This shows you the differences between two versions of the page.
userspace:local_user [2012/06/18 11:45] qx23 |
userspace:local_user [2021/08/23 08:37] |
||
---|---|---|---|
Line 1: | Line 1: | ||
- | ===== Lokalen Benutzer anlegen ===== | ||
- | Kommentar und Verbesserungen erwünscht! | ||
- | Entwickelt und getestet auf Win 7 64bit. | ||
- | |||
- | Manchmal ist es aus diveresen Gründen praktisch, einen lokalen Benutzer in der lokalen Administratorengruppe zu haben. Dieser Benutzer ist ausserhalb einer Domäne. | ||
- | |||
- | Man benötigt für dieses Skript noch zusätzlich das Programm psgetsid aus der Sysinternal Suite, kostenlos herunterladbar bei Microsoft. PSgetSID ist in der Programmsammlung PSTools der Sysinternal Suite erhältlich (http:// | ||
- | |||
- | Ich will mich nicht mit fremden Federn schmücken: | ||
- | Dieses Skript baut sehr stark auf dem Beispielskript für Programminstallationen im Kontext eines lokalen Benutzer/ | ||
- | |||
- | |||
- | Features: | ||
- | * Benutzername frei wählbar | ||
- | * Passwort frei wählbar | ||
- | * Passwort änderung | ||
- | * Benutzer lässt sich aktivieren und deaktivieren | ||
- | * Prüfung ob User bereits existiert | ||
- | * Benutzer ist im Standard deaktiviert um nicht aus Versehen eine mögliche Sicherheitslücke zu schaffen. | ||
- | * Konto läuft am nächsten Tag oder nie | ||
- | * Gruppen Benutzer, Administratoren, | ||
- | |||
- | |||
- | ===== setup.ins ===== | ||
- | <code winst> | ||
- | requiredWinstVersion >= " | ||
- | |||
- | setLogLevel=3 | ||
- | DefVar $ProductName$ | ||
- | DefVar $local_user$ | ||
- | DefVar $Group$ | ||
- | DefVar $SearchResult$ | ||
- | DefVar $flag_active$ | ||
- | DefVar $val_userpasswd$ | ||
- | DefVar $val_username$ | ||
- | DefVar $val_groupmember$ | ||
- | DefVar $val_expires$ | ||
- | DefVar $UserExists$ | ||
- | DefVar $UserGroup$ | ||
- | DefVar $date_tomorrow$ | ||
- | |||
- | DefStringlist $ResultList$ | ||
- | DefStringlist $ResultList2$ | ||
- | DefStringlist $ResultList3$ | ||
- | |||
- | sub_get_properties | ||
- | |||
- | comment "get the name of the admin group" | ||
- | comment "using psgetsid from sysinernals pstools" | ||
- | |||
- | if $UserGroup$ = " | ||
- | set $ResultList$ = getOutStreamFromSection(" | ||
- | endif | ||
- | |||
- | if $UserGroup$ = " | ||
- | set $ResultList$ = getOutStreamFromSection(" | ||
- | endif | ||
- | |||
- | if $UserGroup$ = " | ||
- | set $ResultList$ = getOutStreamFromSection(" | ||
- | endif | ||
- | |||
- | set $Group$ = takeString(6, | ||
- | set $Group$ = takeString(1, | ||
- | |||
- | comment "Check if user exists." | ||
- | comment "If user exists, the password will be altered. Otherwise, the user will be created." | ||
- | set $ResultList2$ = getOutStreamFromSection(" | ||
- | set $UserExists$ = takeString(0, | ||
- | |||
- | setLogLevel=0 | ||
- | |||
- | comment " | ||
- | if $UserExists$ = " | ||
- | DosInAnIcon_makeadmin | ||
- | else | ||
- | DosInAnIcon_alter_pw | ||
- | endif | ||
- | |||
- | setLogLevel=3 | ||
- | |||
- | comment " | ||
- | comment " | ||
- | if $flag_active$ = " | ||
- | DosInAnIcon_enable_admin | ||
- | else | ||
- | DosInAnIcon_disable_admin | ||
- | endif | ||
- | |||
- | set $ResultList3$ = getOutStreamFromSection(" | ||
- | set $date_tomorrow$ = takeString(2, | ||
- | ;set $date_tomorrow$ = takeString(1, | ||
- | |||
- | if $val_expires$ = " | ||
- | DosInAnIcon_expires_never | ||
- | else | ||
- | DosInAnIcon_expires_tomorrow | ||
- | endif | ||
- | |||
- | [sub_get_properties] | ||
- | comment " | ||
- | comment " | ||
- | Set $flag_active$ = GetProductProperty(" | ||
- | |||
- | comment " | ||
- | comment " | ||
- | Set $val_userpasswd$ = GetProductProperty(" | ||
- | |||
- | comment " | ||
- | comment " | ||
- | set $local_user$= GetProductProperty(" | ||
- | |||
- | comment " | ||
- | comment " | ||
- | set $UserGroup$= GetProductProperty(" | ||
- | |||
- | comment " | ||
- | comment " | ||
- | set $val_expires$ = GetProductProperty(" | ||
- | |||
- | [DosInAnIcon_checkuser] | ||
- | @echo off | ||
- | net user $local_user$ >nul 2>&1 && echo yes || echo no | ||
- | |||
- | [DosInAnIcon_get_admin_group] | ||
- | @echo off | ||
- | " | ||
- | |||
- | [DosInAnIcon_get_user_group] | ||
- | @echo off | ||
- | " | ||
- | |||
- | [DosInAnIcon_get_guest_group] | ||
- | @echo off | ||
- | " | ||
- | |||
- | [DosInAnIcon_makeadmin] | ||
- | NET USER $local_user$ $val_userpasswd$ /ADD / | ||
- | NET LOCALGROUP $Group$ /ADD $local_user$ | ||
- | |||
- | [DosInAnIcon_alter_pw] | ||
- | NET USER $local_user$ $val_userpasswd$ | ||
- | |||
- | [DosInAnIcon_enable_admin] | ||
- | NET USER $local_user$ /active:yes | ||
- | |||
- | [DosInAnIcon_disable_admin] | ||
- | NET USER $local_user$ /active:no | ||
- | |||
- | [DosInAnIcon_get_date_tomorrow] | ||
- | %ScriptPath%\morgen.bat | ||
- | |||
- | [DosInAnIcon_expires_never] | ||
- | NET USER $local_user$ / | ||
- | |||
- | [DosInAnIcon_expires_tomorrow] | ||
- | NET USER $local_user$ / | ||
- | </ | ||
- | ===== uninstall.ins ===== | ||
- | <code winst> | ||
- | [Actions] | ||
- | requiredWinstVersion >= " | ||
- | |||
- | setLogLevel=7 | ||
- | DefVar $ProductName$ | ||
- | DefVar $OpsiAdminPass$ | ||
- | DefVar $local_user$ | ||
- | DefVar $AdminGroup$ | ||
- | DefVar $SearchResult$ | ||
- | DefVar $flag_active$ | ||
- | DefVar $val_userpasswd$ | ||
- | DefVar $val_username$ | ||
- | DefVar $UserExists$ | ||
- | DefVar $LocalTempPath$ | ||
- | DefStringlist $ResultList2$ | ||
- | |||
- | sub_get_properties | ||
- | |||
- | comment "Check if user exists." | ||
- | set $ResultList2$ = getOutStreamFromSection(" | ||
- | set $UserExists$ = takeString(0, | ||
- | set $UserExists$ = takeString(0, | ||
- | |||
- | |||
- | if $UserExists$ = " | ||
- | DosInAnIcon_deleteuser | ||
- | else | ||
- | LogError "User '" | ||
- | isFatalError | ||
- | endif | ||
- | |||
- | |||
- | [sub_get_properties] | ||
- | comment " | ||
- | comment " | ||
- | set $local_user$= GetProductProperty(" | ||
- | |||
- | [DosInAnIcon_checkuser] | ||
- | @echo off | ||
- | net user $local_user$ >nul 2>&1 && echo yes || echo no | ||
- | |||
- | [DosInAnIcon_deleteuser] | ||
- | NET USER $local_user$ /DELETE | ||
- | |||
- | [DosInAnIcon_deleteprofile] | ||
- | rmdir /S /Q " | ||
- | </ | ||
- | |||
- | ===== morgen.bat ===== | ||
- | < | ||
- | @echo off | ||
- | setlocal | ||
- | rem Datum auslesen | ||
- | set tag=%date: | ||
- | set monat=%date: | ||
- | set jahr=%date: | ||
- | |||
- | if %monat% NEQ 2 goto :done | ||
- | rem Letzter Tag im Februar, Schaltjahr prüfen | ||
- | set /a mod4=jahr % 4 | ||
- | set /a mod100=jahr % 100 | ||
- | set /a mod400=jahr % 400 | ||
- | set ltag=28 | ||
- | if %mod4% NEQ 0 goto :done | ||
- | set ltag=29 | ||
- | if %mod100% NEQ 0 goto :done | ||
- | set ltag=28 | ||
- | if %mod400% NEQ 0 goto :done | ||
- | set ltag=29 | ||
- | :done | ||
- | |||
- | rem Letzter Tag des Monats | ||
- | if %monat% EQU 1 set ltag=31 | ||
- | if %monat% EQU 3 set ltag=31 | ||
- | if %monat% EQU 4 set ltag=30 | ||
- | if %monat% EQU 5 set ltag=31 | ||
- | if %monat% EQU 6 set ltag=30 | ||
- | if %monat% EQU 7 set ltag=31 | ||
- | if %monat% EQU 8 set ltag=31 | ||
- | if %monat% EQU 9 set ltag=30 | ||
- | if %monat% EQU 10 set ltag=31 | ||
- | if %monat% EQU 11 set ltag=30 | ||
- | if %monat% EQU 12 set ltag=31 | ||
- | |||
- | set /a tag+=1 | ||
- | if %tag% GTR %ltag% set /a monat+=1 & set tag=1 | ||
- | if %monat% GTR 12 set /a jahr+=1 & set monat=1 | ||
- | |||
- | echo %tag%.%monat%.%jahr% | ||
- | </ | ||
- | |||
- | ===== control ===== | ||
- | <code winst> | ||
- | [Package] | ||
- | version: 2 | ||
- | depends: | ||
- | incremental: | ||
- | |||
- | [Product] | ||
- | type: localboot | ||
- | id: local-admin-user | ||
- | name: Lokaler Adminbenutzer | ||
- | description: | ||
- | advice: | ||
- | version: 0.2 | ||
- | priority: 0 | ||
- | licenseRequired: | ||
- | productClasses: | ||
- | setupScript: | ||
- | uninstallScript: | ||
- | updateScript: | ||
- | alwaysScript: | ||
- | onceScript: | ||
- | customScript: | ||
- | userLoginScript: | ||
- | |||
- | [ProductProperty] | ||
- | type: unicode | ||
- | name: flag_active | ||
- | multivalue: False | ||
- | editable: False | ||
- | description: | ||
- | values: [" | ||
- | default: [" | ||
- | |||
- | [ProductProperty] | ||
- | type: unicode | ||
- | name: val_username | ||
- | multivalue: False | ||
- | editable: True | ||
- | description: | ||
- | values: [" | ||
- | default: [" | ||
- | |||
- | [ProductProperty] | ||
- | type: unicode | ||
- | name: val_groupmember | ||
- | multivalue: False | ||
- | editable: False | ||
- | description: | ||
- | values: [" | ||
- | default: [" | ||
- | |||
- | [ProductProperty] | ||
- | type: unicode | ||
- | name: val_userpasswd | ||
- | multivalue: False | ||
- | editable: True | ||
- | description: | ||
- | values: [" | ||
- | default: [" | ||
- | |||
- | [ProductProperty] | ||
- | type: unicode | ||
- | name: val_expires | ||
- | multivalue: False | ||
- | editable: True | ||
- | description: | ||
- | values: [" | ||
- | default: [" | ||
- | </ |