Creating a new user account & day of week number questions

[Andy]

Hi,

I'm trying to eliminate the last 2 vb scripts from my programs.

Script 1 creates a new windows user account
Script 2 gets the day of week number - the msdn site tells you Sunday = 1, Monday = 2 etc.

I have searched the forum but I cannot find any examples I can work from.

Does anyone have any examples for these two.

Thanks,
Best wishes,
Andy.

[LarryMc]

This should get you over the hump on day of the week.
Posted by celphick in May 2004

Code Select Expand

/************************************************
*    Example of use of Ibasic Pro subroutine    *
*    to calculate Day of Week from ISO Date     *
*           Using Zeller's Congruence           *
*                                               *
*    Returns 0=Sun, 1=Mon, 2=Tue, ... 6=Sat     *
*                                               *
*************************************************/
openconsole
DECLARE zeller(ISOd : string),int
def dow : int
def ISOdate : string
INPUT "Enter ISO Date: yyyymmdd : ", ISOdate
dow = zeller(ISOdate)
PRINT MID$("Sunday   Monday   Tuesday  WednesdayThursday Friday   Saturday ", dow*9+1,9)
do : until inkey$<>""
closeconsole
end
sub zeller(ISOd : string),int
def y, m, d, day : int
y = val(left$(ISOd,4))
m = val(mid$(ISOd,5,2))
d = val(right$(ISOd,2))
if (m < 3)
   y = y - 1
    m = m + 12
ENDIF
day = ((13*M+3)/5+D+Y+Y/4-Y/100+y/400+1)
day = int(day%7)
return day
endsub

LarryMc

[Andy]

Thanks Larry,

That works great for day of week I can use that, any ideas about creating a new windows user account ?

Many many Thanks,
Andy.

[sapero]

This is a user creation part of my proxy spider:

Code Select Expand

$include "windowssdk.inc"
$include "lm.inc"
$include "Userenv.inc"

$define USER_NAME    L"WebProxyUser"
$define PASSWORD     L"WebProxyUser"
$define DESCRIPTION  L"Restricted Proxy-Tester User"
$define USER_FLAGS   UF_SCRIPT | UF_PASSWD_CANT_CHANGE | UF_DONT_EXPIRE_PASSWD | UF_NORMAL_ACCOUNT


sub create_user()
iwstring wszProfilesDir[MAX_PATH]

DWORD cch = MAX_PATH
GetProfilesDirectoryW(wszProfilesDir, &cch)
lstrcatW(wszProfilesDir, L"\WebProxyUser")

USER_INFO_1 ui

ui.usri1_name         = USER_NAME
ui.usri1_password     = PASSWORD
ui.usri1_password_age = 0
ui.usri1_priv         = USER_PRIV_USER ' guest/user/admin
ui.usri1_home_dir     = wszProfilesDir ' can be null
ui.usri1_comment      = DESCRIPTION    ' can be null
ui.usri1_flags        = USER_FLAGS
ui.usri1_script_path  = 0
cch                   = len(ui)

NET_API_STATUS status = NetUserAdd(NULL, 1, &ui, &cch)

select (status)

case ERROR_ACCESS_DENIED:
MessageBoxW(0, L"NetUserAdd: The user does not have access to the requested information")

case NERR_InvalidComputer:
MessageBoxW(0, L"NetUserAdd: The computer name is invalid")

case NERR_NotPrimary:
MessageBoxW(0, L"NetUserAdd: The operation is allowed only on the primary domain controller of the domain")

case NERR_GroupExists:
MessageBoxW(0, L"NetUserAdd: The group already exists")

case NERR_PasswordTooShort:
MessageBoxW(0, L"NetUserAdd: The password is shorter than required")

case NERR_UserExists:
' success

case NERR_Success:
' success, optionally run ie4uinit.exe to initialize sounds
STARTUPINFOW si
PROCESS_INFORMATION pi
ZeroMemory(&si, len(si))
si.cb = len(si)
GetSystemDirectory(wszProfilesDir, MAX_PATH)
if (CreateProcessWithLogonW(USER_NAME, L".", PASSWORD, LOGON_WITH_PROFILE, NULL, L"ie4uinit.exe", 0,0, wszProfilesDir, &si, &pi))
CloseHandle(pi.hProcess)
CloseHandle(pi.hThread)
endif
endselect

endsub

[Andy]

Thanks sapero,

will give it a go

Best wishes,
Andy.

[Andy]

Hi sapero,

I have tried to get the code to work but I have some problems with it.

Sizeof(ui)  undefined error when I compile the code so I replaced sizeof(ui) with a number 260

Also, probably a stupid question but I assume you need to call the Create_User subroutine
e.g. Create_User()  or Create_User(USER_NAME,PASSWORD ...........etc) ?

am I doing this wrong as no new users have been created, have tried all day yesterday - help!
do you have to set the new user account as 'active' ?

Thanks,
Andy.

[sapero]

Sorry, replace sizeof with len.
The new account is created, and you can use it with the CreateProcessWithLogonW api, or right clicking a file / run as.
If you execute NET USER from command prompt, the new user will be listed there.

If you want the user to be listed in welcome screen, add its name to HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\SpecialAccounts\UserList, and set the value (REG_DWORD) to 1.

[Andy]

Thanks, it's working now thats great!

just one last question - how do set the account to an Administrator account at the moment it creates guest accounts only ?

do I change USER_PRIV_USER or UF_NORMAL_ACCOUNT and if so to what ?

Thanks,
Andy.

[sapero]

Add the user to administrator group:

Code Select Expand

sub MakeUserAdmin(wstring pszUserName),BOOL

' SID_IDENTIFIER_AUTHORITY siaNT = SECURITY_NT_AUTHORITY
PSID pSidAdmins = NULL
BOOL bOk

for bOk=0 to 0

' initialize well-known SID of the local administrators group
' if (!AllocateAndInitializeSid(&siaNT, 2, SECURITY_BUILTIN_DOMAIN_RID, DOMAIN_ALIAS_RID_ADMINS, _
if (!AllocateAndInitializeSid(&SECURITY_NT_AUTHORITY, 2, SECURITY_BUILTIN_DOMAIN_RID, DOMAIN_ALIAS_RID_ADMINS, _
0, 0, 0, 0, 0, 0, &pSidAdmins))
breakfor
endif

iwstring szGroupName[UNLEN + 1]
iwstring szDomainName[DNLEN + 1]
ULONG cchGroupName = UNLEN + 1
ULONG cchDomainName = DNLEN + 1
SID_NAME_USE Use

' convert SID to the localized name of the group
if (!LookupAccountSidW(NULL, pSidAdmins, szGroupName, &cchGroupName, szDomainName, &cchDomainName, &Use))
breakfor
endif

' prepare user name
LOCALGROUP_MEMBERS_INFO_3 info
info.lgrmi3_domainandname = pszUserName

' add the user to the administrators group
if (NetLocalGroupAddMembers(NULL, szGroupName, 3, &info, 1))
breakfor
endif

next bOk

if (pSidAdmins) then FreeSid(pSidAdmins)


return bOk
endsub

[Andy]

Thanks sapero,

will try it tomorrow.

Thanks again,
Andy.

[sapero]

Tomorrow will be too late!

[Andy]

Hi sapero,

Sorry I couldn't try this one until today, was very late when I replied and couldn't get onto the forum until just now.

And sorry again for being a pain but I get 2 errors when compiling:

   SID_IDENTIFIER_AUTHORITY siaNT = SECURITY_NT_AUTHORITY
   PSID pSidAdmins = NULL

syntax error "="

also, do I need any include files etc.

Thanks,
Andy.

[sapero]

Andy, use the same includes as in the previous example, you don't need anything more.

[Andy]

Yes, thanks sapero, tried with the include files but I still have problems with the code.
Think it's me not being very bright today, tried to rework the code but now i'm getting another error line 42 'no appropriate conversion exists'.

      if (NetLocalGroupAddMembers(NULL, szGroupName, 3, &info, 1))

reworked code:

$include "windowssdk.inc"
$include "lm.inc"
$include "Userenv.inc"


sub MakeUserAdmin(wstring pszUserName),BOOL

        siaNT = SECURITY_NT_AUTHORITY
   SID_IDENTIFIER_AUTHORITY = siaNT

   PSID pSidAdmins
        pSidAdmins = NULL
   BOOL bOk

   for bOk=0 to 0

      ' initialize well-known SID of the local administrators group
      if (0=AllocateAndInitializeSid(&siaNT, 2, SECURITY_BUILTIN_DOMAIN_RID, DOMAIN_ALIAS_RID_ADMINS, _
         0, 0, 0, 0, 0, 0, &pSidAdmins))
         breakfor
      endif

      iwstring szGroupName[UNLEN + 1]
      iwstring szDomainName[DNLEN + 1]
      ULONG cchGroupName
        cchGroupName = UNLEN + 1

      ULONG cchDomainName
        cchDomainName = DNLEN + 1
      SID_NAME_USE Use

      ' convert SID to the localized name of the group
      if (0=LookupAccountSidW(NULL, pSidAdmins, szGroupName, &cchGroupName, szDomainName, &cchDomainName, &Use))
          breakfor
      endif

      ' prepare user name
      LOCALGROUP_MEMBERS_INFO_3 info
      info.lgrmi3_domainandname = pszUserName

      ' add the user to the administrators group
      if (NetLocalGroupAddMembers(NULL, szGroupName, 3, &info, 1))
          breakfor
      endif

   next bOk

   if (pSidAdmins) then FreeSid(pSidAdmins)


   return bOk
endsub

also, have I done this right:

        siaNT = SECURITY_NT_AUTHORITY
   SID_IDENTIFIER_AUTHORITY = siaNT

   PSID pSidAdmins
        pSidAdmins = NULL

Just lost on this one.

Thanks,
Andy.

[sapero]

Ok, I know what is going on. The siaNT variable was actually a structure, and the first assignment in MakeUserAdmin is not supported in EBasic compiler older than 2.0.
Just remove the line with SID_IDENTIFIER_AUTHORITY siaNT definition, and the other siaNT passed to AllocateAndInitializeSid, replace with SECURITY_NT_AUTHORITY (see my previous post).
This code was found in Google, so I just converted it, tested and posted here, but didn't noticed that it duplicates SECURITY_NT_AUTHORITY structure.

[Andy]

Hi sapero,

I know i'm probably becoming a pain in the you know what but I did what you said, I have cleared all errors except now get 5 errors on the line

      if (NetLocalGroupAddMembers(NULL, szGroupName, 3, &info, 1))

'no appropriate conversion exsists' for all 5 parameters passed to this statement.

Any ideas?

Thanks,
Andy.

[sapero]

Andy, this is a bug in lmaccess.inc file:

Code Select Expand

declare import, NetLocalGroupAddMembers(_LPCWSTR servername, _LPCWSTR groupname, _DWORD level, _pointer buf, _DWORD totalentries),int
If you edit this file and remove the (invalid) pre-underscores, it will compile.

You could also keep it as is, and add the following after the last $include statement in your program:

Code Select Expand

$undeclare NetLocalGroupAddMembers ' undefine it
' and then define again
declare import, NetLocalGroupAddMembers(LPCWSTR servername, LPCWSTR groupname, DWORD level, pointer buf, DWORD totalentries),int

In the new, not yet released compiler, the STRICT option will notify you about such bugs/typos.

Warning: Unknown argument type: "_LPCWSTR", assuming INT

[Andy]

Fantastic !!!!! it works.

Thank you so very much for all your help this was a sticky one for me - again many thanks.

Thanks,
Andy.

[Andy]

Just one last question

How can I change the code from a set user name / password to one where the user can pick a username and password?

Thanks,
Andy.

[sapero]

You need to ask again, I/we need precise questions I have 100 answers for your question, each answer assumes something.
Which names, passwords, and where do you want to list, then what to do with the selected items?

[Andy]

Sorry,

I was wondering instead of creating a fixed username and password, if the user can type in the name / password they want

In other words how could I pass these two parameters to the lines

$define USER_NAME    L"WebProxyUser"
$define PASSWORD     L"WebProxyUser"

so changing L"WebProxyUser" to what ever they have entered.

Thanks,
Andy.

[Andy]

OK, completed!

Below is the code that will

1 - ask for a new account name
2 - ask for a password
3 - create the account (as an administrator)
4 - make the account active
5 - adds the new account to the windows login screen.

Don't forget to do this first:

lmaccess.inc file:

change:
declare import, NetLocalGroupAddMembers(_LPCWSTR servername, _LPCWSTR groupname, _DWORD level, _pointer buf, _DWORD totalentries),int

to:
declare import, NetLocalGroupAddMembers(LPCWSTR servername, LPCWSTR groupname, DWORD level, pointer buf, DWORD totalentries),int

Now here is the program:

Code Select Expand

$INCLUDE "Registry.inc"
$include "windowssdk.inc"
$include "lm.inc"
$include "Userenv.inc"

DEF USER_NAME,PASSWORD,DESCRIPTION:string

OPENCONSOLE
INPUT "Please enter a username " ,USER_NAME
un2= S2W(USER_NAME)

INPUT "Please enter a password " ,PASSWORD
pw2= S2W(PASSWORD)

INPUT "Please enter a description " ,DESCRIPTION
desc2= S2W(DESCRIPTION)

PRINT
PRINT "Please wait a moment ...."

$define un2
$define pw2     
$define desc2
$define USER_FLAGS   UF_SCRIPT | UF_DONT_EXPIRE_PASSWD | UF_NORMAL_ACCOUNT
'$define USER_FLAGS   UF_SCRIPT | UF_PASSWD_CANT_CHANGE | UF_DONT_EXPIRE_PASSWD | UF_NORMAL_ACCOUNT

create_user()
MakeUserAdmin(un2)
MakeActive()
END

sub create_user()
iwstring wszProfilesDir[MAX_PATH]

DWORD cch
    cch = MAX_PATH
GetProfilesDirectoryW(wszProfilesDir, &cch)
lstrcatW(wszProfilesDir, un2)

USER_INFO_1 ui

ui.usri1_name         = un2
ui.usri1_password     = pw2
ui.usri1_password_age = 0
ui.usri1_priv         = USER_PRIV_USER ' guest/user/admin
ui.usri1_home_dir     = wszProfilesDir ' can be null
ui.usri1_comment      = desc2          ' can be null
ui.usri1_flags        = USER_FLAGS
ui.usri1_script_path  = 0
cch                   = LEN(ui)

NET_API_STATUS status

    status = NetUserAdd(NULL, 1, &ui, &cch)

select (status)

case ERROR_ACCESS_DENIED:
MessageBoxW(0, L"NetUserAdd: The user does not have access to the requested information")

case NERR_InvalidComputer:
MessageBoxW(0, L"NetUserAdd: The computer name is invalid")

case NERR_NotPrimary:
MessageBoxW(0, L"NetUserAdd: The operation is allowed only on the primary domain controller of the domain")

case NERR_GroupExists:
MessageBoxW(0, L"NetUserAdd: The group already exists")

case NERR_PasswordTooShort:
MessageBoxW(0, L"NetUserAdd: The password is shorter than required")

case NERR_UserExists:
' success
MessageBoxW(0, L"This user name has already been used.")

case NERR_Success:
MessageBoxW(0, L"The new user account was created successfully.")
' success, optionally run ie4uinit.exe to initialize sounds
STARTUPINFOW si
PROCESS_INFORMATION pi
ZeroMemory(&si, len(si))
si.cb = len(si)
GetSystemDirectory(wszProfilesDir, MAX_PATH)
if (CreateProcessWithLogonW(un2, L".", pw2, LOGON_WITH_PROFILE, NULL, L"ie4uinit.exe", 0,0, wszProfilesDir, &si, &pi))
CloseHandle(pi.hProcess)
CloseHandle(pi.hThread)
endif
endselect

endsub

sub MakeUserAdmin(wstring pszUserName),BOOL

' SID_IDENTIFIER_AUTHORITY siaNT = SECURITY_NT_AUTHORITY
PSID pSidAdmins
    pSidAdmins = NULL
BOOL bOk

for bOk=0 to 0

' initialize well-known SID of the local administrators group
if (0=AllocateAndInitializeSid(&SECURITY_NT_AUTHORITY, 2, SECURITY_BUILTIN_DOMAIN_RID, DOMAIN_ALIAS_RID_ADMINS, _
0, 0, 0, 0, 0, 0, &pSidAdmins))
breakfor
endif

iwstring szGroupName[UNLEN + 1]
iwstring szDomainName[DNLEN + 1]
ULONG cchGroupName
        cchGroupName = UNLEN + 1
ULONG cchDomainName
        cchDomainName = DNLEN + 1
SID_NAME_USE Use

' convert SID to the localized name of the group
if (0=LookupAccountSidW(NULL, pSidAdmins, szGroupName, &cchGroupName, szDomainName, &cchDomainName, &Use))
breakfor
endif

' prepare user name
LOCALGROUP_MEMBERS_INFO_3 info
info.lgrmi3_domainandname = pszUserName

' add the user to the administrators group
if (NetLocalGroupAddMembers(NULL, szGroupName, 3, &info, 1))
breakfor
endif

next bOk

if (pSidAdmins) then FreeSid(pSidAdmins)
return bOk
endsub

SUB MakeActive()

SYSTEM "cmd.exe" , "/c net user Safeuser /active:yes"
sleep(1000)
result = RegSetDWValue("HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\SpecialAccounts\UserList", 1, "Safeuser")

RETURN
ENDSUBTested on XP pro and Win 7

Will post this again in the user offerings section as well.

Special thanks to sapero who did most of this work.
Regards,
Andy.

[Andy]

I forgot that I had edited the Windowssdk.inc file.

Open it and edit the line
$include "winreg.inc"  to ' $include "winreg.inc" (commented out) or just delete it.

As for the warnings - they appear because some variable have not been set an initial value
Just forget about them.

Once you have edited the Windowssdk.inc file it should compile.

sapero has given an alternative:

add the following before $include windowssdk.inc
Code:

$define __winreg_inc__

After you define this condition, winreg.inc will be "excluded" from compilation, because it has an $ifndef at the beginning.

[LarryMc]

We really don't need to be maintaining identical topics in two different places.

LarryMc

[Andy]

Hi Larry,

sorry if I have caused you some work but you have been very good to me in answering my questions, perhaps if you are maintaining this site then you could answer my previous question - until now no replies.

I will be buying IWBasic in the next few weeks, and probably some add ons, currently i'm on a free version of Ebasic.

Does the IW site take payments with Maestro? or do I have to get my friend to use his Visa card?

Also with the recent hack (don't know why anyone would do that) is it still safe to pay online or are there other ways to pay.

AND to you and everone who has helped me over the last few months - Many thanks.

Thanks,
Andy.