PC Professionell 2006 May

home *** CD-ROM | disk | FTP | other *** search

/ PC Professionell 2006 May / PCpro_2006_05.ISO / files / free_security / msshared / Shared_Computer_Toolkit_ENU.msi / FileInclude007 < prev next >

Wrap

Text (UTF-16) | 2005-09-02 | 24.3 KB | 372 lines

' *** ' *** ------------------------------------------------------------------------------ ' *** Filename: clsUserAccounts.vbs ' *** ------------------------------------------------------------------------------ ' *** Description: UserAccounts Class ' *** ------------------------------------------------------------------------------ ' *** Version: 1.0 ' *** Notes: Drives the contents of the UserAccounts dialog ' *** ------------------------------------------------------------------------------ ' *** Copyright (C) Microsoft Corporation 2005, All Rights Reserved ' *** ------------------------------------------------------------------------------ ' *** ' ~~~ ' ~~~ Force variables to be declared and turn off script error messages unless in DEBUG mode ' ~~~ Option Explicit Class UserAccounts ' ~~~ ' ~~~ declare variables and constants ' ~~~ Dim bAdmin, bGuest, sLocalUserSID ' ~~~ ' ~~~ Start of public methods ' ~~~ ' *** ' *** ------------------------------------------------------------------------------ ' *** Name: ListAccounts(strTool) ' *** ------------------------------------------------------------------------------ ' *** Purpose: Returns a HTML string containing the user Accounts and creates ' *** the OPTION tag in the ddUserAcc dd list ' *** ------------------------------------------------------------------------------ ' *** Public Function ListAccounts(strTool) If NOT DEBUG Then On Error Resume Next Else On Error Goto 0 Dim oUser ' ~~~ get a list of user accounts on the local machine oAccounts.Filter = Array("user") Select Case strTool Case "ProfileMgr" For Each oUser in oAccounts sLocalUserSID = GetLocalSID(oUser.ObjectSID) If AddUserAccount(oUser) = True Then Elseif oUser.Get("PasswordExpired") <> 0 Then ElseIf oUser.AccountDisabled <> 0 Then AddUsers oUser.Name, 5 , GetDisplayName(oUser) ElseIf IsUserLoggedOn(oUser) = True Then AddUsers oUser.Name, 3 , GetDisplayName(oUser) ElseIf IsAccountLocked(oUser) = True Then AddUsers oUser.Name, 4 , GetDisplayName(oUser) Else AddUsers oUser.Name, 0 , GetDisplayName(oUser) End If Next Case "Restrictions" For Each oUser in oAccounts sLocalUserSID = GetLocalSID(oUser.ObjectSID) If AddUserAccount(oUser) = True Then elseIf (GetProfilePath(oUser) <> "" ) AND (oFso.FileExists( GetProfilePath(oUser) & "\NTuser.dat") OR oFso.FileExists( GetProfilePath(oUser) & "\NTuser.man") ) Then If IsUserLoggedOn(oUser) = True Then AddUsers oUser.Name , 3 , GetDisplayName(oUser) ElseIf oUser.AccountDisabled <> 0 Then AddUsers oUser.Name, 5 , GetDisplayName(oUser) ElseIf IsAccountLocked(oUser) = True Then AddUsers oUser.Name, 4 , GetDisplayName(oUser) Else AddUsers oUser.Name, 0 , GetDisplayName(oUser) End If Else '~~~ Accounts with no profile AddUsers oUser.Name, 6 , GetDisplayName(oUser) End If Next End Select End Function ' ~~~ ' ~~~ End of public methods ' ~~~ ' ~~~ ' ~~~ Start of private methods ' ~~~ ' *** ' *** ------------------------------------------------------------------------------ ' *** Name: Class_Initialize ' *** ------------------------------------------------------------------------------ ' *** Purpose: Used internally by the class when it is created. ' *** Declared as private because it must not be called directly. ' *** ------------------------------------------------------------------------------ ' *** Private Sub Class_Initialize If NOT DEBUG Then On Error Resume Next Else On Error Goto 0 bAdmin = False bGuest = False End Sub ' *** ' *** ------------------------------------------------------------------------------ ' *** Name: Class_Terminate ' *** ------------------------------------------------------------------------------ ' *** Purpose: Used internally by the class when it is destroyed. ' *** Declared as private because it must not be called directly. ' *** ------------------------------------------------------------------------------ ' *** Private Sub Class_Terminate If NOT DEBUG Then On Error Resume Next Else On Error Goto 0 End Sub ' *** ' *** ------------------------------------------------------------------------------ ' *** Name: GetLocalSID(sLocUserSID) ' *** ------------------------------------------------------------------------------ ' *** Purpose: Returns the users SID ' *** ------------------------------------------------------------------------------ ' *** Private Function GetLocalSID(sLocUserSID) If NOT DEBUG Then On Error Resume Next Else On Error Goto 0 Dim OctetToHexStr, HexStrToDecStr, arrbytSid, lngTemp, iByteCount ' ~~~ Convert the binary array of SID to Hexa value OctetToHexStr = "" For iByteCount = 1 To Lenb(sLocUserSID) OctetToHexStr = OctetToHexStr & Right("0" & Hex(Ascb(Midb(sLocUserSID, iByteCount, 1))), 2) Next ' ~~~ Convert the hexa Value of SID to a string ReDim arrbytSid(Len(OctetToHexStr)/2 - 1) For iByteCount = 0 To UBound(arrbytSid) arrbytSid(iByteCount) = CInt("&H" & Mid(OctetToHexStr, 2*iByteCount + 1, 2)) Next HexStrToDecStr = "S-" & arrbytSid(0) & "-" _ & arrbytSid(1) & "-" & arrbytSid(8) lngTemp = arrbytSid(15) lngTemp = lngTemp * 256 + arrbytSid(14) lngTemp = lngTemp * 256 + arrbytSid(13) lngTemp = lngTemp * 256 + arrbytSid(12) HexStrToDecStr = HexStrToDecStr & "-" & CStr(lngTemp) lngTemp = arrbytSid(19) lngTemp = lngTemp * 256 + arrbytSid(18) lngTemp = lngTemp * 256 + arrbytSid(17) lngTemp = lngTemp * 256 + arrbytSid(16) HexStrToDecStr = HexStrToDecStr & "-" & CStr(lngTemp) lngTemp = arrbytSid(23) lngTemp = lngTemp * 256 + arrbytSid(22) lngTemp = lngTemp * 256 + arrbytSid(21) lngTemp = lngTemp * 256 + arrbytSid(20) HexStrToDecStr = HexStrToDecStr & "-" & CStr(lngTemp) lngTemp = arrbytSid(25) lngTemp = lngTemp * 256 + arrbytSid(24) HexStrToDecStr = HexStrToDecStr & "-" & CStr(lngTemp) GetLocalSID = HexStrToDecStr End Function ' *** ' *** ------------------------------------------------------------------------------ ' *** Name: GetProfilePath(objUser) ' *** ------------------------------------------------------------------------------ ' *** Purpose: Gets the profile path for the seleted user in the dd list ' *** ------------------------------------------------------------------------------ ' *** Private Function GetProfilePath(objUser) If NOT DEBUG Then On Error Resume Next Else On Error Goto 0 Dim sProfilePath sProfilePath = "" sProfilePath = objUser.Profile ' ~~~ We need to ignore errors here... RegRead may fail and that's ok On Error Resume Next ' ~~~ if profile path is still blank, it is not locked so get profile path using sid If sProfilePath = "" Then sProfilePath = RegRead("HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\ProfileList\" & sLocalUserSID & "\ProfileImagePath") End If ' ~~~ return path GetProfilePath = oShell.ExpandEnvironmentStrings(sProfilePath) End Function ' *** ' *** ------------------------------------------------------------------------------ ' *** Name: IsAccountLocked(objUser) ' *** ------------------------------------------------------------------------------ ' *** Purpose: Returns true if the specified account has a locked profile ' *** ------------------------------------------------------------------------------ ' *** Private Function IsAccountLocked(objUser) If NOT DEBUG Then On Error Resume Next Else On Error Goto 0 Dim sProfilePath IsAccountLocked = False sProfilePath = objUser.Profile ' ~~~ If ProfilePath is blank, this account is not roaming and cannot be locked. If sProfilePath = "" Then Exit Function ' ~~~ Need error handling here - if the oFSo call below causes an error that's ok On Error Resume Next ' ~~~ If the ntuser.man exists within, then we have a locked account If oFSo.FileExists(sProfilePath & "\NTUSER.MAN") Then IsAccountLocked = True End Function ' *** ' *** ------------------------------------------------------------------------------ ' *** Name: IsUserLoggedOn(objUser) ' *** ------------------------------------------------------------------------------ ' *** Purpose: Returns true if the specified account is logged on ' *** ------------------------------------------------------------------------------ ' *** Private Function IsUserLoggedOn(objUser) If NOT DEBUG Then On Error Resume Next Else On Error Goto 0 Dim sNTUser, oFile, oFileStream, strProfilePath Const FORAPPENDING = 8 Const TRISTATEUSEDEFAULT = -2 strProfilePath = "" IsUserLoggedOn = False If IsAccountLocked(objUser) = True Then sNTUser = "\NTUSER.MAN" Else sNTUser = "\NTUSER.DAT" End If ' ~~~ We need to control error handling for the rest of this function On Error Resume Next ' ~~~ Get the profilepimagepath from the registry strProfilePath = RegRead("HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\ProfileList\" & sLocalUserSID & "\ProfileImagePath") strProfilePath = oShell.ExpandEnvironmentStrings(strProfilePath) Set oFile = oFso.GetFile( strProfilePath & sNTUser) ' ~~~ If we can't find the NTUSER file then it doesn't exist - so the user cannot be logged on If Err.Number <> 0 Then Exit Function Set oFileStream = oFile.OpenAsTextStream(FORAPPENDING, TRISTATEUSEDEFAULT) ' ~~~ If we can't open the NTUSER file exclusively, then someone must already be using it If Err.Number <> 0 Then IsUserLoggedOn = True End Function ' *** ' *** ------------------------------------------------------------------------------ ' *** Name: AddUserAccount(oUser) ' *** ------------------------------------------------------------------------------ ' *** Purpose: Checks if the user account is a system account,Admin,Guset ' *** Returns True or False ' *** ------------------------------------------------------------------------------ ' *** Private Function AddUserAccount(oUser) If NOT DEBUG Then On Error Resume Next Else On Error Goto 0 Dim sFive Dim sUserSID AddUserAccount = False sUserSID = "" Select Case UCase(oUser.Name) Case "HELPASSISTANT" AddUserAccount= True Case "ASPNET" AddUserAccount= True Case "SUPPORT_388945A0" AddUserAccount= True Case "SQLDEBUGGER" AddUserAccount= True Case "ACTUSER" AddUserAccount= True Case "IUSR_" & UCase(oNetwork.ComputerName) AddUserAccount= True Case "IWAM_" & UCase(oNetwork.ComputerName) AddUserAccount= True Case "VUSR_" & UCase(oNetwork.ComputerName) AddUserAccount= True Case UCase(oNetwork.UserName) AddUserAccount= True AddUsers oUser.Name, 1 , GetDisplayName(oUser) Case Else ' ~~~ Get the SID of the user if necessary If not(bAdmin) or not(bGuest) then sUserSID = sLocalUserSID End if If sUserSID <> "" AND Right(sUserSID,4) = "-500" Then ' ~~~ Administrator account AddUserAccount= True AddUsers oUser.Name, 2 , GetDisplayName(oUser) bAdmin = True End If If sUserSID <> "" AND Right(sUserSID,4) = "-501" Then ' ~~~ Guest account AddUserAccount= True AddUsers oUser.Name, 7 , GetDisplayName(oUser) bGuest = True End If End Select End Function ' *** ' *** ------------------------------------------------------------------------------ ' *** Name: GetDisplayName(oUser) ' *** ------------------------------------------------------------------------------ ' *** Purpose: Returns the user account's fullname if it exists ' *** ------------------------------------------------------------------------------ ' *** Private Function GetDisplayName(oUser) If NOT DEBUG Then On Error Resume Next Else On Error Goto 0 Dim sAccName, sFullName sAccName = "" sFullName = "" sAccName = oUser.Name sFullName = oUser.FullName GetDisplayName = sAccName If sFullName <> "" Then If UCase(sAccName) = UCase(sFullName) Then GetDisplayName = sFullName Else GetDisplayName = sFullName + " (" + sAccName + ")" End If End If End Function End Class