Every company has there build specs, their dummy accounts, after installation software and other internal doo dad’s they feel are vital to the build. Even with imaging you can never guarantee its all done right so i always prefer to script the end of install just to make sure its clean, fresh and right each time a system comes off the build line.
Heres a few pointers i threw together to get your “post build” script in order starting with dummy accounts, passwords and user memberships.
Renaming the administrators account (admrename.vbs):
strComputer = “.”
Set wshShell = WScript.CreateObject( “WScript.Shell” )
strComputerName = wshShell.ExpandEnvironmentStrings( “%COMPUTERNAME%” )
Const ADS_UF_DONT_EXPIRE_PASSWD = &H10000
Set objWMIService = GetObject(“winmgmts:” & strComputer & “rootcimv2″)
Set colAccounts = objWMIService.ExecQuery _
(“Select * From Win32_UserAccount Where LocalAccount = True And Name = ‘Administrator'”)
For Each objAccount in colAccounts
objAccount.Rename “ADM” & strComputerName
The above script will rename the Administrator account to ADMcomputername, it can easily be changed to a static name deleting the & strComputerName and adding the full name in the “” ‘s.
Creating a local account using the command line (batch):
net user patchacc passw0rd /add /comment:”Patch account” /fullname:”windows Patch account” /active:yes /passwordchg:no /passwordreq:yes
the above script will create a username (patchacc) with password (passw0rd), the account will also be enabled.
Add an account to the local administrators(batch):
net localgroup /add administrators patchacc
The above command adds the username patchacc to the local group administrators, you can use the above command to add a domain account using net localgroup /add administrators domainusername.
Setting a password to never expire (pwd.vbs):
Set objUser = GetObject(“WinNT://” & strcomputer & “/username“)
objPasswordNoChangeFlag = objUser.UserFlags XOR ADS_UF_DONT_EXPIRE_PASSWD
objUser.Put “userFlags”, objPasswordNoChangeFlag
objUser.SetInfo
The above scriptlet will simply set the password to the “username” account to never expire, dont try to do it with net user, it doesnt work… ever.
Creating a dummy administrator account:
net user Administrator Notreal123 /add /comment:”Bogus Admin Account” /fullname:”Bogus Admin Account” /active:no /passwordchg:no /passwordreq:yes
The above script will create a disabled user called administrator (rename the current administrator first), with password of Notreal123.
After the jump is an example of how to tie them all into one super script and the source files.
As part of my recent Citrix cleanup i found the need to clear down an applications log files folder, this folder existed in the program files directory and was eating up gb’s of space with useless logs. The only difference between these files and standard logs was that sometimes recovery was neccessary so it was agreed that a 7 day retention would be kept.