This shows you the differences between two versions of the page.
Both sides previous revision Previous revision Next revision | Previous revision | ||
userspace:local_user [2012/06/11 19:39] qx23 |
userspace:local_user [2021/08/23 08:37] (current) |
||
---|---|---|---|
Line 1: | Line 1: | ||
===== Lokalen Benutzer anlegen ===== | ===== Lokalen Benutzer anlegen ===== | ||
Kommentar und Verbesserungen erwünscht! | Kommentar und Verbesserungen erwünscht! | ||
+ | |||
+ | Entwickelt und getestet auf Win 7 64bit. | ||
Manchmal ist es aus diveresen Gründen praktisch, einen lokalen Benutzer in der lokalen Administratorengruppe zu haben. Dieser Benutzer ist ausserhalb einer Domäne. | Manchmal ist es aus diveresen Gründen praktisch, einen lokalen Benutzer in der lokalen Administratorengruppe zu haben. Dieser Benutzer ist ausserhalb einer Domäne. | ||
Line 16: | Line 18: | ||
* Benutzer lässt sich aktivieren und deaktivieren | * Benutzer lässt sich aktivieren und deaktivieren | ||
* Prüfung ob User bereits existiert | * Prüfung ob User bereits existiert | ||
- | + | * Benutzer ist im Standard deaktiviert um nicht aus Versehen eine mögliche Sicherheitslücke zu schaffen. | |
- | To Do: | + | * Konto läuft am nächsten Tag oder nie |
- | * Konto ablaufen lassen | + | * Gruppen |
- | * lokale | + | |
===== setup.ins ===== | ===== setup.ins ===== | ||
- | <code winst> | + | <code winst> |
- | [Actions] | + | |
requiredWinstVersion >= " | requiredWinstVersion >= " | ||
setLogLevel=3 | setLogLevel=3 | ||
DefVar $ProductName$ | DefVar $ProductName$ | ||
- | DefVar $OpsiAdminPass$ | + | DefVar $local_user$ |
- | DefVar $OpsiAdminUser$ | + | DefVar $Group$ |
- | DefVar $AdminGroup$ | + | |
DefVar $SearchResult$ | DefVar $SearchResult$ | ||
DefVar $flag_active$ | DefVar $flag_active$ | ||
- | DefVar $val_adminpasswd$ | + | DefVar $val_userpasswd$ |
- | DefVar $val_adminusername$ | + | DefVar $val_username$ |
+ | DefVar $val_groupmember$ | ||
+ | DefVar $val_expires$ | ||
DefVar $UserExists$ | DefVar $UserExists$ | ||
+ | DefVar $UserGroup$ | ||
+ | DefVar $date_tomorrow$ | ||
+ | DefVar $pwd_expires$ | ||
DefStringlist $ResultList$ | DefStringlist $ResultList$ | ||
DefStringlist $ResultList2$ | DefStringlist $ResultList2$ | ||
+ | DefStringlist $ResultList3$ | ||
sub_get_properties | sub_get_properties | ||
Line 45: | Line 50: | ||
comment "get the name of the admin group" | comment "get the name of the admin group" | ||
comment "using psgetsid from sysinernals pstools" | comment "using psgetsid from sysinernals pstools" | ||
+ | |||
+ | if $UserGroup$ = " | ||
set $ResultList$ = getOutStreamFromSection(" | set $ResultList$ = getOutStreamFromSection(" | ||
- | set $AdminGroup$ = takeString(6, | + | endif |
- | set $AdminGroup$ = takeString(1, | + | |
+ | if $UserGroup$ = " | ||
+ | set $ResultList$ = getOutStreamFromSection(" | ||
+ | endif | ||
+ | |||
+ | if $UserGroup$ = " | ||
+ | set $ResultList$ = getOutStreamFromSection(" | ||
+ | endif | ||
+ | |||
+ | set $Group$ = takeString(6, | ||
+ | set $Group$ = takeString(1, | ||
comment "Check if user exists." | comment "Check if user exists." | ||
Line 53: | Line 70: | ||
set $ResultList2$ = getOutStreamFromSection(" | set $ResultList2$ = getOutStreamFromSection(" | ||
set $UserExists$ = takeString(0, | set $UserExists$ = takeString(0, | ||
- | set $UserExists$ = takeString(0, | ||
setLogLevel=0 | setLogLevel=0 | ||
- | comment " | + | comment " |
if $UserExists$ = " | if $UserExists$ = " | ||
DosInAnIcon_makeadmin | DosInAnIcon_makeadmin | ||
Line 68: | Line 84: | ||
comment " | comment " | ||
comment " | comment " | ||
- | if $flag_active$ = "yes" | + | if $flag_active$ = "on" |
DosInAnIcon_enable_admin | DosInAnIcon_enable_admin | ||
else | else | ||
DosInAnIcon_disable_admin | DosInAnIcon_disable_admin | ||
+ | endif | ||
+ | |||
+ | set $ResultList3$ = getOutStreamFromSection(" | ||
+ | set $date_tomorrow$ = takeString(2, | ||
+ | ;set $date_tomorrow$ = takeString(1, | ||
+ | |||
+ | if $val_expires$ = " | ||
+ | DosInAnIcon_expires_never | ||
+ | else | ||
+ | DosInAnIcon_expires_tomorrow | ||
+ | endif | ||
+ | |||
+ | if $pwd_expires$ = " | ||
+ | DosInAnIcon_pwd_expires_never | ||
endif | endif | ||
Line 79: | Line 109: | ||
Set $flag_active$ = GetProductProperty(" | Set $flag_active$ = GetProductProperty(" | ||
- | comment "val_adminpasswd" | + | comment "val_userpasswd" |
comment " | comment " | ||
- | Set $val_adminpasswd$ = GetProductProperty(" | + | Set $val_userpasswd$ = GetProductProperty(" |
- | comment "val_adminusername" | + | comment "val_username" |
comment " | comment " | ||
- | set $OpsiAdminUser$= GetProductProperty(" | + | set $local_user$= GetProductProperty(" |
+ | |||
+ | comment " | ||
+ | comment " | ||
+ | set $UserGroup$= GetProductProperty(" | ||
+ | |||
+ | comment " | ||
+ | comment " | ||
+ | set $val_expires$ = GetProductProperty(" | ||
+ | |||
+ | comment " | ||
+ | comment " | ||
+ | set $pwd_expires$ = GetProductProperty(" | ||
[DosInAnIcon_checkuser] | [DosInAnIcon_checkuser] | ||
@echo off | @echo off | ||
- | net user $OpsiAdminUser$ >nul 2>&1 && echo yes || echo no | + | net user $local_user$ >nul 2>&1 && echo yes || echo no |
[DosInAnIcon_get_admin_group] | [DosInAnIcon_get_admin_group] | ||
@echo off | @echo off | ||
" | " | ||
+ | |||
+ | [DosInAnIcon_get_user_group] | ||
+ | @echo off | ||
+ | " | ||
+ | |||
+ | [DosInAnIcon_get_guest_group] | ||
+ | @echo off | ||
+ | " | ||
[DosInAnIcon_makeadmin] | [DosInAnIcon_makeadmin] | ||
- | NET USER $OpsiAdminUser$ $val_adminpasswd$ /ADD / | + | NET USER $local_user$ $val_userpasswd$ /ADD / |
- | NET LOCALGROUP $AdminGroup$ /ADD $OpsiAdminUser$ | + | NET LOCALGROUP $Group$ /ADD $local_user$ |
[DosInAnIcon_alter_pw] | [DosInAnIcon_alter_pw] | ||
- | NET USER $OpsiAdminUser$ $val_adminpasswd$ | + | NET USER $local_user$ $val_userpasswd$ |
[DosInAnIcon_enable_admin] | [DosInAnIcon_enable_admin] | ||
- | NET USER $OpsiAdminUser$ /active:yes | + | NET USER $local_user$ /active:yes |
[DosInAnIcon_disable_admin] | [DosInAnIcon_disable_admin] | ||
- | NET USER $OpsiAdminUser$ /active:no | + | NET USER $local_user$ /active:no |
+ | |||
+ | [DosInAnIcon_get_date_tomorrow] | ||
+ | %ScriptPath%\morgen.bat | ||
+ | |||
+ | [DosInAnIcon_expires_never] | ||
+ | NET USER $local_user$ / | ||
+ | |||
+ | [DosInAnIcon_pwd_expires_never] | ||
+ | ; Fix siehe: https:// | ||
+ | wmic useraccount where name=' | ||
+ | |||
+ | [DosInAnIcon_expires_tomorrow] | ||
+ | NET USER $local_user$ / | ||
</ | </ | ||
===== uninstall.ins ===== | ===== uninstall.ins ===== | ||
Line 116: | Line 179: | ||
DefVar $ProductName$ | DefVar $ProductName$ | ||
DefVar $OpsiAdminPass$ | DefVar $OpsiAdminPass$ | ||
- | DefVar $OpsiAdminUser$ | + | DefVar $local_user$ |
DefVar $AdminGroup$ | DefVar $AdminGroup$ | ||
DefVar $SearchResult$ | DefVar $SearchResult$ | ||
DefVar $flag_active$ | DefVar $flag_active$ | ||
- | DefVar $val_adminpasswd$ | + | DefVar $val_userpasswd$ |
- | DefVar $val_adminusername$ | + | DefVar $val_username$ |
DefVar $UserExists$ | DefVar $UserExists$ | ||
DefVar $LocalTempPath$ | DefVar $LocalTempPath$ | ||
Line 135: | Line 198: | ||
if $UserExists$ = " | if $UserExists$ = " | ||
- | DosInAnIcon_deleteadmin | + | DosInAnIcon_deleteuser |
else | else | ||
- | LogError "User '" | + | LogError "User '" |
isFatalError | isFatalError | ||
endif | endif | ||
Line 143: | Line 206: | ||
[sub_get_properties] | [sub_get_properties] | ||
- | comment "val_adminusername" | + | comment "val_username" |
- | comment " | + | comment " |
- | set $OpsiAdminUser$= GetProductProperty(" | + | set $local_user$= GetProductProperty(" |
[DosInAnIcon_checkuser] | [DosInAnIcon_checkuser] | ||
@echo off | @echo off | ||
- | net user $OpsiAdminUser$ >nul 2>&1 && echo yes || echo no | + | net user $local_user$ >nul 2>&1 && echo yes || echo no |
- | [DosInAnIcon_deleteadmin] | + | [DosInAnIcon_deleteuser] |
- | NET USER $OpsiAdminUser$ /DELETE | + | NET USER $local_user$ /DELETE |
[DosInAnIcon_deleteprofile] | [DosInAnIcon_deleteprofile] | ||
- | rmdir /S /Q " | + | rmdir /S /Q " |
+ | </ | ||
+ | |||
+ | ===== morgen.bat ===== | ||
+ | < | ||
+ | @echo off | ||
+ | setlocal | ||
+ | rem Datum auslesen | ||
+ | set tag=%date: | ||
+ | set monat=%date: | ||
+ | set jahr=%date: | ||
+ | |||
+ | if %monat% NEQ 2 goto :done | ||
+ | rem Letzter Tag im Februar, Schaltjahr prüfen | ||
+ | set /a mod4=jahr % 4 | ||
+ | set /a mod100=jahr % 100 | ||
+ | set /a mod400=jahr % 400 | ||
+ | set ltag=28 | ||
+ | if %mod4% NEQ 0 goto :done | ||
+ | set ltag=29 | ||
+ | if %mod100% NEQ 0 goto :done | ||
+ | set ltag=28 | ||
+ | if %mod400% NEQ 0 goto :done | ||
+ | set ltag=29 | ||
+ | :done | ||
+ | |||
+ | rem Letzter Tag des Monats | ||
+ | if %monat% EQU 1 set ltag=31 | ||
+ | if %monat% EQU 3 set ltag=31 | ||
+ | if %monat% EQU 4 set ltag=30 | ||
+ | if %monat% EQU 5 set ltag=31 | ||
+ | if %monat% EQU 6 set ltag=30 | ||
+ | if %monat% EQU 7 set ltag=31 | ||
+ | if %monat% EQU 8 set ltag=31 | ||
+ | if %monat% EQU 9 set ltag=30 | ||
+ | if %monat% EQU 10 set ltag=31 | ||
+ | if %monat% EQU 11 set ltag=30 | ||
+ | if %monat% EQU 12 set ltag=31 | ||
+ | |||
+ | set /a tag+=1 | ||
+ | if %tag% GTR %ltag% set /a monat+=1 & set tag=1 | ||
+ | if %monat% GTR 12 set /a jahr+=1 & set monat=1 | ||
+ | |||
+ | echo %tag%.%monat%.%jahr% | ||
</ | </ | ||
Line 161: | Line 267: | ||
<code winst> | <code winst> | ||
[Package] | [Package] | ||
- | version: | + | version: |
depends: | depends: | ||
incremental: | incremental: | ||
Line 169: | Line 275: | ||
id: local-admin-user | id: local-admin-user | ||
name: Lokaler Adminbenutzer | name: Lokaler Adminbenutzer | ||
- | description: | + | description: |
advice: | advice: | ||
- | version: 0.1 | + | version: 0.2 |
priority: 0 | priority: 0 | ||
licenseRequired: | licenseRequired: | ||
Line 194: | Line 300: | ||
[ProductProperty] | [ProductProperty] | ||
type: unicode | type: unicode | ||
- | name: val_adminusername | + | name: val_username |
multivalue: False | multivalue: False | ||
editable: True | editable: True | ||
- | description: | + | description: |
values: [" | values: [" | ||
default: [" | default: [" | ||
Line 203: | Line 309: | ||
[ProductProperty] | [ProductProperty] | ||
type: unicode | type: unicode | ||
- | name: val_adminpasswd | + | name: val_groupmember |
+ | multivalue: False | ||
+ | editable: False | ||
+ | description: | ||
+ | values: [" | ||
+ | default: [" | ||
+ | |||
+ | [ProductProperty] | ||
+ | type: unicode | ||
+ | name: val_userpasswd | ||
multivalue: False | multivalue: False | ||
editable: True | editable: True | ||
- | description: | + | description: |
values: [" | values: [" | ||
default: [" | default: [" | ||
+ | |||
+ | [ProductProperty] | ||
+ | type: unicode | ||
+ | name: val_expires | ||
+ | multivalue: False | ||
+ | editable: True | ||
+ | description: | ||
+ | values: [" | ||
+ | default: [" | ||
+ | |||
+ | [ProductProperty] | ||
+ | type: unicode | ||
+ | name: pwd_expires | ||
+ | multivalue: False | ||
+ | editable: True | ||
+ | description: | ||
+ | values: [" | ||
+ | default: [" | ||
</ | </ |