With a program that I'm working on, I have a need to be sure that keyboard access features like Sticky Keys is disabled for everyone.
I have code that can:
Change the active setting for the current user (enable or disable). This only affects the current user when they are logged in and is not something that is permanently set.
Change the registry setting for the current user (disabling by setting HKCU\Control Panel\Accessibility\StickyKeys\Flags to "506"). This only affects the current user's registry entry and will make sure that the settings are set for each time they log into Windows.
Change the registry setting for the ".DEFAULT" user in a similar way as item 2. This means that any new account that is set up on the computer will have Sticky Keys and the hot key for it disabled by default.
What I don't know how to do is to go about changing the setting for all of the existing users whose settings are in the registry when they are not logged in. Essentially, I want to be sure that Sticky Keys are disabled for them. Is there a convenient way that I can parse the registry for all existing user accounts and change that setting?
I Understand Your Problem, the answer is too long to post here,
Please Read this and it i think you will have your answer
let me know how you go
PS, The Link is safe and virus free, don't worry
DISABLING STICKY KEYS FOR ALL USERS
One Last thing, i thought might be useful in your situation
Please be advised that, when you Access a Hidden File called "Default" Under Users
C:\Users\Default
BE REALLY CAREFUL HERE (this file is critical)
Any Changes or settings made to this file will affect all users and all Future User Accounts
My question is in regards to how I should go about implementing a batch script/PowerShell cmdlet on Windows that does the following:
When a browser window is open that has the window/page title "Blank" then send the "tab" key, send login credentials to text boxes on webpage and then send the "enter" key.
I found this article (Automatic login to a website on windows 7/Chrome via batch file) about sending login credentials in a web browser, which is very similar to what I want to do, however I want the script to ONLY run if the browser is already open and has a specific value in the window title. This is for an authentication system for the network running on my server that asks me to re-login every 30 days, and will open up a browser window automatically when it needs me to login. So, when it opens the window, I want the script to be able to automatically login for me. Since the server is unattended (GUI wise), I want the re-authentication to occur automatically. My plan would be to have this set as a scheduled task and have it run nightly, to verify that the system is still authenticated. If the system is not authenticated, I want the batch file/cmdlet to login for me.
I did some research and found information about using conditions for batch files, but I couldn't find any information about how I would use the window title or any other program attribute to base my conditional off of.
People have suggested using PowerShell, so I am totally open to that as well if you have a recommendation for implementation via that route.
Please let me know if you need any further information, or have any questions.
You can do it with Powershell.
Here is an example for getting the window name, it should be possible to use it to detect Internet explorer to.
$selectedWindows = get-process | Where-Object { $_.MainWindowTitle -match "Editor"}
in $selectedWindows there are all windows which title matches "Editor"
Now you can get the $selectedWindows in front and use sendKeys to work with the Window.
For getting the Window activated and in front i have a short example here:
http://pastecode.org/index.php/view/22992037
I am very new to Oracle Policy Automation. I am developing a screen which will give the option to the user to select languages. Based on his/her selection, the next screen should display a welcome message in the language selected.
I have two properties files (one for each language) and I have placed them inside the /classes/configuration folder.
Now, my query is how to invoke these properties files based on user selection and what should I write in the label field so that the messages are dynamically picked up.
Thanks in advance for the help.
I guess you may have figured this out by now.
In OPA the locale has to be set at the start of an interactive session (part of the start investigation URL) and cannot be changed subsequently. The locale specific resource files under configuration will then be used.
Your locale selection screen would probably need to be outside of OPA triggering a session start of the correct type. If you are using OWD then it will actually provide it's own locale selection screen if you try to access a rulebase without specifying the locale to use. We are working on some additional tooling around OWD to make this process a lot more straightforward
i want to startup an application (.app) at startup in a GUEST ACCOUNT in mac(snow leopard). THe app disables all shortcuts and dock as well(using kiosk). The user must enter a token number to login . I have made the app but i cant force every other service to stop . If i put it in boot sequence through system->services, the app does not come at front. instead it is launched but is in the doc and i have to left click it to launch it in front. :(
(i want to do this programmatically by editing the boot sequence of mac OS )
Problem is I used kiosk and it only works when my application is in front.
So i need to perform this that i cant figure out.
1) run my app only(after login and NO OTHER SERVICE) and rest of the mac should boot once my app has exited.
Thanks in advance
for any help that u can provide
I already tried to tell you in your previous question that you are probably going the wrong way. If you put something into a user´s login items, it can easily be deactivated by holding "shift" while logging in (which you probably do not want); also, completely hacking your Mac OS Startup routine (if it can be done) is a bit too much in my eyes.
You should seriously consider
using a login/policy banner (realised for example here) which would pop up over the loginwindow (so a user has to agree)
using a loginwindow hook combined with a logout hook to change the user password (e.g. based on a hidden password-list and using dscl -passwd or pwpolicy) once the user logs out. This way you should be able to generate passwords based on a list and validate them (token system)
Yours, Asmus
P.S.: on your previous question you commented on mipadi´s answer that you have found a great link, thought it´s missing. Could you maybe add this, as this might be interesting for other people in the future.
I'm looking for a way to find a the windows login associated with a specific group. I'm trying to add permissions to a tool that only allows names formatted like:
DOMAIN\USER
DOMAIN\GROUP
I have a list of users in active directory format that I need to add:
ou=group1;ou=group2;ou=group3
I have tried adding DOMAIN\Group1, but I get a 'user not found' error.
P.S. should also be noted that I'm not a Lan admin
Programatically or Manually?
Manually, i prefer AdExplorer, which is a nice Active directory Browser. You just connect to your domain controller and then you can look for the user and see all the details. Of course, you need permissions on the Domain Controller, not sure which though.
Programatically, it depends on your language of couse. On .net, the System.DirectoryServices Namespace is your friend. (I don't have any code examples here unfortunately)
For Active Directory, I'm not really an expert apart from how to query it, but here are two links I found useful:
http://www.computerperformance.co.uk/Logon/LDAP_attributes_active_directory.htm
http://en.wikipedia.org/wiki/Active_Directory (General stuff about the Structure of AD)
You need to go to the Active Directory Users Snap In after logging in as a domain admin on the machine:
Go to start --> run and type in mmc.
In the MMC console go to File -->
Add/Remove Snap-In Click Add Select
Active Directory Users and Computers and select Add.
Hit Close and then hit OK.
From here you can expand the domain tree and search (by right-clicking on the domain name).
You may not need special privileges to view the contents of the Active Directory domain, especially if you are logged in on that domain. It is worth a shot to see how far you can get.
When you search for someone, you can select the columns from View --> Choose Columns. This should help you search for the person or group you are looking for.
You do not need domain admin rights to look at the active directory. By default, any (authenticated?) user can read the information that you need from the directory.
If that wasn't the case, for example, a computer (which has an associated account as well) could not verify the account and password of its user.
You only need admin rights to change the contents of the directory.
I think it is possible to set more restricted permissions, but that's not likely the case.
OU is an Organizational Unit (sort of like a Subfolder in Explorer), not a Group, Hence group1, 2 and 3 are not actually groups.
You are looking for the DN Attribute, also called "distinguishedName". You can simply use DOMAIN\DN once you have that.
Edit: For groups, the CN (Common Name) could also work.
The full string from Active Directory normally looks like this:
cn=Username,cn=Users,dc=DomainName,dc=com
(Can be longer or shorter, but the important bit is that the "ou" part is worthless for what you're trying to achieve.
Well, AdExplorer runs on your Local Workstation (which is why I prefer it) and I believe that most users have read access to AD anyway because that's actually required for stuff to work, but I'm not sure about that.
Install the "Windows Support Tools" that is on the Windows Server CD (CD 1 if it's Windows 2003 R2). If your CD/DVD drive is D: then it will be in D:\Support\Tools\SuppTools.msi
This gives you a couple of additional tools to "get at" AD:
LDP.EXE - good for reading information in AD, but the UI kinda stinks.
ADSI Edit - another snap-in for MMC.EXE that you can both browse AD with and get to all those pesky AD attributes you're looking for.
You can install these tools on your local workstation and access AD from there without domain admin privileges. If you can log on to the domain, you can at least query/read AD for this information.
Thanks adeel825 & Michael Stum.
My problem is, though, i'm in a big corporation and do not have access to log in as the domain admin nor to view the active directory, so i guess my solution is to try and get that level of access.