If (Err.Number <> 0) Then
On Error GoTo 0
Wscript.Quit
End If
On Error GoTo 0
' Save user object.
objUser.SetInfo
' Enable the user account.
objUser.AccountDisabled = False
objUser.SetInfo
' Assign password.
objUser.SetPassword "zxy321q"
' Expire password.
objUser.PasswordExpired = 1
objUser.SetInfo
' Bind to local Administrators group.
Set objAdmin = GetObject("WinNT://" & strComputer & ",Administrators,group")
' Add user to group.
If (objAdmin.IsMember(objUser.AdsPath) = False) Then
objAdmin.Add(objUser.AdsPath)
End If
=========
It would make more sense to create the user and make them a member of the
local Adminstrators group yourself remotely. You should be able to do this
if you are a member of the "Domain Admins" group. The same script could be
used, except you would assign a value to the variable strComputer. You could
run the script once for each computer, or read computer NetBIOS names from a
text file. For example (not tested):
===========
Option Explicit
Dim strFile, objFSO, objFile
Dim strUser, strComputer, objComputer
Dim objUser, objAdmin
Const ForReading = 1
' Open text file of computer names.
strFile = "c:\scripts\computers.txt"
Set objFSO = CreateObject("Scripting.FileSystemObject")
Set objFile = objFSO.OpenTextFile(strFile, ForReading)
' Specify name of local user account to be created
' on each computer.
strUser = "TestUser"
' Read the text file.
Do Until objFile.AtEndOfStream
strComputer = Trim(objFile.ReadLine)
' Skip blank lines.
If (strComputer <> "") Then
' Bind to local computer object.
' Trap error if computer not avaiable.
On Error Resume Next
Set objComputer = GetObject("WinNT://" & strComputer)
If (Err.Number = 0) Then
' Create local user. Trap error if it already exists.
On Error Resume Next
Set objUser = objComputer.Create("user", strUser)
If (Err.Number = 0) Then
On Error GoTo 0
' Save user object.
objUser.SetInfo
' Enable the user account.
objUser.AccountDisabled = False
objUser.SetInfo
' Assign password.
objUser.SetPassword "zxy321q"
' Expire password.
objUser.PasswordExpired = 1
objUser.SetInfo
' Bind to local Administrators group.
Set objAdmin = GetObject("WinNT://" & strComputer _
& ",Administrators,group")
' Add user to group.
If (objAdmin.IsMember(objUser.AdsPath) = False) Then
objAdmin.Add(objUser.AdsPath)
End If
Else
On Error GoTo 0
Wscript.Echo "Unable to create user on " & strComputer
End If
Else
On Error GoTo 0
Wscript.Echo "Computer " & strComputer & " not available.
End If
End If
Loop
' Clean up.
objFile.Close
--
Richard Mueller
MVP Directory Services
Hilltop Lab -
http://www.rlmueller.net
--
Similar Threads
Linear Mode
