mgroen Posted March 10, 2008 Share Posted March 10, 2008 (edited) Is there a way to check if the current user that is loged in windows has a password or no password. I am making a script for automatic installation of the logmein software. When you install the software it checks if the current user has a Null password. If the user has a null password the installation ask for an Access code. With this code you can start the remote session. I a useraccount has a password it don't ask for a Access code but ask for the login and password for windows when you start the remote session. The problem is that when i help family with remote support they must always give me there username and password. I solved that problem by making an extra user account. Then i can use that account for the remote session. My problem is that my script needs to check if a user has a password. I the user has a password only then i want to create the extra useraccount. I the user has a blank password i must skip the part of creating a new account. So i only have to know how to check if a useraccount has a blank password. The Script expandcollapse popup;------------------------------------------------------------------------------------------------------------------------------------------ ;Choose a Access Code for connecting to a computer $Accesscode = "Choose a default access code" ;Login for www.logmein.com $email = "your email adress of logmein" $password = "your password of logmein" ;Messagebox text to check Adminrights $Error = "Stop" $Message = "U Windows account heeft geen administrator rechten. Meld u in Windows aan met een account wat administratorrechten heeft om de software te kunnen installeren." ;Change password for LogMeIn Useraccount $Password1 = 'password for the useraccount' ;------------------------------------------------------------------------------------------------------------------------------------------ ;Do not change anything below #NoTrayIcon Opt("WinTitleMatchMode", 2) If Not FileInstall("logmein.msi", @TempDir & "\logmein.msi", 1) Then Exit 1 EndIf If Not IsAdmin() Then MsgBox(16, $Error, $Message) Exit 1 Endif $pid = Run(@ComSpec & " /c msiexec /i logmein.msi", @TempDir, @SW_HIDE) ;Dialog Begin Screen WinWait("LogMeIn", "Logo") ControlClick("LogMeIn", "Logo", 1001) ;Dialog License Agreement WinWait("LogMeIn License Agreement") ControlClick("LogMeIn License Agreement", "", 1001) ;Dialog Software options WinWait("LogMeIn", "Software options") ControlClick("LogMeIn", "Software options", 392) ControlClick("LogMeIn", "Software options", 1001) ;Dialog Computer Description WinWait("LogMeIn", "Computer Description") ControlClick("LogMeIn", "Computer Description", 1001) ;Dialog Computer Access Code ; Check if Windows current user has null password (it knows) ; send Access Code to Dialog If WinExists("LogMeIn", "Computer Access Code") Then WinWait("LogMeIn", "Computer Access Code") WinActivate("LogMeIn", "Computer Access Code") WinWaitActive("LogMeIn", "Computer Access Code") ControlFocus("LogMeIn", "", 1119) Sleep(1000) ControlSend("LogMeIn", "Computer Access Code", 1119, $Accesscode) ControlFocus("LogMeIn", "", 1125) Sleep(1000) ControlSend("LogMeIn", "Computer Access Code", 1125, $Accesscode) ControlClick("LogMeIn", "Computer Access Code", 1001) EndIf ;Dialog LogMeIn Account Details WinWait("LogMeIn", "LogMeIn Account Details") WinActivate("LogMeIn", "LogMeIn Account Details") WinWaitActive("LogMeIn", "LogMeIn Account Details") ControlFocus("LogMeIn", "", 1174) Sleep(1000) ControlSend("LogMeIn", "LogMeIn Account Details", 1174, $email) ControlFocus("LogMeIn", "", 1119) Sleep(1000) ControlSend("LogMeIn", "LogMeIn Account Details", 1119, $password) ControlClick("LogMeIn", "LogMeIn Account Details", 590) ControlClick("LogMeIn", "LogMeIn Account Details", 1001) ;Dialog Choose Destination Location WinWait("LogMeIn", "Choose Destination Location") ControlClick("LogMeIn", "Choose Destination Location", 1001) ;Dialog Setup Completed WinWait("LogMeIn", "Setup Completed") WinActivate("LogMeIn", "Setup Completed") WinWaitActive("LogMeIn", "Setup Completed") ControlClick("LogMeIn", "Setup Completed", 1018) ProcessWaitClose($pid) ;------- This part only needs to run if the useracocunt have a password ------------ ;Create LogMeIn UserAccount in windows RunWait(@ComSpec & ' /c ' & _ 'Net User ' & 'LogMeInRemoteUser' & ' ' & $Password1 & ' /add &&' & _ 'Net LocalGroup ' & 'Administrators' & ' ' & 'LogMeInRemoteUser' & ' /add &' & _ 'Net LocalGroup ' & 'Users' & ' ' & 'LogMeInRemoteUser' & ' /delete &' & _ 'Net LocalGroup ' & 'Gebruikers' & ' ' & 'LogMeInRemoteUser' & ' /delete &' & _ 'Net Accounts /MaxPwAge:UnLimited', '', @SW_HIDE) ;Hide LogMeIn UserAccount from Loginscreen RegWrite ("HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\SpecialAccounts\UserList" ,"LogMeInRemoteUser", "REG_DWORD", 00000000) ;--------end------------------------------------------------------------------------- FileDelete(@TempDir & '\logmein.msi') Exit Edited March 10, 2008 by mgroen Link to comment Share on other sites More sharing options...
oneLess Posted March 11, 2008 Share Posted March 11, 2008 you cant . at least after my researches , 2..3 months ago . but can you be more specific , which is the part who bother you ? [ ... ] Link to comment Share on other sites More sharing options...
LarryDalooza Posted March 11, 2008 Share Posted March 11, 2008 To check credentials use RunAs() to run a CMD at @SW_HIDE ... if it fails with blank password credentials then there must be a password... $err = RunAs(@UserName,@LogonDomain,"",2,"cmd /c","",@SW_HIDE) MsgBox(4096,"",$err & @LF & @error) Michiel 1 AutoIt has helped make me wealthy Link to comment Share on other sites More sharing options...
spudw2k Posted March 11, 2008 Share Posted March 11, 2008 I agree. Attempt to run something with a blank pwd. If it fails then not a blank pwd. The M$ Scripting Guy http://www.microsoft.com/technet/scriptcen...05/hey1006.mspx suggests attempting to change the pwd form blank to blank. I like Larry's choice better. Spoiler Things I've Made: Always On Top Tool ◊ AU History ◊ Deck of Cards ◊ HideIt ◊ ICU ◊ Icon Freezer ◊ Ipod Ejector ◊ Junos Configuration Explorer ◊ Link Downloader ◊ MD5 Folder Enumerator ◊ PassGen ◊ Ping Tool ◊ Quick NIC ◊ Read OCR ◊ RemoteIT ◊ SchTasksGui ◊ SpyCam ◊ System Scan Report Tool ◊ System UpTime ◊ Transparency Machine ◊ VMWare ESX Builder Misc Code Snippets: ADODB Example ◊ CheckHover ◊ Detect SafeMode ◊ DynEnumArray ◊ GetNetStatData ◊ HashArray ◊ IsBetweenDates ◊ Local Admins ◊ Make Choice ◊ Recursive File List ◊ Remove Sizebox Style ◊ Retrieve PNPDeviceID ◊ Retrieve SysListView32 Contents ◊ Set IE Homepage ◊ Tickle Expired Password ◊ Transpose Array Projects: Drive Space Usage GUI ◊ LEDkIT ◊ Plasma_kIt ◊ Scan Engine Builder ◊ SpeeDBurner ◊ SubnetCalc Cool Stuff: AutoItObject UDF ◊ Extract Icon From Proc ◊ GuiCtrlFontRotate ◊ Hex Edit Funcs ◊ Run binary ◊ Service_UDF  Link to comment Share on other sites More sharing options...
mgroen Posted March 12, 2008 Author Share Posted March 12, 2008 (edited) removed. Reply was taking a long time and at the end my reply was double. Edited March 12, 2008 by mgroen Link to comment Share on other sites More sharing options...
mgroen Posted March 12, 2008 Author Share Posted March 12, 2008 you cant . at least after my researches , 2..3 months ago . but can you be more specific , which is the part who bother you ? [ ... ] @oneLess It is the last part of the script. I used ;------- This part only needs to run if the useracocunt have a password ------------ to define the part. @LarryDalooza and @spudw2k Thankt for this i wil try this and let you know Link to comment Share on other sites More sharing options...
mgroen Posted March 12, 2008 Author Share Posted March 12, 2008 The code in not working. RunAs was noy recognized as a command. After i installed the Beta of AutoIt the code RunAs was recognized as a command but i still get the following error.$err = RunAs(@UserName, @LogonDomain, "", 2, "cmd /c", "", @SW_HIDE) MsgBox(4096,"",$err & @LF & @error)C:\logmein\logmein2.au3(95,68) : ERROR: RunAs(): undefined function.$err = RunAs(@UserName, @LogonDomain, "", 2, "cmd /c", "", @SW_HIDE)Hope you have some advice for this. Link to comment Share on other sites More sharing options...
Moderators big_daddy Posted March 12, 2008 Moderators Share Posted March 12, 2008 The M$ Scripting Guy http://www.microsoft.com/technet/scriptcen...05/hey1006.mspx suggests attempting to change the pwd form blank to blank.This would be the safer solution as a failed login attempt may lock out the users account. Link to comment Share on other sites More sharing options...
spudw2k Posted March 12, 2008 Share Posted March 12, 2008 (edited) This would be the safer solution as a failed login attempt may lock out the users account.Interesting observation Big_Daddy. I wasn't aware that a bad password change didn't have the same effect as a bad login. Edited March 12, 2008 by spudw2k Spoiler Things I've Made: Always On Top Tool ◊ AU History ◊ Deck of Cards ◊ HideIt ◊ ICU ◊ Icon Freezer ◊ Ipod Ejector ◊ Junos Configuration Explorer ◊ Link Downloader ◊ MD5 Folder Enumerator ◊ PassGen ◊ Ping Tool ◊ Quick NIC ◊ Read OCR ◊ RemoteIT ◊ SchTasksGui ◊ SpyCam ◊ System Scan Report Tool ◊ System UpTime ◊ Transparency Machine ◊ VMWare ESX Builder Misc Code Snippets: ADODB Example ◊ CheckHover ◊ Detect SafeMode ◊ DynEnumArray ◊ GetNetStatData ◊ HashArray ◊ IsBetweenDates ◊ Local Admins ◊ Make Choice ◊ Recursive File List ◊ Remove Sizebox Style ◊ Retrieve PNPDeviceID ◊ Retrieve SysListView32 Contents ◊ Set IE Homepage ◊ Tickle Expired Password ◊ Transpose Array Projects: Drive Space Usage GUI ◊ LEDkIT ◊ Plasma_kIt ◊ Scan Engine Builder ◊ SpeeDBurner ◊ SubnetCalc Cool Stuff: AutoItObject UDF ◊ Extract Icon From Proc ◊ GuiCtrlFontRotate ◊ Hex Edit Funcs ◊ Run binary ◊ Service_UDF  Link to comment Share on other sites More sharing options...
mgroen Posted March 12, 2008 Author Share Posted March 12, 2008 I agree. Attempt to run something with a blank pwd. If it fails then not a blank pwd. The M$ Scripting Guy http://www.microsoft.com/technet/scriptcen...05/hey1006.mspx suggests attempting to change the pwd form blank to blank. I like Larry's choice better.That part is to difficult for me. I have no programming experience and i am learing bit by bit. Link to comment Share on other sites More sharing options...
weaponx Posted March 12, 2008 Share Posted March 12, 2008 Should look close to this, although this has an error. C:\Documents and Settings\-----\Desktop\New AutoIt v3 Script.au3 (15) : ==> The requested action with this object has failed.: $objUser.ChangePassword($strPassword, $strPassword) ;On Error Resume Next Opt("RunErrorsFatal", 0) Dim $objNetwork = ObjCreate("Wscript.Network") $strComputer = $objNetwork.ComputerName $strPassword = "" Dim $colAccounts = ObjGet("WinNT://" & $strComputer) Dim $Array[1] = ["user"] $colAccounts.Filter = $Array ;$colAccounts.Filter = Array("user") For $objUser In $colAccounts $objUser.ChangePassword($strPassword, $strPassword) If @Error Then ConsoleWrite($objUser.Name & " is using a blank password.") EndIf Next Link to comment Share on other sites More sharing options...
oneLess Posted March 12, 2008 Share Posted March 12, 2008 (edited) 1 - mgroen ok , i see your point now this is the part you are interested from my script [ i have a while loop , and i wait for showing Computer Access Code part or not is enough this ?; --------------- GUICtrlSetData ($tz, 25) $text__04 = "Enter a brief description to help identify this computer" ActWin ( $title_01 , $text__04 ) ControlClick ( $title_01 , $text__04 , "Button2") ; --------------- GUICtrlSetData ($tz, 30) $text__05 = "Verify Computer Access Code" $text__06 = "Enter your LogMeIn account information" $_need_password = True While $_need_password Sleep ( 10 ) If WinExists ( $title_01 , $text__05 ) Then ActWin ( $title_01 , $text__05 ) Send ( $_access__code & "{TAB}" & $_access__code ) Sleep ( 100 ) ControlClick ( $title_01 , $text__05 , "Button2" ) $_need_password = False EndIf If WinExists ( $title_01 , $text__06 ) Then $_need_password = False EndIf WEnd ; --------------- GUICtrlSetData ($tz, 40) ActWin ( $title_01 , $text__06 ) ControlClick ( $title_01 , $text__06 , "RichEdit20W1" ) Sleep ( 50 ) Send ( $_account_name & "{TAB}" & $_account_pass ) Sleep ( 120 ) ControlClick ( $title_01 , $text__06 , "Button5" ) Sleep ( 120 ) ControlClick ( $title_01 , $text__06 , "Button1" ) ; --------------- you can insert your script with create a new account in the while loop. [of course , i can put here the all script] 2 - can anyone conform that M$ Scripting script is working ? maybe publish here a translate into autoit ? 3 - LarryDalooza To check credentials use RunAs() to run a CMD at @SW_HIDE ... if it fails with blank password credentials then there must be a password... i wonder , if exist a password , if you run RunAs() with OTHER password , blank or not , it fails OR not ? 4 - I HAVE A NEWS HERE [ i will apply on my script soon ] tested TWICE , first on mistake , second TODAY for verifying first observations Check if Windows current user has null password (it knows)i think they DO NOT KNOW , or DO NOT KNOW 100% , [or may know 100% and want protect you anyway !?] because, if you run logmein setup , unattended or not on a computer with an account who HAVE a password different than BLANK BUT , this account is set for autolog ON RegWrite ( "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon" , "AutoAdminLogon" , "REG_SZ" , "0" ) logmein setup will ask you for Computer Access Code instead of username + password . tested twice like i said , RESTARTED after AutoAdminLogon = on , i will test soon without restart . SO , technicaly , if my remote client run there my script if have a password or not , i will set AutoAdminLogon = on [i dont know now if is ok without restart] my script will run logmein_setup and sometime , after my script is finishing the setup , or in time when i will be logged in remote computer i will put again AutoAdminLogon = off CAN ANYONE CONFIRM this ? with or w/o restart [after set AutoAdminLogon]? Edited March 12, 2008 by oneLess Link to comment Share on other sites More sharing options...
mgroen Posted March 13, 2008 Author Share Posted March 13, 2008 Thanks for all the reply's. I go away for a few days of holiday and will test it next week. Link to comment Share on other sites More sharing options...
MHz Posted March 13, 2008 Share Posted March 13, 2008 Look at a past conversion of the COM use of checking for blank passwordshttp://www.autoitscript.com/forum/index.ph...st&p=225838 Link to comment Share on other sites More sharing options...
rover Posted March 14, 2008 Share Posted March 14, 2008 get blank password accounts and accounts violating changed password group policyas per http://www.microsoft.com/technet/scriptcen...05/hey1006.mspx(minimum password length, password complexity and password history)expandcollapse popupOpt("MustDeclareVars", 1) Global $array[1] = ["User"] Global $oMyError = ObjEvent("AutoIt.Error", "ComErrorHandler") Global $objNetwork = ObjCreate("Wscript.Network") Global $strComputer = $objNetwork.ComputerName Global $strPassword = "", $colAccounts ConsoleWrite(@CRLF & '> $strComputer = ' & $strComputer & @CRLF & @CRLF) $colAccounts = ObjGet("WinNT://" & $strComputer & "") $colAccounts.Filter = $array For $objUser In $colAccounts SetError(0) $objUser.ChangePassword($strPassword, $strPassword) ;@error set to 1 if password change fails or blank password violates changed group policy ** ;remains set to 0 if blank password set successful for $objUser ;use COM error handler for blank password policy violation If Not @error Then ConsoleWrite("! " & $array[0] & ": " & $objUser.Name & _ @CRLF & "! Is using a blank password." & @CRLF & @CRLF) EndIf Next Func ComErrorHandler() Dim $oMyError Local $Flag = 1 Local $sHexNumber = Hex($oMyError.number,8) Local $sDesc = StringStripWS($oMyError.windescription, 2) Switch $sDesc Case "Access is denied." ContinueCase Case "The specified network password is not correct." ConsoleWrite("+> " & $array[0] & ": " & $objUser.Name & _ @CRLF & "+> " & $oMyError.windescription & @CRLF) $Flag = 0 EndSwitch If StringInStr($sDesc,"The password does not meet the password policy requirements.") Then $sDesc = StringReplace($sDesc, ".", "." & @CRLF & "-> ", 1) ConsoleWrite("-> " & $array[0] & ": " & $objUser.Name & @CRLF & _ "-> Is using a blank or group policy violating password." & @CRLF & "-> " & $sDesc & @CRLF & @CRLF) $Flag = 0 EndIf If $flag Then ;COM errors other than password change Msgbox(0,"AutoItCOM Test","We intercepted a COM Error !" & @CRLF & @CRLF & _ "err.description is: " & @TAB & $oMyError.description & @CRLF & _ "err.windescription:" & @TAB & $oMyError.windescription & @CRLF & _ "err.number is: " & @TAB & $sHexNumber & @CRLF & _ "err.scriptline is: " & @TAB & $oMyError.scriptline & @CRLF) EndIf $oMyError.clear SetError(1) Endfunc I see fascists... Link to comment Share on other sites More sharing options...
Recommended Posts
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
Register a new accountSign in
Already have an account? Sign in here.
Sign In Now