Anyone know the Wbem.scripting add account class?

[Live2love]

Hi,

It's easy to connect using WinNT:\\ class and add a user account and add it to the administrators group as seen below in my "create local user account code." But how does one find all the classes for doing this the WBem way?

I have found only 1 or 2 WBEM classes and I've used them to connect to a remote computer, supplying alternate username/password using the Wbem Moniker as listed in the bottom script snippet.

But once I'm connected using the wbem class, how can I do things like create and modify local accounts on the remote server as listed in the "create local user account code"

There seems to be SO LITTLE info on the WBEM classes and methods, like adding a local account. Lots on AD, and lots on using Winmgmt and impersonate, but very little out there on wbem monikers using alternate credentials and the available classes.

Anyone have any insights?

L,
S

'create local user account code begin
Dim strComputer
strComputer = "."
Dim strUsr
strUsr = i
On Error Resume Next
Set colAccounts = GetObject("WinNT://" & strComputer & "")
Set objUser = colAccounts.Create("user", strUsr)
objUser.SetPassword "pass123"
objUser.SetInfo
'create local user account code end

'================================== wbem connection conx and gets ip and mac:

Set objWbemLocator = CreateObject("WbemScripting.SWbemLocator")
Set objWMIService = objWbemLocator.ConnectServer _
(strComputer, strNamespace)', strUserName, strPassword)

objWMIService.Security_.authenticationLevel = WbemAuthenticationLevelPktPrivacy

Set colItems = objWMIService.ExecQuery _
("Select * From Win32_NetworkAdapterConfiguration Where IPEnabled = True")

For Each objItem in colItems
WScript.Echo objItem.MACAddress
For Each strAddress in objItem.IPAddress
WScript.Echo strAddress
Next

 

[mrmovie]

is it the DS_User class you are interested in?

 

[Live2love]

Hi MrMovie,

What's your favorite movie?

I looked at a few examples of this class but didn't see a method that would allow me to add account / modify account.

Should I?

Thanks!

Live2love

 

[mrmovie]

not sure Live2Love, i just pulled that class from one of my WMI books, didnt check what methods it had

fav movies, 'fear and loathing in las vegas', 'detriot rock city', 'withnailandi'..

 

[Live2love]

Huh...since you are a movie afficianado and I've never heard of those, they must be good. Must check them out!

Here is my script, but I get an AD error. I am trying to add an account to a remote w2k member server not part of a domain and I am using alternate credentials.

Anyone have a clue?

Thanks!

L,
S

---------
C:\scripts\scratch\add_local_account_OpenDSObject_method.vbs(55, 1)
Active Directory: An invalid directory pathname was passed


Set objUser = colAccounts.Create("user", testaccount) 'line 55


There seems to be very little on passing username/password to local
member servers out there - it's all AD. I guess we have to put them in
a domain.


Was this also to work on local member servers?


and here is my script:

' If the accounts are local, you must use the WinNT provider, as the 
local SAM 
' account database is not LDAP compliant. You can use the OpenDSObject 
method 
' To pass credentials. For example: 
' ============ 


' On Error Resume Next 
' Err.Raise 10 
' Err.HelpFile = "userhelp.hlp" 
' Err.HelpContext = usercontextID 
' If Err.Number <> 0 Then 
'    MsgBox "Error: " & Err.Description, Err.Helpfile, _ 
'                  Err.HelpContext 
' End If 


Dim strComputer, strUsr, strPassword 
Dim strUsrAcc, strPass 
Dim strPeople 


Const ADS_SECURE_AUTHENTICATION = &H1 
Const ADS_USE_ENCRYPTION = &H2 


' Specify remote computer. 
strComputer = "qqqqqq" 


' Specify credentials on the remote computer. 
strUser = "[URL unfurl="true"]wwwwww"[/URL] 
strPassword = "xxxxxx" 


' Bind to object on the remote computer. 
Set objNS = GetObject("WinNT:") 
Set objComputer = objNS.OpenDSObject("WinNT://" & strComputer & 
",computer", _ 
strUser, strPassword, ADS_SECURE_AUTHENTICATION Or ADS_USE_ENCRYPTION) 


If Err.Number <> 0 Then 
   MsgBox "Error: " & Err.Description, Err.Helpfile, _ 
                 Err.HelpContext 
   End If 


'create local user account code begin 


If Err.Number <> 0 Then 
   MsgBox "Error: " & Err.Description, Err.Helpfile, _ 
                 Err.HelpContext 
End If 


strUsrAcc = testusr 
strPeople = strUsrAcc 
strPass = pass 
'On Error Resume Next 
Set colAccounts = GetObject("WinNT://" & strComputer & "") 
Set objUser = colAccounts.Create("user", testaccount)   'line 55 
objUser.SetPassword "strPass" 
objUser.SetInfo 
'create local user account code end 


'Add user to administrators group 
Set objGroup = GetObject("WinNT://" & strComputer & "/Administrators") 
Set objUser = GetObject("WinNT://" & strPeople) 
objGroup.Add(objUser.ADsPath) 


If Err.Number <> 0 Then 
   MsgBox "Error: " & Err.Description, Err.Helpfile, Err.HelpContext 
   End If

 

[mrmovie]

' i am a little confused with your use of varaibles and strings, does the below work?

Set objComputer = objNS.OpenDSObject("WinNT://" & strComputer &
",computer", _
strUser, strPassword, ADS_SECURE_AUTHENTICATION Or ADS_USE_ENCRYPTION)

strAccountName = "mynewaccount"
strPassword = "P3ssw0rd123"
Set objUser = objComputer.Create("user", strAccountName) 'line 55
objUser.SetPassword strPassword
objUser.SetInfo

 

[dm4ever]

A workaround for what you are trying to do could be to copy your vbs that creates the user and adds it to the admin group to the computers. You can then use PSEXEC to connect to the PC using the credentials with the necessary rights to execute that vbs.

dm4ever
--------------------------------------------------------------------------------
My approach to things: K.I.S.S - Keep It Simple Stupid

 

[Live2love]

Hey DM4ever,

That's a solid idea and if I can't script it, I think I'll try out psexec.

Thanks!

L,
Me