JohnHockett
asked on
VBScript to add local user to local administrators group.
Need help with this script. - Adding a local user to a remote system and adding them to the local admionistrators group. Everything but the "add to local administrators group" works.
On Error Resume Next
strComputer = inputbox("Enter Computer Name or IP address")
strPassword = "abc123" 'inputbox("Enter Password")
Set colAccounts = GetObject("WinNT://" & strComputer & "")
Set objUser = colAccounts.Create("user", "NewUserAccount")
objUser.SetPassword strPassword
objUser.SetInfo
Set objUser = GetObject("WinNT://" & strComputer & "/NewUserAccount, user")
objUser.SetPassword strPassword
objUser.SetInfo
'Set the password to never expire.
Set objUser = GetObject("WinNT://" & strComputer & "/NewUserAccount,user")
objGroup.Add(objUser.ADsPa th)
Const ADS_UF_DONT_EXPIRE_PASSWD = &h10000
Set objUser = GetObject("WinNT://" & strComputer & "/NewUserAccount, user")
objUserFlags = objUser.Get("UserFlags")
objPasswordExpirationFlag = objUserFlags OR ADS_UF_DONT_EXPIRE_PASSWD
objUser.Put "userFlags", objPasswordExpirationFlag
objUser.SetInfo
'Add user to Local Administrators Group
Set objGroup = GetObject("WinNT://" & strComputer & "/Administrators,group")
Set objUser = GetObject("WinNT://" & strComputer & "/NewUserAccount,user")
objGroup.Add(objUser.ADsPa th)
wscript.Echo "NewUserAccount password has been set on " & strComputer
On Error Resume Next
strComputer = inputbox("Enter Computer Name or IP address")
strPassword = "abc123" 'inputbox("Enter Password")
Set colAccounts = GetObject("WinNT://" & strComputer & "")
Set objUser = colAccounts.Create("user",
objUser.SetPassword strPassword
objUser.SetInfo
Set objUser = GetObject("WinNT://" & strComputer & "/NewUserAccount, user")
objUser.SetPassword strPassword
objUser.SetInfo
'Set the password to never expire.
Set objUser = GetObject("WinNT://" & strComputer & "/NewUserAccount,user")
objGroup.Add(objUser.ADsPa
Const ADS_UF_DONT_EXPIRE_PASSWD = &h10000
Set objUser = GetObject("WinNT://" & strComputer & "/NewUserAccount, user")
objUserFlags = objUser.Get("UserFlags")
objPasswordExpirationFlag = objUserFlags OR ADS_UF_DONT_EXPIRE_PASSWD
objUser.Put "userFlags", objPasswordExpirationFlag
objUser.SetInfo
'Add user to Local Administrators Group
Set objGroup = GetObject("WinNT://" & strComputer & "/Administrators,group")
Set objUser = GetObject("WinNT://" & strComputer & "/NewUserAccount,user")
objGroup.Add(objUser.ADsPa
wscript.Echo "NewUserAccount password has been set on " & strComputer
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
sirbounty
duplicate effort because I am not a programmer...
I tried your suggestion and it creates the account, but does not change the Password Never Expire flag or add to admin group.
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
Thanks for all your help. None of the solutions added here worked for me. I did find someone at my company that provided this script below and it worked great for me. I thought I would share it here in case someone else had the same need as me in the future.
Script...
'************************* Change this variable to path of file *****
Const ServerFile="Servers.txt"
Const LogFile="ServersOutput.log "
Const ADS_UF_PASSWD_CANT_CHANGE = &H0040
Const ADS_UF_DONT_EXPIRE_PASSWD = &H10000
Const ForAppending = 8
Const ForReading = 1
NewAdminUser = "Username"
AdminPwd= "Password"
NewUser= "Username1"
NewPwd = "Password1!"
sGroupName="Administrators "
'************************* ********** ********** ********** **********
Dim objFSO, objShell, objTextFile, WshNetwork, objping
dim objWMIService
Set WshNetwork = CreateObject("WScript.Netw ork")
Set objFSO = CreateObject("Scripting.Fi leSystemOb ject")
set oArgs=wscript.arguments
If oArgs.Count = 1 Then
strComputer = Ucase(oArgs.item(0))
AddLog "Starting processing of " & strComputer
'Wscript.Echo "strComputer=" & strComputer
strPingStatus = PingTest(strComputer)
If strPingStatus = "True" Then
AddLog "Success contacting " & strcomputer
ConfigureAccounts sGroupName,NewUser,strComp uter,NewPw d
ConfigureAccounts sGroupName,NewAdminUser,st rComputer, AdminPwd
Else
AddLog "Error - Unable to contact server " & strcomputer
End If
wscript.echo "Complete"
else
On Error Resume Next
Set objServerFile = objFSO.OpenTextFile(Server File, ForReading)
wscript.echo "File read and read to process. Click OK to continue."
Do While objServerFile.AtEndOfStrea m <> True
filestr = objServerFile.Readline
TmpArray = Split(Filestr , chr(9))
StrComputer=UCASE(TmpArray (0))
ServerType=UCASE(TmpArray( 1))
strPingStatus=""
AddLog "Starting processing of " & strComputer
strPingStatus = PingTest(strComputer)
If strPingStatus = "True" Then
AddLog "Success contacting " & strcomputer
ConfigureAccounts sGroupName,NewUser,strComp uter,NewPw d
ConfigureAccounts sGroupName,NewAdminUser,st rComputer, AdminPwd
ConfigTCAccounts
Else
AddLog "Error - Unable to contact server " & strcomputer
End If
' wscript.quit
Loop
Addlog "Processing complete for " & strComputer
wscript.echo "Complete"
End If
'************************* ********** ********** ********** ********** ********** *****
Sub ConfigureAccounts(strGroup ,strAccoun t,strCompu ter,strPas sword)
On Error Resume Next
Set objUser = GetObject("WinNT://" & strComputer & "/" & strAccount & ",user")
If Err.Number<> 0 Then
' wscript.echo " create" & err.number
Addlog "Creating " & strAccount & " on " & strComputer
Set colAccounts = GetObject("WinNT://" & strComputer & "")
Set objUser = colAccounts.Create("user", strAccount)
objUser.Put "PasswordExpired", 0
objPasswordDontExpireFlag = objUser.UserFlags OR ADS_UF_DONT_EXPIRE_PASSWD
objUser.Put "userFlags", objPasswordDontExpireFlag
objPasswordNoChangeFlag = objUser.UserFlags OR ADS_UF_PASSWD_CANT_CHANGE
objUser.Put "userFlags", objPasswordNoChangeFlag
objUser.SetPassword strPassword
objUser.SetInfo
Set objGroup = GetObject("WinNT://" & strComputer & "/" & strGroup)
Set objUser = GetObject("WinNT://" & strAccount)
objGroup.Add(objUser.ADsPa th)
If Err.Number <> 0 and err.number <> -2147463168 and err.number <> -2147023518 Then
'wscript.echo "Can't add " & strAccount & " account to the local admins group"
AddLog "Failed to add " & strAccount & " to the local admins group"
Else
AddLog "Succesfully added " & strAccount & " to the local admins group"
End if
Addlog "Successfully created " & strAccount & " on " & strComputer
else
Addlog "Configuring " & strAccount & " on " & strComputer
objUser.Put "PasswordExpired", 0
objPasswordDontExpireFlag = objUser.UserFlags OR ADS_UF_DONT_EXPIRE_PASSWD
objUser.Put "userFlags", objPasswordDontExpireFlag
objPasswordNoChangeFlag = objUser.UserFlags OR ADS_UF_PASSWD_CANT_CHANGE
objUser.Put "userFlags", objPasswordNoChangeFlag
objUser.SetPassword strPassword
objUser.SetInfo
Set objGroup = GetObject("WinNT://" & strComputer & "/" & strgroup)
Set objUser = GetObject("WinNT://" & strAccount)
objGroup.Add(objUser.ADsPa th)
If Err.Number <> 0 and err.number <> -2147463168 and err.number <> -2147023518 Then
wscript.echo "Can't add " & strAccount & " account to the local admins group"
AddLog "Failed to add " & strAccount & " to the local admins group"
Else
AddLog "Succesfully added " & strAccount & " to the local admins group"
End if
Addlog "Successfully configured " & strAccount & " on " & strComputer
end if
End Sub
Sub AddLog(NewLogEntry)
Const ForAppending = 8
Dim fso
Dim fsoLogFile
Set fso = WScript.CreateObject("Scri pting.File SystemObje ct")
Set fsoLogFile = fso.OpenTextFile(logfile, ForAppending, True)
fsoLogFile.WriteLine Now & " " & NewLogEntry
fsoLogFile.Close
End Sub
Function PingTest(strHostOrIP)
'wscript.echo strHostOrIP
Dim objSh, strCommand, intWindowStyle, blnWaitOnReturn
blnWaitOnReturn = True
intWindowStyle = 0
strCommand = "%ComSpec% /C %SystemRoot%\system32\ping .exe -n 1 " _
& strHostOrIP & " | " & "%SystemRoot%\system32\fin d.exe /i " _
& Chr(34) & "TTL=" & Chr(34)
Set objSh = WScript.CreateObject("WScr ipt.Shell" )
PingTest = Not CBool(objSh.Run(strCommand , intWindowStyle, _
blnWaitOnReturn))
'wscript.echo "1 pingtest=" & pingTest
Set objSh = Nothing
End Function
Script...
'*************************
Const ServerFile="Servers.txt"
Const LogFile="ServersOutput.log
Const ADS_UF_PASSWD_CANT_CHANGE = &H0040
Const ADS_UF_DONT_EXPIRE_PASSWD = &H10000
Const ForAppending = 8
Const ForReading = 1
NewAdminUser = "Username"
AdminPwd= "Password"
NewUser= "Username1"
NewPwd = "Password1!"
sGroupName="Administrators
'*************************
Dim objFSO, objShell, objTextFile, WshNetwork, objping
dim objWMIService
Set WshNetwork = CreateObject("WScript.Netw
Set objFSO = CreateObject("Scripting.Fi
set oArgs=wscript.arguments
If oArgs.Count = 1 Then
strComputer = Ucase(oArgs.item(0))
AddLog "Starting processing of " & strComputer
'Wscript.Echo "strComputer=" & strComputer
strPingStatus = PingTest(strComputer)
If strPingStatus = "True" Then
AddLog "Success contacting " & strcomputer
ConfigureAccounts sGroupName,NewUser,strComp
ConfigureAccounts sGroupName,NewAdminUser,st
Else
AddLog "Error - Unable to contact server " & strcomputer
End If
wscript.echo "Complete"
else
On Error Resume Next
Set objServerFile = objFSO.OpenTextFile(Server
wscript.echo "File read and read to process. Click OK to continue."
Do While objServerFile.AtEndOfStrea
filestr = objServerFile.Readline
TmpArray = Split(Filestr , chr(9))
StrComputer=UCASE(TmpArray
ServerType=UCASE(TmpArray(
strPingStatus=""
AddLog "Starting processing of " & strComputer
strPingStatus = PingTest(strComputer)
If strPingStatus = "True" Then
AddLog "Success contacting " & strcomputer
ConfigureAccounts sGroupName,NewUser,strComp
ConfigureAccounts sGroupName,NewAdminUser,st
ConfigTCAccounts
Else
AddLog "Error - Unable to contact server " & strcomputer
End If
' wscript.quit
Loop
Addlog "Processing complete for " & strComputer
wscript.echo "Complete"
End If
'*************************
Sub ConfigureAccounts(strGroup
On Error Resume Next
Set objUser = GetObject("WinNT://" & strComputer & "/" & strAccount & ",user")
If Err.Number<> 0 Then
' wscript.echo " create" & err.number
Addlog "Creating " & strAccount & " on " & strComputer
Set colAccounts = GetObject("WinNT://" & strComputer & "")
Set objUser = colAccounts.Create("user",
objUser.Put "PasswordExpired", 0
objPasswordDontExpireFlag = objUser.UserFlags OR ADS_UF_DONT_EXPIRE_PASSWD
objUser.Put "userFlags", objPasswordDontExpireFlag
objPasswordNoChangeFlag = objUser.UserFlags OR ADS_UF_PASSWD_CANT_CHANGE
objUser.Put "userFlags", objPasswordNoChangeFlag
objUser.SetPassword strPassword
objUser.SetInfo
Set objGroup = GetObject("WinNT://" & strComputer & "/" & strGroup)
Set objUser = GetObject("WinNT://" & strAccount)
objGroup.Add(objUser.ADsPa
If Err.Number <> 0 and err.number <> -2147463168 and err.number <> -2147023518 Then
'wscript.echo "Can't add " & strAccount & " account to the local admins group"
AddLog "Failed to add " & strAccount & " to the local admins group"
Else
AddLog "Succesfully added " & strAccount & " to the local admins group"
End if
Addlog "Successfully created " & strAccount & " on " & strComputer
else
Addlog "Configuring " & strAccount & " on " & strComputer
objUser.Put "PasswordExpired", 0
objPasswordDontExpireFlag = objUser.UserFlags OR ADS_UF_DONT_EXPIRE_PASSWD
objUser.Put "userFlags", objPasswordDontExpireFlag
objPasswordNoChangeFlag = objUser.UserFlags OR ADS_UF_PASSWD_CANT_CHANGE
objUser.Put "userFlags", objPasswordNoChangeFlag
objUser.SetPassword strPassword
objUser.SetInfo
Set objGroup = GetObject("WinNT://" & strComputer & "/" & strgroup)
Set objUser = GetObject("WinNT://" & strAccount)
objGroup.Add(objUser.ADsPa
If Err.Number <> 0 and err.number <> -2147463168 and err.number <> -2147023518 Then
wscript.echo "Can't add " & strAccount & " account to the local admins group"
AddLog "Failed to add " & strAccount & " to the local admins group"
Else
AddLog "Succesfully added " & strAccount & " to the local admins group"
End if
Addlog "Successfully configured " & strAccount & " on " & strComputer
end if
End Sub
Sub AddLog(NewLogEntry)
Const ForAppending = 8
Dim fso
Dim fsoLogFile
Set fso = WScript.CreateObject("Scri
Set fsoLogFile = fso.OpenTextFile(logfile, ForAppending, True)
fsoLogFile.WriteLine Now & " " & NewLogEntry
fsoLogFile.Close
End Sub
Function PingTest(strHostOrIP)
'wscript.echo strHostOrIP
Dim objSh, strCommand, intWindowStyle, blnWaitOnReturn
blnWaitOnReturn = True
intWindowStyle = 0
strCommand = "%ComSpec% /C %SystemRoot%\system32\ping
& strHostOrIP & " | " & "%SystemRoot%\system32\fin
& Chr(34) & "TTL=" & Chr(34)
Set objSh = WScript.CreateObject("WScr
PingTest = Not CBool(objSh.Run(strCommand
blnWaitOnReturn))
'wscript.echo "1 pingtest=" & pingTest
Set objSh = Nothing
End Function
On Error Resume Next
strComputer = inputbox("Enter Computer Name or IP address")
strPassword = "abc123" 'inputbox("Enter Password")
Set colAccounts = GetObject("WinNT://" & strComputer & "")
Set objUser = colAccounts.Create("user",
objUser.SetPassword strPassword
objUser.SetInfo
'already have a reference to objUser...
'not sure where you're defining objGroup?
'objGroup.Add(objUser.ADsP
Const ADS_UF_DONT_EXPIRE_PASSWD = &h10000
If objUser.UserFlags And ADS_UF_DONT_EXPIRE_PASSWD Then
objUser.UserFlags=objUser.
End If
objUser.SetInfo
'Add user to Local Administrators Group
Set objGroup = GetObject("WinNT://" & strComputer & "/Administrators,group")
objGroup.Add(objUser.ADsPa