Here's what I'm trying to accomplish:
I'd like an end-user to be able to type their updated AD password into a Text file, then run a Batch which adjusts the registry with the user's updated AD Password to configure Auto-Login to Windows. After the Registry is updated, I'd like the contents of the Text file cleared.
The purpose of this is so users can re-configure their Auto-Logon themselves after they change their passwords (which expire every 90-days in my environment).
How can I pull the text out of the Text file and apply it to a Reg key? Alternatively, is there a way that the Batch file can simply prompt for their new password, so I can avoid using the Text file all together?
Thanks in advance,
Cameron
I would use something like the following. It prompts for the password, rather than using the text file. It also uses the current logged in user name. Please note that this stores the users domain password in clear-text in the registry where anyone with access to the machine can read it. This is VERY insecure, though there can be reasons to use it. I would offer my opinion that if you're doing this with domain passwords, this is probably the wrong thing to do.
#Echo off
setlocal
set /p PWD= Enter your password:
reg add "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon" /f /v DefaultUserName /t REG_SZ /d %USERNAME%
reg add "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon" /f /v DefaultPassword /t REG_SZ /d %PWD%
reg add "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon" /f /v AutoAdminLogon /t REG_SZ /d 1
endlocal
Related
How can I change this registry key in my batch file?
HKEY_LOCAL_MACHINE\SOFTWARE\CONFIGURATION
Name Type Data
Default REG_SZ ServerA
That is an example regkey, but the result I am looking for is the same. I would like to change the "ServerA" to "ServerB"
Would this be the correct syntax?
reg add "hkey_local_machine\software\configurations" /t REG_SZ /v Default /d ServerB
And is there also a way to run this with command priveleges?
I have a NSIS script with RequestExecutionLevel admin set and within this I invoke a .bat script which adds a reg key.
When the batch-file is executed through command-prompt the reg key gets added. But when running the installer, it executes the .bat file but fails to add the reg key.
nsExec::ExecToStack '"$pluginsdir${SETUP_PATH}\UpdateNtpConfiguration.bat" $Ip1'
UpdateNtpConfiguration.bat content
set adds=%1
REM Get the list of ntp servers showing up in System Date & Time->Internet Time dropdown
set "num=0"
for /F %%G in ('reg query HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\DateTime\Servers ^| findstr "^[^a-z] ^("') do if %%G GTR !num! set "num=%%G"
set /A num=num + 1
REM Add address at the end
reg add HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\DateTime\Servers /v "%num%" /t REG_SZ /d "%adds%" /f
goto:eof
Just like #Anders said, there are built in functions for that.
https://nsis.sourceforge.io/Docs/Chapter4.html#registry
If an an error happens with this command, it will be a lot easier to debug as it is built-in.
If you're not doing anything else in the batch file, it is better to find out if NSIS has a command already integrated with it....
EDIT:
It also might be that the admin installer is run the bat file without admin privs.
After some debugging found out that NSIS was writing the registry values in 32 bit reg space(HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft). I had to append /reg:64 to make it add to the 64 bit reg space.
Also the reason I had the bat script was to have some logic to look for duplicates before adding the key.
I have recently gotten a script together for querying the reg for a temp folder path and cleaning the folder and it works great(Thanks Compo) but when used remotely with psexec it says, "The system was unable to find the specified registry key or value." Before I use PSEXEC to execute the batch I first have it copied to the C:\ and I use this to do that.
set /p cpu=
robocopy "\\nmcfs01\software\scripts\Jacob's Awesome Outlook Scripts" \\%cpu%\c$\Jacob'sTemp
That part goes well then I execute it with psexec with
psexec \\%cpu% -u administrator -i -d "C:\Jacob'sTemp\compo.bat"
That connects but when it executes the batch file it does not find the reg key. HOWEVER, if I go to the C:\Jacob'sTemp and double click on the compo.bat file it works fine and deletes out the files. Also, if I just use PSEXEC to execute it again outside of this script just separately after it is copied over it still does not work. Here is the script I am using for cleaning it up.
#Echo Off
SetLocal EnableExtensions
(Set OV=14.0)
Choice /C YN /M "Delete Outlook Temp Files?"
If ErrorLevel 2 Exit/B
Set "BK=HKCU\SOFTWARE\Microsoft\Office\"
Set "EK=\Outlook\Security"
Set "VN=OutlookSecureTempFolder"
For /F "Tokens=2*" %%I In ('Reg Query "%BK%%OV%%EK%" /V %VN%') Do Set "VD=%%J"
PushD "%VD%" && (RD/S/Q "%VD%" 2>Nul) && PopD
pause
REM The below commands will empty Jacob'sTemp:
If Exist "%SystemDrive%\Jacob'sTemp" (PushD "%SystemDrive%\Jacob'sTemp" && (
(RD/S/Q "%SystemDrive%\Jacob'sTemp" 2>Nul) && PopD
pause
REM The below commands without the first two characters will remove Jacob'sTemp
If Exist "%SystemDrive%\Jacob'sTemp" (RD/S/Q "%SystemDrive%\Jacob'sTemp"
Pause
Echo(------------------------------------------------------------------------------
Echo( Complete! Goodbye!
Echo(------------------------------------------------------------------------------
Timeout 5 >Nul
It would be a huge help to have this work as intended where we can just type the computer name in and done but I do not know why it does not work when executed remotely and it is copied to the computer. Any help is much appreciated!
HKCU, the target of your reg query, is a per user registry hive. psexec's remote service runs in SYSTEM account and when it issues reg query that wont be directed to the remote machine's currently logged-in user's HKCU. It would be directed to the SYSTEM account's HKCU which maps under HKEY_USERS\S-1-5-18\Software.... Hence the error "The system was unable to find the specified registry key or value."
How can I change the regional and language options in Windows XP and 7 using batch code?
I want to change the "Standards and formats" to Mexican Spanish with a .bat file.
Those settings are in the registry under HKCU\Control Panel\International
You can use reg.exe to make the changes manually. The easiest way to do that is to manually change your region and language to spanish (mexico) open a cmd window and type reg query "HKCU\Control Panel\International" which will show you the values as you want them. Then to modify them, use REG ADD "HKCU\Control Panel\International" /t REG_SZ /v LocaleName /d es-Mx /f for each value replacing what is after /v with the appropriate name and what is after /d with the appropriate value.
The other option is to just export the HKCU\Control Panel\International hive to a .reg file and just import it into the registry using regedit /s ImportFile.reg
You may need to refresh the registry after the import to see the changes. This usually involves a reboot but try adding the following as the last line in your batch file instead. RUNDLL32.EXE USER32.DLL,UpdatePerUserSystemParameters ,1 ,True
I want to generate a batch file that will copy all *.doc and *.xls file types from a user's profile. I will then set the batch file to run automatically via Scheduled Tasks after-hours when all users are logged out. Here is what I have:
for %%x in (doc xls) do xcopy c:\Users\user1\*.%%x "\\server\i$\User Backups\user1\%computername%\" /c /i /y /s /d
This works fine, however, I need to generate a line item in the batch file for each and every user in our organization (user1, user2, etc.) so that I hit all profiles. When new users are hired, the file needs to be updated with their profile info. Ideally, I'd like something a bit more automated that is similar to this:
for %%x in (doc xls) do xcopy %userprofile%\*.%%x "\\server\i$\User Backups\%username%\%computername%" /c /i /y /s /d
The downfall is that by using %userprofile% in place of the 'user1' input, it only runs against the currently logged in user. Is there another option I could incorporate that wouldn't care about the currently logged in user, and instead just run against all user profiles on a machine?
You could use reg query to get the list of user profiles from the registry, but you only care about users who have a folder under C:\Users, so just loop over those:
for /d %%u in (C:\Users\*) do for %%x in (doc xls) do xcopy C:\Users\%%~nu\*.%%x "\\server\i$\User Backups\%%~nu\%computername%\" /c /i /y /s /d