Jump to content

Automatic Default Username Creation

PryGuy
 Share

Recommended Posts

PryGuy

PryGuy

Posted
Posted

UPDATED!

The new version verifies if the new user account was successfully created, and only in this case it writes the new DefaultUserName value in Registry and disables the Administrator account. So now if the RegisteredOwner value will contain any of the following characters: /\[]";|<>+=,&* it won't make your Windows unusable after the installation, it will create the default (Administrator) account instead of that.

Hello all!

Well, I haven't seen such a thing on the MSFN Forums so I decided to post my script that allows you to create username automatically based on the registration data (Registered user and Computer name) you provide during setup before the T-12 stage and won't create the Administrator account by default. You also have to put Unattendswitch="Yes" in the WINNT.SIF file, blah,blah,blah... :D

So let me start saying that you also have to add the following line in your CMDLINES.TXT file:

"WSCRIPT.EXE ADDUSER.VBS"

This line will execute the VBS Script and it's important to write it this way, with the executable program and not only a link to the "ADDUSER.VBS" file!

Now create a new file, call it ADDUSER.VBS and put the following text in it and save it into your $OEM$ directory:

on error resume next
set ws = WScript.CreateObject("WScript.Shell")

Owner = ws.RegRead ("HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\RegisteredOwner")
Computer = ws.RegRead ("HKLM\SYSTEM\CurrentControlSet\Control\ComputerName\ComputerName\ComputerName")

if uCase(Owner) <> uCase(Computer) then
ws.Run ("net user "&Chr(34)& Owner &Chr(34)&" /add"),0,1
ws.Run ("net localgroup Administrators "&Chr(34)& Owner &Chr(34)&" /add"),0,1
set CheckUser = GetObject("WinNT://./"&Owner)

if err.number = 0 then
ws.RegWrite "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\DefaultUserName",Owner
ws.Run ("net user Administrator /active:no"),0,1
end if

end if

That's it. The script takes the values from the keys where the Registered Owner and Computer Name information is provided during the setup, verifies if they are not equal, and if they are not - it creates a new user account using the Registered Owner value, puts it to the group Administrators, writes new DefaultUserName Value in Registry and finally disables the Administrator account.

Have Fun! :yes:

Link to comment
Share on other sites

PryGuy

PryGuy

Posted
  • Author
Posted
But if you want to install the software, how to enable the Administrator without other admin accounts?

The account that will be created will have the administrative privilegies:

ws.Run ("net localgroup Administrators "&Chr(34)& Owner &Chr(34)&" /add"),0,1

so you'll be able to install anything under it.

Link to comment
Share on other sites
WotC

WotC

Posted
Posted

Nice idea! one question... how about the password? is there a way to set it with this script? and autologon?

right now i start useraccounts.cmd from cmdlines.txt:

net user "USERNAME" PASSWORD /add
net localgroup Administrators "USERNAME" /add
net accounts /maxpwage:unlimited
regedit /s autologon.reg
exit

the autologon.reg looks like that:

Windows Registry Editor Version 5.00 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon]
"DefaultUserName"="USERNAME"
"DefaultPassword"="PASSWORD"
"AutoAdminLogon"="1"

I think i wont be able to autologon without a password, right?

Link to comment
Share on other sites
PryGuy

PryGuy

Posted
  • Author
Posted
Nice idea! one question... how about the password? is there a way to set it with this script? and autologon?
I was thinking about it actually. As for the password I think it it's better to force windows ask for new password at first logon as we assume that the Unattended Windows can be installed with different usernames and passwords, but I don't know how to do it so far...

I haven't checked this script (please check it out if you feel like and tell me) and honestly have no time to check it at this time, but I believe it should look somehow like this:

on error resume next
set ws = WScript.CreateObject("WScript.Shell")

Owner = ws.RegRead ("HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\RegisteredOwner")
Computer = ws.RegRead ("HKLM\SYSTEM\CurrentControlSet\Control\ComputerName\ComputerName\ComputerName")
Password = "PASSWORD"

if uCase(Owner) <> uCase(Computer) then
ws.Run ("net user "&Chr(34)& Owner &Chr(34)&" "&Chr(34)&Password&Chr(34)&" /add"),0,1
ws.Run ("net localgroup Administrators "&Chr(34)& Owner &Chr(34)&" /add"),0,1
set CheckUser = GetObject("WinNT://./"&Owner)

if err.number = 0 then
ws.RegWrite "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\DefaultUserName",Owner
ws.RegWrite "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\DefaultPassword",Password
ws.RegWrite "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\AutoAdminLogon","1"
ws.Run ("net user Administrator /active:no"),0,1
end if

end if

But, I repeat, I haven't checked this script. Have fun!

Link to comment
Share on other sites
WotC

WotC

Posted
Posted

hey!

it works! cool, thanks. right now i'm searching for a possibility to force users to change password when logging on the first time. Maybe "ForcePasswordChange = Yes" works. i have to try this. furthermore, it would be great to encrypt the password, otherwise it will be stored as plain text in the registry... there SHOULD be a way, like the MS TweakUI does it...

Link to comment
Share on other sites
PryGuy

PryGuy

Posted
  • Author
Posted

Nope, Mate! :)

Think one should do it some other way... We will need the handy utility called CUSRMGR.EXE from the Windows2000 Resource Kit. We'll have to put this file into %OEM%\$$\System32 and add the following line into your INSTALL.CMD file (actually I don't know how you call it, but it is a file that installs your addtitional software on first logon, hope you understand what I mean):

cusrmgr -u "%USERNAME%" +s MustChangePassword

That's it! The system will ask you to change your password on the next (second) logon. :) I think it's better to do it this way because if we force Windows change password on first logon it will pause the installation asking you to type in a new password.

Another question is do you really need the autologon? Because if you change the password there can be a problem with "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\DefaultPassword" setting cause it will have another password and the system won't be able to login automatically (I suppose). But I think I have one idea about it. ;)

And there's another way of solving this problem: Do you remember Windows asks you during the Setup process for Administrator password (on the screen where you type in Computer Name, but I'm sure that most of us skip it). So, the idea is to take this password and to apply it to the user account that will be created. But I have to figure out how to do it and is it possible to do it at all.

As for the encrypted password I really have no idea how to make it so far... :(

Link to comment
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
 Share
Go to topic listing

  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...