?
Solved

VB Scripting - Input username, return SID

Posted on 2003-03-10
11
Medium Priority
?
742 Views
Last Modified: 2013-12-25
I am developing a C2/CC Security Policy template that will be deployed to many different Organizations/Domains. Some services and registry keys require a user account to have rights, so I can't just go with the well-known SIDS, I need to find a way to get the user's sid into the INF file.

This is what I've got so far (I just started to teach myself scripting last week):

strComputer = "."
Set objWMIService = GetObject("winmgmts:\\" & strComputer & "\root\cimv2")
UserName1 = InputBox("Enter the account name of the Exchange Service account. The default is exchangeservice:","Input Box","exchangeservice")
set User = GetObject("winmgmts:\\" & strComputer & "\root\cimv2")
Set colItems = objWMIService.ExecQuery("Select * from Win32_UserAccount",,48)


Set objFSO = CreateObject("Scripting.FileSystemObject")
         
Set objFile = objFSO.CreateTextFile("c:\testfile.txt", True)

For Each objItem in colItems
     objFile.WriteLine "Name: " & objItem.Name
     objFile.WriteLine "SID: " & objItem.SID

This will write the Names and SIDS of all users. How do I use an InputBox to specify a user and write that SID to a file?

I appreciate any help on this.

Todd
0
Comment
Question by:tnapolitano
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 6
  • 5
11 Comments
 
LVL 5

Expert Comment

by:JohnMcCann
ID: 8106122
I assume you've collected the username here UserName1.

So the next part would be

For Each objItem in colItems
    If objItem.Name = UserName1 then
        objFile.WriteLine "Name: " & objItem.Name
        objFile.WriteLine "SID: " & objItem.SID
    End if
Next objItem

0
 
LVL 3

Author Comment

by:tnapolitano
ID: 8107426
John, thanks for the quick response. No, I have not collected the user. That is exactly my problem. This script will return all users and their respectiver sids.
What I am looking to do is enter the username in an inputbox, and for the SID of that specific user account be returned.
0
 
LVL 5

Expert Comment

by:JohnMcCann
ID: 8107552
Try replacing

objWMIService.ExecQuery("Select * from Win32_UserAccount",,48)

with

objWMIService.ExecQuery("Select * from Win32_UserAccount where Name = " & UserName1,,48)


0
What does it mean to be "Always On"?

Is your cloud always on? With an Always On cloud you won't have to worry about downtime for maintenance or software application code updates, ensuring that your bottom line isn't affected.

 
LVL 3

Author Comment

by:tnapolitano
ID: 8107594
John - Yes, the If..Then statement worked. I wasn't entering the username in with the proper case (didn't think it would be case-sensitive).

Now I'll get started on passing the sid to the proper lines in the INF.

If you have any suggestions on how to do that, it would be appreciated.

Thanks.

Todd
0
 
LVL 5

Accepted Solution

by:
JohnMcCann earned 2000 total points
ID: 8107607
Ignore the last post

Do you mean

UserName2 = InputBox("Enter the Username")

For Each objItem in colItems
   If objItem.Name = UserName2 then
       objFile.WriteLine "SID: " & objItem.SID
   End if
Next objItem



0
 
LVL 3

Author Comment

by:tnapolitano
ID: 8107777
Thanks for the quick response. I was stuck on that step. Now I can move on.
0
 
LVL 5

Expert Comment

by:JohnMcCann
ID: 8107814
Parnoid approach to testing strings

If UCase(Trim(RTim(String1))) = UCase(Trim(RTim(String1))) then 'There as good as equal

As for puting the sid in the proper line of the INF file, i am not sure.

It may be worth looking at

http://www.nsa.gov/snac/index.html
0
 
LVL 3

Author Comment

by:tnapolitano
ID: 8109176
These Templates are the starting point, definately. But the Defense Contractor I am configuring these for uses a number of user accounts for starting services, assigning rights/permission to, etc.

Also, these Security Templates will be set up on many different domains, so I am trying to write a script (as I am so new to scripting, I am doing more reverse-engineering than writing) that will get the SID of a user and replace instances of the old sid in the INF file with the new sid.

So that's where I am at right now. I see how the RegEx function works, so I think no problem there. But how do I take the SID of each user and make it a variable. I keep getting runtime error with this:

For Each objItem in colItems
  If objItem.Name = UserName1 then
      Set sid01 = objItem.SID

(I'm sure I'll look back on this one day and laugh, but at the moment...)

I'm also new to EE, so if I need to open a new question let me know.

By the way, here's the whole script so far:

strComputer = "."
Set objWMIService = GetObject("winmgmts:\\" & strComputer & "\root\cimv2")
Set colItems = objWMIService.ExecQuery("Select * from Win32_UserAccount",,48)
UserName1 = InputBox("Enter the account name of the Exchange Service account. The default is ExchangeService:","Input

Box","ExchangeService")
UserName2 = InputBox("Enter the account name of the MailRoom account. The default is MailRoom:","Input Box","MailRoom")
Username3 = InputBox("Enter the account name of the Decision Agent Administrator account. The default is

DAAdministrator:","Input Box","DAAdministrator")
Username4 = InputBox("Enter the account name of the Message Center account. The default is msgcntr:","Input Box","msgcntr")

{not sure if I should write it to a file or save objItem as a variable}
For Each objItem in colItems
   If objItem.Name = UserName1 then
       objFile.WriteLine "Name: " & objItem.Name
       objFile.WriteLine "SID: " & objItem.SID
   Elseif objItem.Name = UserName2 then
       objFile.WriteLine "Name: " & objItem.Name
       objFile.WriteLine "SID: " & objItem.SID
   Elseif objItem.Name = UserName3 then
       objFile.WriteLine "Name: " & objItem.Name
       objFile.WriteLine "SID: " & objItem.SID
   Elseif objItem.Name = UserName4 then
       objFile.WriteLine "Name: " & objItem.Name
       objFile.WriteLine "SID: " & objItem.SID
   End If
Next 'objItem

{something definately not working here}
Dim sid01
For Each objItem in colItems
  If objItem.Name = UserName1 then
      Set sid01 = objItem.SID
  ElseIf objItem.Name = UserName2 then
      Set sid02 = objItem.SID
End If
Next


Set fso = CreateObject("Scripting.FileSystemObject")
Set fsoFile = fso.GetFile("d:\c2_dc.txt")

(haven't fleshed this out yet}
Dim regEx
Set regEx = New RegExp
regEx.Global = true
regEx.IgnoreCase = True
regEx.Pattern = "[*]sid1"
ReplaceSID regEx.Replace = sid1, sid01
Next

Anyway, thanks for you help
0
 
LVL 5

Expert Comment

by:JohnMcCann
ID: 8109286
{something definately not working here}
Dim sid01
For Each objItem in colItems
 If objItem.Name = UserName1 then
     Set sid01 = objItem.SID
 ElseIf objItem.Name = UserName2 then
     Set sid02 = objItem.SID
End If
Next


Should be

Dim sid01 as string 'If it is a string datatype.

And the Set statement is used to set a reference to an object so it should be

sid01 = objItem.SID

As it is not an object

Also

when using dim try and specify the datatype

Dim regEx as RegExp
Set regEx = New RegExp

Uses less memory and reduces the chance of errors.


Best of Luck.



0
 
LVL 3

Author Comment

by:tnapolitano
ID: 8124114
What I am looking to do is replace sid1/sid2/sid3 in a text file with the value of a variable sid01, sid02, or sid03.

Example:
 
   Contents of text file:

seinteractivelogonright = *S-1-5-32-544,*sid1,*sid2
seloaddriverprivilege = *S-1-5-32-544
selockmemoryprivilege =
senetworklogonright = *S-1-5-32-544,*S-1-5-11,*S-1-5-9,*S-1-1-0,*S-1-5-32-545
seprofilesingleprocessprivilege = *S-1-5-32-544
seremoteshutdownprivilege = *S-1-5-32-544
serestoreprivilege = *S-1-5-32-544,*sid2
sesecurityprivilege = *S-1-5-32-544
seservicelogonright = *S-1-5-32544,*sid1,*sid2,*sid3,SYSTEM


Question: What is the syntax of a replace (or regex) function that will search all strings in a text file, so I can replace sid(1/2/3) irregardless of the string it is a part of? Is there a wildcard character?



0
 
LVL 5

Expert Comment

by:JohnMcCann
ID: 8124510
I am just about to goto bed I will have a quick go in the morning.

Can I suggest you post this as another question so that other experts may give it a go.

I would call the question something like replacing text in a text file and 100 points seems about reasonable.


0

Featured Post

New benefit for Premium Members - Upgrade now!

Ready to get started with anonymous questions today? It's easy! Learn more.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Background What I'm presenting in this article is the result of 2 conditions in my work area: We have a SQL Server production environment but no development or test environment; andWe have an MS Access front end using tables in SQL Server but we a…
This article describes some techniques which will make your VBA or Visual Basic Classic code easier to understand and maintain, whether by you, your replacement, or another Experts-Exchange expert.
Get people started with the process of using Access VBA to control Excel using automation, Microsoft Access can control other applications. An example is the ability to programmatically talk to Excel. Using automation, an Access application can laun…
This lesson covers basic error handling code in Microsoft Excel using VBA. This is the first lesson in a 3-part series that uses code to loop through an Excel spreadsheet in VBA and then fix errors, taking advantage of error handling code. This l…
Suggested Courses

777 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question