/build/static/layout/Breadcrumb_cap_w.png

K2000: Get username as pre-installation task and use it in post installation task to make the user local administrator

Hi everyone,

Thank you for taking the time to read this. I would like to make the last logged on user, local administrator on the newly installed system. I would not like to discuss whether it is wise or unwise to make all users local administrator.

The problem is not with making a user local administrator. There are hunderds of scripts to find for this. The problem for me is how to get the username as a preinstallation task, save it somewhere and use it in the post installation task.

I do use an executable for the computer name, this called computer name x64. 

Does anyone know how to do this? Or give me some pointers? I tried looking for it on google but couldn't really find anything.

Thank you in advance,

Paul Theelen

Asked 12 years ago 4143 views
0 Comments   [ + ] Show comments

Answers (4)

Posted by: SMal.tmcc 12 years ago
Red Belt
3

paul.theelen | 53 mins ago |                           

I forgot to mention that they are AD accounts so no need to transfer the password.

If they are AD accounts create post tasks or 1000 script and all you need is

net localgroup administrators /add domain\user

Comments:
  • http://technet.microsoft.com/en-us/library/bb490706 - SMal.tmcc 12 years ago
  • Hi all,

    I just tried this script and for some reason it doesn't pick up the username when no one is logged in... Furthermore it doesn't work on a German WIN7 but it does work on English WIN7 when a user is logged on. It give the following error: It can not find the group.

    Set fso = CreateObject("Scripting.FileSystemObject")
    Set Network = CreateObject("Wscript.network")

    'Get computername
    Set wshShell = WScript.CreateObject( "WScript.Shell" )
    strComputer = wshShell.ExpandEnvironmentStrings( "%COMPUTERNAME%" )

    'Get local group administrators
    If fso.FileExists("C:\Programme") Then
    Set objLocalAdminGroupGerman = GetObject("WinNT://" & strComputer & "/Administratoren")
    Else
    Set objLocalAdminGroupEnglish = GetObject("WinNT://" & strComputer & "/Administrators")
    End If

    'Set M: drivemapping
    If Not fso.DriveExists("M:") then
    'Create drivemapping
    Network.MapNetworkDrive "M:", "\\servername\Username", false, "domain\username", "password"
    WScript.Sleep 1000
    End If

    'Open text file and read the line
    If fso.FileExists("M:" & strComputer & ".txt") Then
    Set objFile = fso.OpenTextFile("M:" & strComputer & ".txt",1,True)
    strUser = objFile.Readline
    objFile.Close

    'Add user to the local administrators group
    If fso.FileExists("C:\Programme") Then
    objLocalAdminGroupGerman.Add("WinNT://domain/" & strUser)
    Else
    objLocalAdminGroupEnglish.Add("WinNT://domain/" & strUser)
    End If
    End If - paul.theelen 12 years ago
  • look at this link How Can I Determine the Name of the Local Administrators Group?
    http://blogs.technet.com/b/heyscriptingguy/archive/2005/11/02/how-can-i-determine-the-name-of-the-local-administrators-group.aspx - SMal.tmcc 12 years ago
  • Network.MapNetworkDrive "M:", "\\servername\Username", false, "domain\username", "password" Where are you getting the "username" from? - SMal.tmcc 12 years ago
  • The first username is just the name of a share, the second one is the one used for creating the drive mapping. A bit of a bad choice of names. - paul.theelen 12 years ago
  • Do you have a security policy enabled to hide last logged on user?
    "Interactive Logon: Hide last user." - SMal.tmcc 12 years ago
  • No and the value is filled when I shutdown the laptop. - paul.theelen 12 years ago
Posted by: dugullett 12 years ago
Red Belt
3

I think your biggest challenge will be replicating the password for the account over. I'm not sure that can be done.

Comments:
  • I forgot to mention that they are AD accounts so no need to transfer the password. - paul.theelen 12 years ago
    • If they are AD accounts why not set that up in group policy? Unless your wanting just that user to be a member? I would think it would be easier to create an admin group. - dugullett 12 years ago
  • Well only the user who the machine belongs to is local administrator on the system. Furthermore ofcourse the IT department and that is managed via GPO using AD Groups. - paul.theelen 12 years ago
Posted by: Roonerspism 12 years ago
Second Degree Brown Belt
1

Wow, this looks like over kill to me.

Why not simply perform an sql query on the machine object and save it to a text file on c during the deployment process? The knit tools have sql available in them now for when you create boot media. Then read it back as a post task and use net user to set that user as a member of administrators?

We use an sql query here to set the 'assigned user' of an asset as the local administrator here.

 

Comments:
  • Could you post me how to do this as you already done it. Couldn't get my script to work in Windows PE. - paul.theelen 12 years ago
Posted by: SMal.tmcc 12 years ago
Red Belt
1

For any users you want to create you can use post 2000 script or 1000 scripts for each user name you want to push to a certain machine or read the registry like they do for getcomputer.vbs script and apply the name with a modified apply computername.vbs

To do this as a script use the "net user" and "net localgroup" command to create the name, set password and make it an admin

http://support.microsoft.com/kb/251394

http://technet.microsoft.com/en-us/library/bb490706

To read the user from the registry you would want to load the software hive and read([HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Authentication\LogonUI\lastloggedonuser].  store that key and then as post task read the stored key and either use a vb script, powershell or netuse to apply that as a variable for the user in the script.  set a default pw and force them to change it on first login.

The Get computer.vbs that comes with the K2000 looks like this.

Set fso = CreateObject("Scripting.FileSystemObject")
Set diskDrives = fso.Drives

regFound = False
'Search through fixed drives (Drivetype = 2) for required registry file.
For Each drive In diskDrives
    If (drive.DriveType = 2) and fso.FileExists(drive.DriveLetter & ":\WINDOWS\System32\Config\SYSTEM") Then
        systemDrive = drive.DriveLetter
        regFound = True
        exit for
    End If
NEXT

'Registry not found
If regFound = False Then
    WScript.Quit
End If

'Get the computer name from the registry
Set wshShell = CreateObject("WScript.Shell")
Set execStatus = wshShell.Exec("reg load HKLM\TEMP_SYSTEM " & systemDrive & ":\WINDOWS\System32\Config\SYSTEM")
'Wait for registry to load completely (max 10 seconds)
count = 0
Do While (count < 10) and execStatus.Status = 0
    WScript.Sleep 1000
    count = count + 1
Loop
If execStatus.Status = 0 Then
    WScript.Quit
End If
regKeyCompName = "HKLM\TEMP_SYSTEM\ControlSet001\Control\ComputerName\ComputerName\ComputerName"
compName = wshShell.RegRead(regKeyCompName)
WshShell.Exec("reg unload HKLM\TEMP_SYSTEM")
WScript.Sleep 1000

'Dump the computer name into a file named as the mac address inside T:
If fso.DriveExists("T:") then
 'Get mac adress
 Set objSysEnv = wshShell.Environment("PROCESS")
 macAddress = objSysEnv("MAC_ADDRESS")
    Set compNameFile = fso.CreateTextFile("T:\" & macAddress, True)
Else
 usbDrive = fso.GetDriveName(wscript.ScriptFullName)
    Set compNameFile = fso.CreateTextFile(usbDrive & "\KACE\ComputerName", True)
End If
compNameFile.WriteLine(compName)
compNameFile.Close

You could rework this to read the software hive and user keyset instead of system/machine name

One of the other Script wizards may be to look at this concept and give you the script you would need to do this

Comments:
  • sample of net commands

    start /wait net user administrator /active:yes
    start /wait net localgroup administrators f12master /add
    Start /wait net user administrator ***********
    Start /wait net user f12master ********** - SMal.tmcc 12 years ago
  • This is definitely a good pointer. Will think about it, not sure if it will pay back on the long term... - paul.theelen 12 years ago
  • Was actually rather easy so far, extracted the username and wrote it to a file. Will post it after I actually tested it. - paul.theelen 12 years ago
  • Hmmzzz i'm having some problem when running the script via the K2000...

    The key exists but the value is empty. Do you guys have any idea why?

    Set fso = CreateObject("Scripting.FileSystemObject")
    Set diskDrives = fso.Drives
    Set Network = CreateObject("Wscript.network")

    bolRegFound = False
    'Search through fixed drives (Drivetype = 2) for required registry file.
    For Each drive In diskDrives
    If (drive.DriveType = 2) and fso.FileExists(drive.DriveLetter & ":\WINDOWS\System32\Config\SOFTWARE") Then
    systemDrive = drive.DriveLetter
    bolRegFound = True
    exit for
    End If
    NEXT

    'Registry not found
    If bolRegFound = False Then
    WScript.Quit
    End If

    'Get the username from the registry and load the hive
    Set wshShell = CreateObject("WScript.Shell")
    Set execStatus = wshShell.Exec("reg load HKLM\Software" & systemDrive & ":\WINDOWS\System32\Config\SOFTWARE")

    'Wait for registry to load completely (max 10 seconds)
    count = 0
    Do While (count < 10) and execStatus.Status = 0
    WScript.Sleep 1000
    count = count + 1
    Loop
    If execStatus.Status = 0 Then
    WScript.Quit
    End If
    'Registry key to the username
    regKeyUserName = "HKLM\Software\Microsoft\Windows\CurrentVersion\Authentication\LogonUI\LastLoggedOnUser"
    'Read the username

    strUsernameDummy = bKeyExists(regKeyUserName)
    strUsername = wshShell.RegRead(regKeyUserName)

    'Unload hive
    WshShell.Exec("reg unload HKLM\Software")
    WScript.Sleep 1000

    'Dump the username into a file named as the computername inside M:
    If Not fso.DriveExists("M:") then
    'Create drivemapping
    Network.MapNetworkDrive "M:", "\\servername\Username", false, "domain\username", "password"
    WScript.Sleep 1000
    End If
    'Get computername
    Set wshShell = WScript.CreateObject( "WScript.Shell" )
    strComputer = wshShell.ExpandEnvironmentStrings( "%COMPUTERNAME%" )
    'Create text file
    Set compNameFile = fso.CreateTextFile("M:" & strComputer & ".txt", True)
    'Get the letters after eugad\ for the username
    If StrComp(Left(strUsername,8),"DOMAIN1") = 0 or StrComp(Left(strUsername,8),"domain1") = 0 Then
    strUsernameNoDomain = Mid(strUsername,12)
    'Get the letters after hirschmann.fr\ for the username
    Elseif StrComp(Left(strUsername,15),"DOMAIN2") = 0 or StrComp(Left(strUsername,15),"domain2") = 0 Then
    strUsernameNoDomain = Mid(strUsername,17)
    end if
    'Write to file and close the file afterwards
    compNameFile.WriteLine(strUsernameNoDomain)
    compNameFile.Close

    Function bKeyExists(key)
    Dim RegReadReturn
    bKeyExists = True
    key = Trim (key)
    'If Not Right(key, 1) = "\" Then
    ' key = key & "\"
    'End if
    On Error Resume Next
    RegReadReturn = WshShell.RegRead(key)
    If Err Then
    If Left(err.description,7) = "Invalid" Then
    wscript.echo "key not found..."
    bKeyExists = False
    ElseIf Left(err.description,6) = "Unable" Then
    wscript.echo "no default value set, but key exists..."
    Else
    wscript.echo "unexpected error"
    End if
    Err.clear
    WScript.Quit
    End if
    On Error Goto 0
    End Function - paul.theelen 12 years ago

Posted by:

paul.theelen Orange Senior Belt
Ninja since: 12 years ago

Don't be a Stranger!

Sign up today to participate, stay informed, earn points and establish a reputation for yourself!

Sign up! or login

View more:

KACE Product Support Questions
question

Related Questions

Link

Related Links

Post

Related Posts

Share

 
This website uses cookies. By continuing to use this site and/or clicking the "Accept" button you are providing consent Quest Software and its affiliates do NOT sell the Personal Data you provide to us either when you register on our websites or when you do business with us. For more information about our Privacy Policy and our data protection efforts, please visit GDPR-HQ