batch file goto next xcopy command if windows "Admin" username has changed - batch-file

I want to be able to run just one instance of xcopy rather than many, from a usb drive to .\admin\desktop on the computer I have plugged it in, however there might be some computers I get on that have the admin username changed to the name of the person. Is there a generic batch namimg convention for the admin user account for windows? If so I'd like to just use that whatever it may be instead of listing everyone's username for every computer and guessing what it might be without looking everytime.
Here is what I have so far, it works well if I know for a fact that the "Admin" user is still labeled "Admin."
#echo off
xcopy "%~dp0M1k_SWPCB\*.*" "C:\Documents and Settings\Admin\Desktop\SWPCB\" /d /s /h /v /c /f /k /y
pause
I tried 'All Users' as well, but in some cases the directory doesn't exist and it will not work. Plus if the computer has multiple users I don't want it on everyones' desktop.
Any help would be much appreciated.
Thanks

All users have a SID identifier and the local admin account always ends with the -500 suffix, so you can get the Admin username by checking the SID's on the Registry:
#Echo OFF
FOR /F "Tokens=*" %%# IN ('Reg Query "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\ProfileList" ^| FIND "-500"') DO (
FOR /F "Tokens=2,*" %%A IN ('Reg Query "%%#" /v "ProfileImagePath" ^| FIND /V "%%#"') DO (
Echo Admin SID: %%~n#
Echo Admin Folder: %%B
)
)
Pause>NUL&Exit
Output:
Admin SID: S-1-5-21-148789306-3749789949-2179752015-500
Admin Folder: C:\Users\Administrador
Another way to do it is with an VBScript, you can use it in your Batch file and write the Admin name to a textfile, then next you will set a variable with the content of the textfile. (I don't wrote this function):
Set objNetwork = CreateObject("Wscript.Network")
objComputerName = objNetwork.ComputerName
Set objwmi = GetObject("winmgmts:{impersonationLevel=impersonate}!//" & objComputerName)
qry = "SELECT * FROM Win32_Account where Domain = '" & cstr(objComputerName) & "'"
For Each Admin In objwmi.ExecQuery(qry)
If (Left(Admin.sid, 6) = "S-1-5-" And Right(Admin.sid,4) = "-500") Then MsgBox Admin.name)
Next
PS: Maybe someone will post other solution saying that listing the group names is another choice... but groupnames is not a generic solution 'cause the native language.

Related

How to extract Windows user profile SIDs from registry into text file?

I have a task coming up where I have to manually enter an HKEY_USER key value and string value for every single Windows profile on all computers. This could take some time. I have leant to automate them all, or at least, some of the processes.
I have the adding key process (from a list of sids.txt) working:
#echo off
pushd %~dp0
for /f "usebackq tokens=*" %%A in ("SIDS.txt") do (
REG ADD "%%A\create\key\here" /f
REG ADD "%%A\create\key\here" /t REG_SZ /d "add string value here" /f
)
pause
To further speed things up I was hoping to get some help getting the SID from each user profile from here:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\ProfileList
For each SID listed e.g.:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\ProfileList\S-1-5-21-2686047782-4092528985-2296408390-1413
Within the keys there is a profile-image-path value which contains the name of the Windows user profile.
What I would like to be able to do is pump the Windows profile name and the sid into a text file formatted like the following, then I can edit fairly quickly, remove non-Windows user profile entries (like default or system accounts) and run my working code above against the listings - edited to have just a list of SIDS like in the working code above.
S-1-5-21-2686047782-4092528985-2296408390-1413 mickey.mouse
S-1-5-21-2686047782-4092528985-2296408390-1411 Donald.duck
Simplest method would beto do it with wmic useraccount query:
wmic useraccount get name,sid | findstr /vi "SID">somefile.txt
type somefile.txt
This would list every account and redirect output to a file called somefile.txt and it will simply type the file to show you the content of the file.
Another way is to see if the userprofile directory exists. which should eliminate system accounts.
#for /f "delims=" %i in ('wmic useraccount get name^,sid ^| findstr /vi "SID"') do #for /F %a in ("%i") do if exist "C:\users\%a" #echo(%i>>somefile.txt

Use List of Windows accounts to add reg keys using SIDS

edit re explanation to improve answers.
Project
As a third party engineer I am attending a site to install a piece of Software. The Infrastructure is "very" locked down. I will be supplied with an admin account for the day to install the software. However, to make the software work properly FOR ALL USERS (not just admin logged in) I have been instructed by IT dept. to manually create a KEY and then add a string value within created key for every user account on the PC. Our software in a standard environment caters for this with an all users reg key but it doesn't run (not allowed - don't ask!) in these specific places.
The location of where they want the the KEY is within the HKEY_USERS path in the reg:-
HKEY_USERS\S-1-5-21-XXXXXXXXX-XXXXXXXXX-XXXXXXXXXX-XXXXX\Software\Microsoft\
so lets say 2 people logged in this PC and they need to use our software later on
john.jones
mary.shelley
I need to find the sid relating to john jones and go and add the key to his section in HKEY_USERS
I then need to find mary.shelley sid and then go and the key to her HKEY_USERS section, etc.
Now I know from the environments I work in there could be 20 + user acounts on there so really would like to avoid manually adding they keys over and over for all the accounts on every PC I'm installing at.
A log on script would be better, but this all I have to deal with at present.
State of Script Now
#echo off
REM Read file with user names
FOR /F "usebackq tokens=*" %%G in ("users.txt") do (
REM use user name to find SID
FOR /F "delims=" %%H IN ('"wmic useraccount where name='%%~G' get sid| findstr /vi "SID""') DO (
REM Strip trailing line with CR
FOR /F "delims= " %%I IN ("%%~H") DO (
REM %%I is now the SID of the USER
REG ADD "HKEY_USERS\%%I\Software\Microsoft\addstuffhere" /f
REG ADD "HKEY_USERS\%%I\Software\Microsoft\addstuffhere" /t REG_SZ /d "addstuffhere"" /f
)
)
)
This is pretty much automating the whole thing as planned; loops through a text file of user names of users who use the PC, grabs the SID, applies sid as variable, then is used to write the key in the right place for that user, and on through the list doing to same for every account listed.
The only part that may need altering is the WMIC section is not finding certain users who have bona fide windows accounts.
when I tested the working code on my laptop it worked fine for my administrator account, but me logged in as joe_blogs (e.g.) came up with "no instance available". Because in isolation the WMIC code just brought up only a few not all, so couldn't do what it needed to do.
I know from previous questions this WMIC code brings up every account:-
WMIC Path Win32_UserProfile Where "Special='False' And Not LocalPath='Null'" Get LocalPath,SID | find /v ""
Perhaps that can be incorporated into current working code to make sure every account is catered for.
I know the users all need to have logged in at each PC for this to work, so with regards to the list of user profiles, I can garner that on the day asking "who of your users needs to use our stuff on the PC's" and make the users.txt
thanks - hope that really explains it :/
edit instructions for what I have been asked to do (altered key names slightly for privacy)
1. Log on to the PC with a standard technician admin account
2. Open regedit.exe
3. Navigate to* HKEY_USERS\S-1-5-21-XXXXXXXXX-XXXXXXXXX-XXXXXXXXXX- XXXXX\Software\Microsoft\Terminal Server Client\Default\Addins\
a. Right-click Addins > New > Key and create foo
b. Right-click foo > New > String Value and create Name
c. Double-click Name and in Value Data enter† C:\foo\file\foo.dll
4. Repeat step 3 for each user: it should be possible to edit the SID in an exported key by right-clicking on the next
HKEY_USERS entry > Rename > Ctrl+C > Esc then replacing the SID in the exported reg key – this has not been tested but may be worth trying
*The user SID is unique so this has to be done per user. If there are a lot of users listed in the registry it is possible to find which SID belongs to which user by checking the key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\ProfileList
After reading your edit, it sounds like there's some room to wiggle here. If we take 2 small liberties, this could be done in a single command line. If one or both liberties can't be taken, let me know.
If WMIC isn't required, and if we can target all SIDs present rather than trying to match names to SIDs, then 'reg.exe' and 'for' can do this quickly. Here's an example with sample output:
(Optional) Enum Profiles:
cmd:
for /f "delims=\ tokens=2" %A in ('reg query hku ^| findstr /i "S-1-5-21-" ^| findstr /v /i "_Classes"') do #echo ;[i] Profile Found: {%A}
output:
;[i] Profile Found: {S-1-5-21-277974881-2357464463-7727422770-1001}
;[i] Profile Found: {S-1-5-21-277974881-2357464463-7727422770-1002}
;[i] Profile Found: {S-1-5-21-277974881-2357464463-7727422770-1007}
Add Key+Value
cmd:
for /f "delims=\ tokens=2" %A in ('reg query hku ^| findstr /i "S-1-5-21-" ^| findstr /v /i "_Classes"') do #(reg add "hku\%A\Software\Microsoft\Terminal Server Client\Default\Addins\FooKey" /v FooName /t REG_SZ /d "C:\foo\file\foo.dll" /f >nul 2>&1 && (echo ;[i] Reg Key Added {%A}) || (echo ;[i] Reg Key Failed To Add {%A}))
output:
;[i] Reg Key Added {S-1-5-21-277974881-2357464463-7727422770-1001}
;[i] Reg Key Added {S-1-5-21-277974881-2357464463-7727422770-1002}
;[i] Reg Key Added {S-1-5-21-277974881-2357464463-7727422770-1007}
(Optional) Verify Success:
cmd:
for /f "delims=\ tokens=2" %A in ('reg query hku ^| findstr /i "S-1-5-21-" ^| findstr /v /i "_Classes"') do #(reg query "hku\%A\Software\Microsoft\Terminal Server Client\Default\Addins\FooKey" /v FooName 2>nul || echo ;[e] Couldn't Find Key {%A})
output:
HKEY_USERS\S-1-5-21-277974881-2357464463-7727422770-1001\Software\Microsoft\Terminal Server Client\Default\Addins\FooKey
FooName REG_SZ C:\foo\file\foo.dll
HKEY_USERS\S-1-5-21-277974881-2357464463-7727422770-1002\Software\Microsoft\Terminal Server Client\Default\Addins\FooKey
FooName REG_SZ C:\foo\file\foo.dll
HKEY_USERS\S-1-5-21-277974881-2357464463-7727422770-1007\Software\Microsoft\Terminal Server Client\Default\Addins\FooKey
FooName REG_SZ C:\foo\file\foo.dll
Not sure if I am understanding your question. My first comment should have made it quite clear. You need to use a FOR /F command to capture the WMIC output. That is the only way you can assign the SID to a variable.
#echo off
REM Read file with user names
FOR /F "usebackq tokens=*" %%G in ("users.txt") do (
REM use user name to find SID
FOR /F "delims=" %%H IN ('"wmic useraccount where name='%%~G' get sid| findstr /vi "SID""') DO (
REM Strip trailing line with CR
FOR /F "delims= " %%I IN ("%%~H") DO (
REM %%I is now the SID of the USER
REG ADD "HKEY_USERS\%%I\Software\Microsoft\addstuffhere" /f
REG ADD "HKEY_USERS\%%I\Software\Microsoft\addstuffhere" /t REG_SZ /d "addstuffhere"" /f
)
)
)

batch script to delete all icons from all users' desktops

Currently looking for a way to delete all icons off of all user desktops. I have experimented until I made the following script that allowed me to delete all from a single user but without hard coding I won't be able to extend this to reach all users on a single PC.
#echo off
cd %%#
del C:\Users\%Userprofile%\Desktop\*.* /s /q
for /r %%# in (.) do rmdir %%# /s
cls
I am now looking to see if it is possible to extend this to multiple users without hard coding paths since I don't happen to know which user might be using the computer at the time.
Since you don't want to hard code path's, we can use the FOR to search for .ico files located in \Desktop for each user. The script bellow will search each users desktop, remove all .ico files, then prompt the user it has finished.
#ECHO OFF
#GOTO :search
:search
FOR /D %%G IN ("C:\Users\*") DO IF EXIST "%%~fG\desktop\*.ico" (
set correctDir=%%G\desktop
goto :foundFile
)
goto :finished
:foundFile
cd "%correctDir%"
del /S *.ico
goto :search
:finished
echo All Icons removed from users desktops!
pause
goto :eof
FOR /D iterates over all directories using the %%G variable. %%~fG expands to the full path to the directory in %%G.
IF EXIST checks if a file exists.
goto :eof exits the script
Extreme care must be taken when writing or working with scripts which are intended to delete files/folders. A single minor mistake can end up in a disaster.
For example this code: cd "MyFolder" & del /q *.* is extremely dangerous it delete all files from current directory with the assumption that previous cd command have changed the current directory to MyFolder, So in case of failure del command will delete all files from current directory which is not MyFolder. But this code is safe: cd "MyFolder" && del /q *.*. The del command will be executed only if the cd command have successfully changed the current directory to MyFolder.
Now back to your original problem of extending your code to wipe out 'Desktops' of all other users of the PC.
The first thing that should be considered is that a normal user typically does not have access to desktop folders of other users because of NTFS file system permissions which avoids non Administrators from accessing other users profile. So the resulting script will have to run with administrative privileges. Even running the script as Administrator does guarantee the success because each user can explicitly deny access to his/her user profile files/folders even to Administrators.
The other thing is while it is mostly the case that the desktop directory of each user is placed in a folder named Desktop located in the %USERPROFILE% directory e.g. C:\Users\John\Desktop but this is not always the case. In fact the desktop directory of each user can defined to be located anywhere and placed in a folder other than Desktop.
This is the case for other special folders other than Desktop.
So the correct approach is to first retrieve a list of user profiles from registry and then for each user profile query the location of user's desktop.
:: WipeDesktops.cmd
:: This script should be runned as Administrator to be able to access and delete the 'Desktop' contents of other users.
#echo off
setlocal EnableExtensions EnableDelayedExpansion
:: To turn TestMode off It is highly recommended that to invoke the script with "/TestMode:Off" switch rather than manually setting TestMode to 0
set "TestMode=1"
set "DeleteCommandConfirm=rd /s"
set "DeleteCommandUnsafe=rd /s /q"
for /F "tokens=1,2 delims=:" %%A in ("%~1") do if /i "%%A"=="/TestMode" (
if /i "%%B"=="Off" (set "TestMode=0") else set "TestMode=1"
)
set "DeleteCommand=%DeleteCommandConfirm%"
if %TestMode% NEQ 0 (
echo Running in Test Mode
set "DeleteCommand=echo %DeleteCommand%"
) else (
set "DeleteCommand=2>nul %DeleteCommand%"
)
set "SID_Prefix=S-1-5-21-"
set "ProfileList=HKLM\Software\Microsoft\Windows NT\CurrentVersion\ProfileList"
set "ShellFoldersBase=Software\Microsoft\Windows\CurrentVersion\Explorer"
set "ShellFolders=%ShellFoldersBase%\Shell Folders"
set "UserShellFolders=%ShellFoldersBase%\User Shell Folders"
for /F "delims=" %%K in ('reg query "%ProfileList%" /k /f "%SID_Prefix%"') do (
set "ProfileKey=%%~K"
set "ProfileKey=!ProfileKey:HKEY_LOCAL_MACHINE\=HKLM\!"
if "!ProfileKey!" NEQ "!ProfileKey:HKLM\=!" (
set "ProfilePath="
for /F "tokens=2*" %%A in ('reg query "!ProfileKey!" /v "ProfileImagePath" 2^>nul') do (
set "ProfilePath=%%~B"
)
if defined ProfilePath if exist "!ProfilePath!\" (
set "Desktop="
set "SID=!ProfileKey:%ProfileList%\=!"
for %%S in ("%UserShellFolders%", "%ShellFolders%") do (
if not defined Desktop (
for /F "tokens=2*" %%A in ('reg query "HKU\!SID!\%%~S" /v "Desktop" 2^>nul') do (
set "Desktop=%%~B"
)
if defined Desktop (
REM %USERPROFILE% value is different for each user so it can not be expanded
for %%A in ("!ProfilePath!") do set "Desktop=!Desktop:%%USERPROFILE%%=%%~A!"
if not exist "!Desktop!\" set "Desktop="
)
)
)
if not defined Desktop set "Desktop=!ProfilePath!\Desktop"
REM Skip network paths
if "!Desktop:~0,2!" NEQ "\\" if exist "!Desktop!\" (
cd /d "!Desktop!" 2>nul && (
echo Removing 'Desktop' contents in !Desktop! ...
REM Since there is an open handle to the 'Desktop' folder, The contents of the folder will be removed but the folder itself remains.
%DeleteCommand% "!Desktop!"
)
)
)
)
)
For safety reasons it has 2 modes of operation:
Test Mode (the default): In this mode it only shows the commands along with the path that it can delete but no actual deletion will be performed
Normal Mode (invoke with /TestMode:Off switch) which will list and actually deletes the detected user desktops.
How it works
It first retrieves a list user profiles from registry key: HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\ProfileList each of them located under a registry key with a name that is equal to the corresponding user SID beginning with S-1-5-21-
for each SID key it queries the value of ProfileImagePath to obtain the location of the user profile directory.
Then it queries the location of user's desktop from two registry locations in the listed order:
HKEY_USERS\<SID>\Software\Microsoft\Windows\CurrentVersion\Explorer\User Shell Folders
HKEY_USERS\<SID>\Software\Microsoft\Windows\CurrentVersion\Explorer\Shell Folders
and uses the value of ProfileImagePath to resolve the value of %USERPROFILE% variable for that user which is typically present in the special locations under the User Shell Folders key
Finally if the location of user's desktop can not be determined through registry then the default path of %USEPROFILE%\Desktop is assumed.
What is missing?
Shared user desktop is not covered, which is commonly located at %ALLUSERSPROFILE%\Desktop or %PUBLIC%\Desktop depending on windows version.
But the definite location can be obtained from these registry keys:
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\User Shell Folders
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Shell Folders
So I'll leave it to you to do the rest and complete the missing part.

A bit more challenging - Batch script to add domain user to local administrator group Windows 7

I would like to write a script that will add a domain user to the local administrator group.
I already tried
NET LOCALGROUP Administrators "domain\domainuser" /ADD
but I get the Access Denied error.
The problem is that if I want to run it as domain user, it does not have local admin rights, and if as local admin, it does not have access to the domain names. (I don't want to use domain admin)
If I manually right click the computer icon, than manage, I type in the computer name/local admin user/pass, than in Local Users and Groups -> Groups folder I want to add user to Administrators, I am prompted to log in again. If I log in than with a domain user, it works.
My question is, if it is possible to do the same (or something similar) with batch script?
Maybe, from vbs
GetObject("WinNT://" + WScript.CreateObject("WScript.Network").ComputerName + "/Administrators").Add "WinNT://DomainName/UserName"
I have solved it with another way, using 2 batch files
So I give you my code:
This one creates a folder in c: , than it creates a text file, it copies the name of the current user in it, than the other batch file in the same folder, and finaly runs it as local admin. If you write the password correctly(password will not appear as " * " when you write it):
mkdir c:\tempfiles$
break>c:\tempfiles$\temp.txt
echo %username% >> "c:\tempfiles$\temp.txt"
copy "%~dp0\admin.bat" "c:\tempfiles$"
runas /noprofile /env /user:%computername%\<LOCAL ADMIN USER> "C:\tempfiles$\admin.bat"
pause
rmdir /s /q "c:\tempfiles$"
The admin.bat, takes the user name writen in the text file (if this wasn't, it would take the %username% as the local admin username to add it, because we run it as the local admin)
The copy for the batch file is only necessary so you can run it from anywhere. For example if you would have it on a server's mapped drive it would not work.
set /p u=<c:\tempfiles$\temp.txt
net localgroup Administrators /add <DOMAIN NAME>\%u%
I have tried it on multiple computer, on most of it, it runs. On some of the computers it does not, probably because of the local policy of my company. I did not figgured that out yet.
For any questions or suggestions, feel confident to write your opinion.
The purpose of this batch file is to get the domain group members and add them to a local group. You must right click this file and select Run as Administrator.
#echo off
setlocal EnableDelayedExpansion
set /p v1=[Enter Domain Group Name]
set /p v2=[Enter domain name: xxx.com ]
set /p v3=[Enter Localgroup "Name"]
For /F "skip=8 tokens=1 delims= " %%G IN ('net group %v1% /domain' ) ^
DO if %%G neq The net localgroup %v3% %v2%\%%G /add
timeout /t 1
For /F "skip=8 tokens=2 delims= " %%G IN ('net group %v1% /domain' ) ^
DO if %%G neq command net localgroup %v3% %v2%\%%G /add
timeout /t 1
For /F "skip=8 tokens=3 delims= " %%G IN ('net group %v1% /domain' ) ^
DO if %%G neq completed net localgroup %v3% %v2%\%%G /add
timeout /t 1

Change password for all users accounts in command prompt

Alright, I need something of a batch scripting guru to help me out of the corner that I've backed myself into.
I have a program that runs as system and I want to change the password for all the accounts that appear in the output for net user. I'm not really sure how I could do this with just command line or AHK-based scripting.
When I perform a net user command the output is like this for me:
C:\Users\Resident>net user
User accounts for \\9100BASELINE
-------------------------------------------------------------------------------
Administrator Guest Resident
The command completed successfully.
I need some way to change the password on all the accounts here (be it 3 or 50) to something of my choosing.
Can anyone help me out with this? I tried slapping together a for loop where each item is a token before I realized that I don't know how to regex the usernames out of there.
You can actually do this purely with batch.
The simplest method would be to list all the folders with:
cd C:\Users
dir /b /o:n /ad > users.txt
After that, you'd use a for loop that sets a password to each user in the Users directory, and makes sure that the script doesn't try to set a password for the Public folder, as it is not a user.
It'd look like this:
for /f %%i in ('type C:\Users\users.txt') do(
if not %%i==Public (
net user %%i [Insert Password Here]
)
)
Technically, you don't actually have to check for extra non user folders, as cmd won't actually cause any problems if it attempts to set a password for a non user folder.
I'd recommend employing the help of a little VBScript:
Set accounts = GetObject("WinNT://.")
accounts.Filter = Array("user")
For Each user In accounts
WScript.Echo user.Name
Next
Save it as listusers.vbs and run it like this:
#echo off
setlocal
set /p "newpw=Enter new password: "
for /f "delims=" %%u in ('cscript //NoLogo C:\path\to\listusers.vbs') do (
net user "%%u" "%newpw%"
)
Edit: If you want to omit specific accounts from being processed you can either add an exclude list to the VBScript:
Set exclude = CreateObject("Scripting.Dictionary")
exclude.CompareMode = vbTextCompare
exclude.Add "HomeGroupUser$", True
exclude.Add "otheruser", True
...
Set accounts = GetObject("WinNT://.")
accounts.Filter = Array("user")
For Each user In accounts
If Not exclude.Exists(user.Name) Then WScript.Echo user.Name
Next
or filter the output of listusers.vbs with findstr:
for /f "delims=" %%u in (
'cscript //NoLogo C:\path\to\listusers.vbs ^| findstr /v /i ^
/c:HomeGroupUser$ /c:otheruser ...'
) do (
net user "%%u" "%newpw%"
)

Resources