Exposing User Account Login Workstations - KiXtart.org - official site

You are not logged in. [Log In] KiXtart.org website » Forums » KiXtart » Basic Scripting » Exposing User Account Login Workstations

Page 2 of 2

2

Topic Options

#20603 - 2002-04-27 08:50 PM Re: Exposing User Account Login Workstations
Shawn Shawn Administrator Registered: 1999-08-13 Posts: 8611	pfffttt - my wife wanted to use the home wkstn here, so she booted me off and switched user over to her account - then when I went to log back in, found out that I had locked myself out of my own wkstn - roflmao - guess it works ! -Shawn
Top

#20604 - 2002-04-28 02:44 AM Re: Exposing User Account Login Workstations
Les Les KiX Master Registered: 2001-06-11 Posts: 12734 Loc: fortfrances.on.ca	ROFL, Reminds me of my first go at RestrictRun policies on NT. I had the logic backwards, specifying NotePad as being the 'restricted' program. Logoff/logon and nothing BUT notepad would run. DOH! Thinking... time to reformat/reinstall... there had to be another way... Sparked up NotePad and through file dialog renamed regedt32 to notepad. Whew! Narrowly pulled my ass out of the fire. Afterwards (long afterwards) I came to the realization that I could have remotely edited the reg. I came this ' ' close to reinstall. After more than a few close calls locking myself out of NetWare servers, I learned to stay logged in at another wks JIC. I trust you had another admin account to save your ass. _________________________ Give a man a fish and he will be back for more. Slap him with a fish and he will go away forever.
Top

#20605 - 2002-04-28 05:11 AM Re: Exposing User Account Login Workstations
Les Les KiX Master Registered: 2001-06-11 Posts: 12734 Loc: fortfrances.on.ca	Shawn, your situation got me to thinking whether the 8 machine limit is just imposed by the GUI and not software or record size in the SAM. Seeing as your GUI didn't even support the entries yet experience proved otherwise... I used to have 'LoginWorkstations' restrictions on training lab 'student' accounts to just the PCs in the lab but that limited it to 8 by the GUI. Some of my users are such that they will abandon their own account in favor of a generic one with a well known password rather than manage their own password changes (every 90 days). before I set up my intranet, I had critical information on the network that needed unencumbered access so I had a 'guest' account with no passord. Before long, a lot of my users abandoned their named accounts and started using guest. Before y'all flame me with ways to do it in KiX, I know it can be done in the logon but I'm stubborn and don't wanna do it that way. I come from a NetWare background and Novell's station restrictions are far better than NT's. I'm too chicken shit to try pushing it to more in case I toast the SAM with a record overflow. _________________________ Give a man a fish and he will be back for more. Slap him with a fish and he will go away forever.
Top

#20606 - 2002-04-28 10:30 AM Re: Exposing User Account Login Workstations
ash wilson (kyosei) ash wilson (kyosei) Getting the hang of it Registered: 2002-04-22 Posts: 58 Loc: auckland new zealand	Shawn & Les, Interesing posts and conversation. However, using Shawn's code from posting 27 April 2002 19:24 I cannot get any output or errors and USRMGR via VPN to work show no changes have been made. So I don't know what is happening that it is working for both of you and not me? I am running 4.02, 4.00 gave errors previously posted. To confirm what I want to do, (using an admin script, not via the login script as originally posted - sorry, my error)... Read/modify entries in USRMGR a) User - description b) Groups - & memberships c) Hours - of access by user d) Login to - access by user e) Account - expiry details f) Dial-in - permissions/call back etc. Intention is to have a master database where required changes are made and then the admin script is run to implement those changes. The master database would have a GUI interface with suitable screen selection of changes to be made. The admin script would allow the changes without errors and could also be run in 'report' mode to create a new database copy to verify what changes were made when. Perhaps all this has already been done, if so tell me to go hide in a hole somewhere, but tell me where to find it first please! Even if it is available somewhere else I would like to try writing something like this! Appreciate your inputs to date and look forward to further posts. rgds kyosei ..for the common good. _________________________ KYOSEI. There are only three groups of people that can count. Those that can, and those that can't.
Top

#20607 - 2002-04-28 11:08 AM Re: Exposing User Account Login Workstations
ash wilson (kyosei) ash wilson (kyosei) Getting the hang of it Registered: 2002-04-22 Posts: 58 Loc: auckland new zealand	Shawn & Les, Don't panic - SO, SO, SORRY but Shawn's script is working. No idea why it wasn't a while ago, I only closed the VPN, re-pasted Shawn's code and re-tried via VPN and all worked fine .... mysterious! Couple of observations... 1) If null string "" is specified for 1st and only entry then Usrmgr clears all entries. (same as default option, user can log in to all workstations) 2) If null string "" is specified for 1st of a list of workstations then script displays a blank as the first new workstation followed by the rest of the list, but Usrmgr removes the null entry, just shows the rest of the list. Re-run the script, old workstations does not show the blank entry now. 3) Your thoughts about entering more than 8 entries in your posts. Advisable or not, testable or not? Thanks you guys for your help, I feel quite confident now that I can create a powerful admin tool so that minimally-trained staff can do mundane protected network changes without causing havoc. Sorry for my previous post error! rgds kyosei ..for the common good. _________________________ KYOSEI. There are only three groups of people that can count. Those that can, and those that can't.
Top

#20608 - 2002-04-28 11:39 AM Re: Exposing User Account Login Workstations
ash wilson (kyosei) ash wilson (kyosei) Getting the hang of it Registered: 2002-04-22 Posts: 58 Loc: auckland new zealand	Hi guys again, I need to initially retrieve all of the information I can from SAM for all users, not just one, so need to wrap a 'for each user in domain' type loop around Shawn's code but have not yet managed to achieve this. Any suggestions? Also can you provide object names for the winnt://domain object? Or where to find them? rgds kyosei ..for the common good. _________________________ KYOSEI. There are only three groups of people that can count. Those that can, and those that can't.
Top

#20609 - 2002-04-28 11:44 AM Re: Exposing User Account Login Workstations
ash wilson (kyosei) ash wilson (kyosei) Getting the hang of it Registered: 2002-04-22 Posts: 58 Loc: auckland new zealand	Hi guys again, I have been trying to add a 'for each user in domain' wrapper around Shawn's code but have not yet been successful, any suggestions? Need this to initially retrieve each user information from the SAM as a check. Any ideas also on where to find a list of Winnt://Domain object names? rgds kyosei ..for the common good. _________________________ KYOSEI. There are only three groups of people that can count. Those that can, and those that can't.
Top

#20610 - 2002-04-28 11:46 AM Re: Exposing User Account Login Workstations
ash wilson (kyosei) ash wilson (kyosei) Getting the hang of it Registered: 2002-04-22 Posts: 58 Loc: auckland new zealand	Huh!, Posted 2nd because 1st did not show, now they are both there, almost identical, sorry. rgds kyosei ..for the common good. _________________________ KYOSEI. There are only three groups of people that can count. Those that can, and those that can't.
Top

#20611 - 2002-04-28 03:35 PM Re: Exposing User Account Login Workstations
Les Les KiX Master Registered: 2001-06-11 Posts: 12734 Loc: fortfrances.on.ca	kyosei, If you do a search on this board for ADSI you will find many fine examples. Take note of the use of filters. There's an ADSI SDK available for download from M$ that includes a pretty good help file (ADSI25.CHM) listing properties and methods. Most of the examples are for VB or C. Translating from VBScript shouldn't be too difficult. We're probably not going to write all the code for you but if/when you run into a snag, post what you've got and we'll try to work through it. It helps if you give examples of what you're trying to do or links to similar code you found on the board. You may want to start a new thread in the scripts section, posting a snippet of what you have that doesn't work. _________________________ Give a man a fish and he will be back for more. Slap him with a fish and he will go away forever.
Top

Page 2 of 2

2

Previous Topic

Previous Topic View All Topics

View All Topics

Index Next Topic

Next Topic

Moderator: Jochen, Allen, Radimus, Glenn Barnas, ShaneEP, Ruud van Velsen, Arend_, Mart

Hop to:

Shout Box

Who's Online

0 registered and 765 anonymous users online.

Newest Members

batdk82, StuTheCoder, M_Moore, BeeEm, min_seow
17885 Registered Users

Generated in 0.061 seconds in which 0.028 seconds were spent on a total of 12 queries. Zlib compression enabled.

click tracking