Stepping through all users
Jens Lenge
I need my VBScript to perform certain actions for each user that exists on a
given Windows system individually: Create/delete some registry keys into the
respective user's registry branch, and write some files to his/her profile
path (if it already exists, that is if the respective user has ever been
logged in).
What is the best way to identify which users exist on the system, step
through all of them and identify
a) their respective user name,
b) registry branch, (HKEY_USERS\S-x-x-xx-xxxxxxx)?
c) and profile path (if it already exists)?
I would also like to identify the "default" user, the "all users" branch,
and the original "Administrator" account. The script is intended to run on
Windows NT4, 2000, XP, and 2003. I applicable, it should also run on Windows
ME (although I am not sure if ME supports different user profiles at all).
Any hints are welcome.
Jens
Torgeir Bakken (MVP)
> I need my VBScript to perform certain actions for each user that exists on a
> given Windows system individually: Create/delete some registry keys into the
> respective user's registry branch, and write some files to his/her profile
> path (if it already exists, that is if the respective user has ever been
> logged in).
>
> What is the best way to identify which users exist on the system, step
> through all of them and identify
> a) their respective user name,
> b) registry branch, (HKEY_USERS\S-x-x-xx-xxxxxxx)?
> c) and profile path (if it already exists)?
Especially the NT4 prerequisite makes it a bit difficult, because WMI and ADSI
is out (unless WMI Core/DSClient is installed).
To start with, if a user doesn't have a profile path, he/she will not have a
HKCU registry hive either.
To be able to edit an other user's registry hive (HKEY_CURRENT_USER for that
user), you can use reg.exe to load the hive, create/delete some registry keys
and then unload the hive again.
For WinXP and Win2k3, reg.exe comes installed with the OS.
Reg.exe for Win2k is in the Support Tools found on the Win2k CD,
\Support\Tools\Suptools.msi, or for the latest version of
Support Tools (should work on non-SP4 computers as well):
http://www.microsoft.com/windows2000/downloads/servicepacks/sp4/supporttools.asp
I think the Win2k version of reg.exe works fine for NT4 as well.
To get a list of users and their individual path to each users profile path (and
that will give the path to the user's registry hive also), you can enumerate the
keys under HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\ProfileList.
To do this without WMI, you can e.g. use reg.exe to export that key and it's
subkeys and values to a text file and then open and read the file using the
FileSystemObject, and then parse the content (somewhat messy, but not impossible
;-). If you want to make it a bit easier for yourself, you could instead
register the free RegObj.dll on the computer and use the RegObj.Registry object
to enumerate the registry branch.
More about RegObj.dll here:
http://groups.google.com/groups?selm=3FE390F9...@hydro.com
Alternatively, do it the easy way. Enumerate all the folders under the
"Documents and Settings" folder (%windir%\Profiles on NT4) using the
FileSystemObject, and if you find a NTUSER.DAT there and the path is different
from the current %USERPROFILE% (a.k.a. yourself) (test for All Users/Default
User if necessary as well). Then, for each folder found that meets the criteria,
use reg.exe to load that file (hive) and do the registry edits, and copy the
files you wanted. Voila, finished.
> I would also like to identify the "default" user, the "all users" branch,
For Win2k and up, see the values
AllUsersProfile
DefaultUserProfile
ProfilesDirectory
under HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\ProfileList
> and the original "Administrator" account.
That is the account that has -500 as the last characters of it's user SID. Could
e.g. be parsed out from the list under the ProfileList.
> The script is intended to run on
> Windows NT4, 2000, XP, and 2003.
Run this WMI script in a command prompt using cscript.exe, it will list all
users defined on the computer, and it's user profile path if one exists, as well
as identifying the administrator account:
' Retrieve local computer name.
Set oWshNet = CreateObject("Wscript.Network")
sComputer = oWshNet.ComputerName
' If you want to run it against a remote computer, use this instead
'sComputer = "some name or IP"
Const HKLM = &H80000002
sProfileRegBase = "SOFTWARE\Microsoft\Windows NT\CurrentVersion\ProfileList"
Set oReg = GetObject("WinMgmts:{impersonationLevel=impersonate}!//" _
& sComputer & "/root/default:StdRegProv")
Set oWMI = GetObject("WinMgmts:{impersonationLevel=impersonate}!//" _
& sComputer & "/root/cimv2")
Set colItems = oWMI.ExecQuery _
("Select Name,SID from Win32_UserAccount WHERE Domain = '" _
& sComputer & "'",,48)
For Each oItem In colItems
sAddInfo = ""
If Right(oItem.SID, 4) = "-500" Then
sAddInfo = " ****** This is the administrator user ******"
End If
Wscript.Echo "User name: " & oItem.Name & sAddInfo
oReg.GetExpandedStringValue HKLM, sProfileRegBase& "\" & oItem.SID, _
"ProfileImagePath", sProfilePath
If IsNull(sProfilePath) Then
sProfilePath = "(none defined)"
End If
Wscript.Echo "Profile path: " & sProfilePath
Wscript.Echo ' blank line
Next
> I applicable, it should also run on Windows
> ME (although I am not sure if ME supports different user profiles at all).
Default, ME will only use one profile, but it can be configured to use different
profiles for different users.
--
torgeir
Microsoft MVP Scripting and WMI, Porsgrunn Norway
Administration scripting examples and an ONLINE version of the 1328 page
Scripting Guide: http://www.microsoft.com/technet/scriptcenter
Jens Lenge
I might need some time to check this out, but I'll try... ;o)
Cheers, Jens