OPSI DokuWiki

User Tools

Site Tools

Trace:
userspace:local_user

Differences

This shows you the differences between two versions of the page.

Link to this comparison view

userspace:local_user [2012/06/18 11:45]
qx23 		userspace:local_user [2021/08/23 08:37]
Line 1: Line 1:
-===== Lokalen Benutzer anlegen ===== 
-Kommentar und Verbesserungen erwünscht! 
  
-Entwickelt und getestet auf Win 7 64bit. 
- 
-Manchmal ist es aus diveresen Gründen praktisch, einen lokalen Benutzer in der lokalen Administratorengruppe zu haben. Dieser Benutzer ist ausserhalb einer Domäne. 
- 
-Man benötigt für dieses Skript noch zusätzlich das Programm psgetsid aus der Sysinternal Suite, kostenlos herunterladbar bei Microsoft. PSgetSID ist in der Programmsammlung PSTools der Sysinternal Suite erhältlich (http://download.sysinternals.com/files/PSTools.zip). 
- 
-Ich will mich nicht mit fremden Federn schmücken: 
-Dieses Skript baut sehr stark auf dem Beispielskript für Programminstallationen im Kontext eines lokalen Benutzer/Administrators) des Winst-Handbuches auf. Danke an das UIB-Team für das tolle Handbuch. 
- 
- 
-Features: 
-  * Benutzername frei wählbar 
-  * Passwort frei wählbar 
-  * Passwort änderung 
-  * Benutzer lässt sich aktivieren und deaktivieren 
-  * Prüfung ob User bereits existiert 
-  * Benutzer ist im Standard deaktiviert um nicht aus Versehen eine mögliche Sicherheitslücke zu schaffen. 
-  * Konto läuft am nächsten Tag oder nie 
-  * Gruppen Benutzer, Administratoren, Gäste verwendbar 
- 
- 
-===== setup.ins ===== 
-<code winst>[Actions] 
-requiredWinstVersion >= "4.11.2.1" 
- 
-setLogLevel=3 
-DefVar $ProductName$ 
-DefVar $local_user$ 
-DefVar $Group$ 
-DefVar $SearchResult$ 
-DefVar $flag_active$ 
-DefVar $val_userpasswd$ 
-DefVar $val_username$ 
-DefVar $val_groupmember$ 
-DefVar $val_expires$ 
-DefVar $UserExists$ 
-DefVar $UserGroup$ 
-DefVar $date_tomorrow$ 
- 
-DefStringlist $ResultList$ 
-DefStringlist $ResultList2$ 
-DefStringlist $ResultList3$ 
- 
-sub_get_properties 
- 
-comment "get the name of the admin group" 
-comment "using psgetsid from sysinernals pstools" 
- 
-if $UserGroup$ = "Administratoren" 
-set $ResultList$ = getOutStreamFromSection("DosInAnIcon_get_admin_group") 
-endif 
- 
-if $UserGroup$ = "Benutzer" 
-set $ResultList$ = getOutStreamFromSection("DosInAnIcon_get_user_group") 
-endif 
- 
-if $UserGroup$ = "Gaeste" 
-set $ResultList$ = getOutStreamFromSection("DosInAnIcon_get_guest_group") 
-endif 
- 
-set $Group$ = takeString(6,$ResultList$) 
-set $Group$ = takeString(1,splitstring($Group$,"\")) 
- 
-comment "Check if user exists." 
-comment "If user exists, the password will be altered. Otherwise, the user will be created." 
-set $ResultList2$ = getOutStreamFromSection("DosInAnIcon_checkuser") 
-set $UserExists$ = takeString(0,$ResultList2$) 
- 
-setLogLevel=0 
- 
-comment "create our local user" 
-if $UserExists$ = "no" 
- DosInAnIcon_makeadmin 
-else 
- DosInAnIcon_alter_pw 
-endif 
- 
-setLogLevel=3 
- 
-comment "Enables or disables the user." 
-comment "flag_active is set to 'no' by the product properties for not opening accidently a security risk *g*." 
-if $flag_active$ = "on" 
- DosInAnIcon_enable_admin 
-else 
- DosInAnIcon_disable_admin 
-endif 
- 
-set $ResultList3$ = getOutStreamFromSection("DosInAnIcon_get_date_tomorrow") 
-set $date_tomorrow$ = takeString(2,$ResultList3$) 
-;set $date_tomorrow$ = takeString(1,splitstring(" ",$date_tomorrow$)) 
- 
-if $val_expires$ = "never" 
- DosInAnIcon_expires_never 
-else 
- DosInAnIcon_expires_tomorrow 
-endif 
- 
-[sub_get_properties] 
-comment "flag_active" 
-comment "description: User active" 
-Set $flag_active$ = GetProductProperty("flag_active", "off") 
- 
-comment "val_userpasswd" 
-comment "description: password" 
-Set $val_userpasswd$ = GetProductProperty("val_userpasswd", "SecurePW!") 
- 
-comment "val_username" 
-comment "description: admin username" 
-set $local_user$= GetProductProperty("val_username", "locsupp") 
- 
-comment "val_groupmember" 
-comment "description: Groupemembership" 
-set $UserGroup$= GetProductProperty("val_groupmember", "Administratoren") 
- 
-comment "val_expires" 
-comment "description: expires" 
-set $val_expires$ = GetProductProperty("val_expires", "tomorrow") 
- 
-[DosInAnIcon_checkuser] 
-@echo off 
-net user $local_user$ >nul 2>&1 && echo yes || echo no 
- 
-[DosInAnIcon_get_admin_group] 
-@echo off 
-"%ScriptPath%\psgetsid.exe" /accepteula S-1-5-32-544 
- 
-[DosInAnIcon_get_user_group] 
-@echo off 
-"%ScriptPath%\psgetsid.exe" /accepteula S-1-5-32-545 
- 
-[DosInAnIcon_get_guest_group] 
-@echo off 
-"%ScriptPath%\psgetsid.exe" /accepteula S-1-5-32-547 
- 
-[DosInAnIcon_makeadmin] 
-NET USER $local_user$ $val_userpasswd$ /ADD /comment:"Local User created by opsi-package" /fullname:"Local User by Opsi" /passwordchg:no /passwordreq:yes 
-NET LOCALGROUP $Group$ /ADD $local_user$ 
- 
-[DosInAnIcon_alter_pw] 
-NET USER $local_user$ $val_userpasswd$ 
- 
-[DosInAnIcon_enable_admin] 
-NET USER $local_user$ /active:yes 
- 
-[DosInAnIcon_disable_admin] 
-NET USER $local_user$ /active:no 
- 
-[DosInAnIcon_get_date_tomorrow] 
-%ScriptPath%\morgen.bat 
- 
-[DosInAnIcon_expires_never] 
-NET USER $local_user$ /expires:never 
- 
-[DosInAnIcon_expires_tomorrow] 
-NET USER $local_user$ /expires:$date_tomorrow$ 
-</code> 
-===== uninstall.ins ===== 
-<code winst> 
-[Actions] 
-requiredWinstVersion >= "4.11.2.1" 
- 
-setLogLevel=7 
-DefVar $ProductName$ 
-DefVar $OpsiAdminPass$ 
-DefVar $local_user$ 
-DefVar $AdminGroup$ 
-DefVar $SearchResult$ 
-DefVar $flag_active$ 
-DefVar $val_userpasswd$ 
-DefVar $val_username$ 
-DefVar $UserExists$ 
-DefVar $LocalTempPath$ 
-DefStringlist $ResultList2$ 
- 
-sub_get_properties 
- 
-comment "Check if user exists." 
-set $ResultList2$ = getOutStreamFromSection("DosInAnIcon_checkuser") 
-set $UserExists$ = takeString(0,$ResultList2$) 
-set $UserExists$ = takeString(0,splitstring($UserExists$," ")) 
- 
- 
-if $UserExists$ = "yes" 
- DosInAnIcon_deleteuser 
-else 
- LogError "User '" + $local_user$ + "' does not exist!"  
- isFatalError 
-endif 
- 
- 
-[sub_get_properties] 
-comment "val_username" 
-comment "description: username" 
-set $local_user$= GetProductProperty("val_username", "locsupp") 
- 
-[DosInAnIcon_checkuser] 
-@echo off 
-net user $local_user$ >nul 2>&1 && echo yes || echo no 
- 
-[DosInAnIcon_deleteuser] 
-NET USER $local_user$ /DELETE 
- 
-[DosInAnIcon_deleteprofile] 
-rmdir /S /Q "%ProfileDir%\$local_user$" 
-</code> 
- 
-===== morgen.bat ===== 
-<code> 
-@echo off 
-setlocal 
-rem Datum auslesen 
-set tag=%date:~-10,2% 
-set monat=%date:~-7,2% 
-set jahr=%date:~-4% 
- 
-if %monat% NEQ 2 goto :done 
-rem Letzter Tag im Februar, Schaltjahr prüfen 
-set /a mod4=jahr % 4 
-set /a mod100=jahr % 100 
-set /a mod400=jahr % 400 
-set ltag=28 
-if %mod4% NEQ 0 goto :done 
-set ltag=29 
-if %mod100% NEQ 0 goto :done 
-set ltag=28 
-if %mod400% NEQ 0 goto :done 
-set ltag=29 
-:done 
- 
-rem Letzter Tag des Monats 
-if %monat% EQU 1 set ltag=31 
-if %monat% EQU 3 set ltag=31 
-if %monat% EQU 4 set ltag=30 
-if %monat% EQU 5 set ltag=31 
-if %monat% EQU 6 set ltag=30 
-if %monat% EQU 7 set ltag=31 
-if %monat% EQU 8 set ltag=31 
-if %monat% EQU 9 set ltag=30 
-if %monat% EQU 10 set ltag=31 
-if %monat% EQU 11 set ltag=30 
-if %monat% EQU 12 set ltag=31 
- 
-set /a tag+=1 
-if %tag% GTR %ltag% set /a monat+=1 & set tag=1 
-if %monat% GTR 12 set /a jahr+=1 & set monat=1 
- 
-echo %tag%.%monat%.%jahr% 
-</code> 
- 
-===== control ===== 
-<code winst> 
-[Package] 
-version: 2 
-depends:  
-incremental: False 
- 
-[Product] 
-type: localboot 
-id: local-admin-user 
-name: Lokaler Adminbenutzer 
-description: Lokaler Benutzer anlegen 
-advice:  
-version: 0.2 
-priority: 0 
-licenseRequired: False 
-productClasses:  
-setupScript: setup.ins 
-uninstallScript: uninstall.ins 
-updateScript:  
-alwaysScript:  
-onceScript:  
-customScript:  
-userLoginScript: 
- 
-[ProductProperty] 
-type: unicode 
-name: flag_active 
-multivalue: False 
-editable: False 
-description: Benutzer aktiv 
-values: ["off", "on"] 
-default: ["off"] 
- 
-[ProductProperty] 
-type: unicode 
-name: val_username 
-multivalue: False 
-editable: True 
-description: Benutzername des lokalen User 
-values: ["locsupp"] 
-default: ["locsupp"] 
- 
-[ProductProperty] 
-type: unicode 
-name: val_groupmember 
-multivalue: False 
-editable: False 
-description: Gruppenmitgliedschaft des lokalen Users 
-values: ["Benutzer", "Administratoren", "Gaeste"] 
-default: ["Administratoren"] 
- 
-[ProductProperty] 
-type: unicode 
-name: val_userpasswd 
-multivalue: False 
-editable: True 
-description: Passwort des lokalen Users 
-values: ["SecurePW!"] 
-default: ["SecurePW!"] 
- 
-[ProductProperty] 
-type: unicode 
-name: val_expires 
-multivalue: False 
-editable: True 
-description: Expires 
-values: ["never", "tomorrow"] 
-default: ["tomorrow"] 
-</code> 
userspace/local_user.txt · Last modified: 2021/08/23 08:37 (external edit)

Page Tools

Except where otherwise noted, content on this wiki is licensed under the following license: CC Attribution-Share Alike 4.0 International
CC Attribution-Share Alike 4.0 International Donate Powered by PHP Valid HTML5 Valid CSS Driven by DokuWiki