myITforum and Windows IT Pro Forums

 UDI Wizard does not Add long group name to Local Administrators group. Resolved!

Author Message
cricard

  • Total Posts : 11
  • Scores: 2
  • Reward points : 32350
  • Joined: 1/13/2005
  • Status: offline
UDI Wizard does not Add long group name to Local Administrators group. Resolved! Tuesday, March 06, 2012 10:40 AM (permalink)
5
We embed an administrative group into the local administrator's group on all workstations.  One of the groups was over 20 characters and was not added to the local administrator's group, due to a limitation of the net.exe utility () that is leveraged by the OSDLocalAdmins.vbs script that comes with MDT.
 
I re-wrote the Add Administrator section of the script to leverage the WinNT:// provider instead of net.exe and it has resolved this issue.  A full copy of the code is listed below.  I commented out all of the original code.
 
 
 
  ' //////////////////////////////////
  ' // OSD Local Admins
  ' //////////////////////////////////////////////////////////////////////////////////////////////////////
  ' 1. Script will parse the TS variable "OSDAddAdmin" for a semicolon separated list of accounts.
  ' 2. Script will find the local administrator group name.
  ' 3. Script will add each account to the local administrator group
  ' //////////////////////////////////////////////////////////////////////////////////////////////////////
 
  Dim AdminArray
  Dim AdminGroup
  Dim TSVarAdmins
 
  wscript.echo
  wscript.echo "-------------------------------------"
  wscript.echo " Initializing TS Environment"
  wscript.echo "-------------------------------------"
  wscript.echo
  SET TSEnv = CreateObject("Microsoft.SMS.TSEnvironment")
  'TSVarAdmins = TSEnv("OSDAddAdmin")
  'Added these steps to convert the OSDAddAdmin variable from domain\group format to domain/group format
  TSVarAdminsTemp            = TSEnv("OSDAddAdmin")
  TSVarAdmins = Replace(TSVarAdminsTemp,"\","/")
 
  wscript.echo
  wscript.echo "-------------------------------------"
  wscript.echo " Finding Administrator Group Name"
  wscript.echo "-------------------------------------"
  wscript.echo
 
  Call GetAdminGroupName( AdminGroup )
 
  wscript.echo
  wscript.echo "-------------------------------------"
  wscript.echo " Parsing/Splitting Accounts"
  wscript.echo "-------------------------------------"
  wscript.echo
  AdminArray              = Split(TSVarAdmins, ";")
 
  For i = LBound(AdminArray) To UBound(AdminArray)
 Call AddUserAdmin ( Trim(AdminArray(i)), AdminGroup )
 wscript.echo AdminArray(i)
  Next
  wscript.echo
  wscript.echo "-------------------------------------"
  wscript.echo " Script End"
  wscript.echo "-------------------------------------"
  wscript.echo
  wscript.Quit (0)
 
 
  '########################################
  ' Add Administrator - DISABLED SUB
  '########################################
  'Sub AddUserAdmin(theUser, theGroup)
 
' Dim oWSH
' Dim oEXE
' Dim exeLine
' Dim outLine

' exeLine = "net localgroup " & theGroup & " /add " & Chr(34) & theUser & Chr(34)

' wscript.echo
' wscript.echo "-------------------------------------"
' wscript.echo " Add Administrator"
' wscript.echo "-------------------------------------"
' wscript.echo " [CMDEXE]: " & exeLine

' Set oWSH = CreateObject("Wscript.Shell")
' Set oEXE = oWSH.Exec(exeLine)
'
' outLine = oEXE.StdOut.ReadAll
' wscript.echo " [STDOUT]: " & outLine
' outLine = oEXE.StdErr.ReadAll
' wscript.echo " [STDERR]: " & outLine

' End Sub
 
'########################################################################################################################
' Add Administrator - added by CJR due to 20 character limitation of net.exe -
'########################################################################################################################
Sub AddUserAdmin(theUser, theGroup)
 
strComputer = "."
Set objGroup = GetObject("WinNT://" & strComputer & "/" & theGroup)
Set objUser = GetObject("WinNT://" & theUser)
objGroup.Add(objUser.ADsPath)

End Sub
 
  '########################################
  ' Get Administrator Group Name
  ' May vary from region-to-region
  '########################################
  Sub GetAdminGroupName( ByRef outName )
 Dim oWMI
 Dim oQRY
 Set oWMI = GetObject("winmgmts:\\.\root\cimv2")
 Set oQRY = oWMI.ExecQuery  ("Select * From Win32_Group Where LocalAccount = TRUE And SID = 'S-1-5-32-544'")
 
 For Each anAccount in oQRY
  outName = anAccount.Name
  wscript.echo "Group Name Found: [" & outName & "]"
 Next
 
  End Sub
 
 
 
 
#1
    gjones

    • Total Posts : 2525
    • Scores: 142
    • Reward points : 147720
    • Joined: 6/5/2001
    • Location: Ottawa, Ontario, Canada
    • Status: offline
    Re:UDI Wizard does not Add long group name to Local Administrators group. Resolved! Monday, July 02, 2012 11:24 AM (permalink)
    0
    nice.
     
    #2
      Online Bookmarks Sharing: Share/Bookmark

      Jump to:

      Current active users

      There are 0 members and 2 guests.

      Icon Legend and Permission

      • New Messages
      • No New Messages
      • Hot Topic w/ New Messages
      • Hot Topic w/o New Messages
      • Locked w/ New Messages
      • Locked w/o New Messages
      • Read Message
      • Post New Thread
      • Reply to message
      • Post New Poll
      • Submit Vote
      • Post reward post
      • Delete my own posts
      • Delete my own threads
      • Rate post

      2000-2014 ASPPlayground.NET Forum Version 3.9