StumpedTechy
MIS
Okay here is where I have a problem. We have about 30 different machine images to say the lest. I was supplied a code in which I modified it a bit.... here is the end result.
Now this all works fine and dandy but there are a few issues.
1) Not all built in Administrators accounts are Administrator. Some have been renamed.
2) Some of the machines already have a NewAccountName but this is NOT the built in administrators account.
What I want to do is modify this script to 1) Check the machine for the built in administrators account 2) Delete out any occurance of NewAccountName IF it is NOT the built in administrators account. Lastly 3) rename and reset the password on the account..
Part 3 really is taken care of in the script above. Part 2 I know that you can't do an account delete of a built in administrators account so I think I can just do a blanket objDevice.Delete "user", NewAccountName is this correct or will this actually do any harm if it is the built in administrators account? What I really need help figuing out how to, through VBScripting, determine the BUILT IN administrators account and manipulating ONLY that account no matter what the current name is.
Code:
Option Explicit
' On Error Resume Next
Dim objAdminAccount, objDevice, objFileInput, objFileOutput, objFSO, strDeviceName, strPass
Const INPUT_FILE_NAME = "Devices.txt"
Const OUTPUT_FILE_NAME = "Status.csv"
Const RENAME_ADMIN_USERS = False
Sub DestroyObjects()
If IsObject(objAdminAccount) Then Set objAdminAccount = Nothing
If IsObject(objDevice) Then Set objDevice = Nothing
If IsObject(objFileInput) Then Set objFileInput = Nothing
If IsObject(objFileOutput) Then Set objFileOutput = Nothing
If IsObject(objFSO) Then Set objFSO = Nothing
End Sub
Set objFSO = WScript.CreateObject("Scripting.FileSystemObject")
If objFSO.FileExists(INPUT_FILE_NAME) Then
Set objFileInput = objFSO.OpenTextFile(INPUT_FILE_NAME)
Set objFileOutput = objFSO.CreateTextFile(OUTPUT_FILE_NAME)
objFileoutput.WriteLine "Device name,Status"
Do Until objFileInput.AtEndOfStream
strDeviceName = UCase(Trim(objFileInput.ReadLine))
strPass = "NewSuperSecretPassword"
On Error Resume Next
Set objAdminAccount = GetObject("WinNT://" & strDeviceName & "/Administrator")
If Err.Number = 0 Then
If RENAME_ADMIN_USERS Then
objAdminAccount.SetPassword(strPass)
objAdminAccount.SetInfo
Set objDevice = GetObject("WinNT://" & strDeviceName)
objDevice.MoveHere objAdminAccount.ADsPath, "NewAccountName"
objFileOutput.WriteLine strDeviceName & ",Modified user Administrator: renamed
to Phoebe"
Else
objFileOutput.WriteLine strDeviceName & ",User Administrator exists but was not
modified"
End If
Else
Set objAdminAccount = GetObject("WinNT://" & strDeviceName & "/NewAccountName")
If Err.Number = 0 Then
objFileOutput.WriteLine strDeviceName & ",User NewAccountName exists and was not
modified"
Else
objFileOutput.WriteLine strDeviceName & ",Administrative user cannot be
determined"
End If
End If
Loop
Else
MsgBox "The input file (" & INPUT_FILE_NAME & ") does not exist. Please create this file or
modify the INPUT_FILE_NAME constant on line 32 of this script:" & vbCrLf & vbCrLf &
WScript.ScriptFullName & vbCrLf & vbCrLf & "to reflect the correct path.", vbCritical,
"Execution aborted"
WScript.Quit 1
End If
DestroyObjects()
MsgBox "Execution completed successfully. For more information, pleae view the '" &
OUTPUT_FILE_NAME & "' file.", vbInformation, "Execution completed"
Now this all works fine and dandy but there are a few issues.
1) Not all built in Administrators accounts are Administrator. Some have been renamed.
2) Some of the machines already have a NewAccountName but this is NOT the built in administrators account.
What I want to do is modify this script to 1) Check the machine for the built in administrators account 2) Delete out any occurance of NewAccountName IF it is NOT the built in administrators account. Lastly 3) rename and reset the password on the account..
Part 3 really is taken care of in the script above. Part 2 I know that you can't do an account delete of a built in administrators account so I think I can just do a blanket objDevice.Delete "user", NewAccountName is this correct or will this actually do any harm if it is the built in administrators account? What I really need help figuing out how to, through VBScripting, determine the BUILT IN administrators account and manipulating ONLY that account no matter what the current name is.