How to log into user account? - vbscript

After someone has logged off (Start button→Logoff) for the night, at a certain time in the morning I want to have the Task Scheduler automatically log into the Windows 7 user account (the opposite of Start button→Logoff) that is password protected. The machine is 64 bit. I am doing this so systems (vbs, vba, etc.) can prep files prior to the user showing up to work.
I was pretty sure this was possible, but I can't find it anywhere online, so I am wondering if it really is possible.
I have to this in a VBScript.
For security reasons I need to log him off at night, but I figured that part out (vbs from SO):
Set = wshell = Wscript.CreateObject(Wscript.Shell")
wschell.exec("shutdown.exe -L -F") 'logoff and force shutdown programs
Edit1:
Using an answer from Sujith, I attempted to set this up. First I must point out that this is NOT a remote computer or connection. I'm trying to get the local computer to log back in to the user account.
I created logon.vbs with this vbs code:
Set = wshell = Wscript.CreateObject(Wscript.Shell")
wschell.exec("shutdown.exe -L -F") 'logoff and force shutdown programs
WScript.Sleep(5000)
computer = "computername"
username = "OTHERDOMAIN\user"
password = "password"
Set locator = CreateObject("WbemScripting.SWbemLocator")
Set wmi = locator.ConnectServer(computer, "root\default", username, password)
wmi.Security_.ImpersonationLevel = 3
In other words, I am logging off and right back on (avoiding the Task Scheduler so things are simplified). I also tried a lot of variations on this trying to get it to work. It logs me off just fine, but nothing happens after that. I have to login manually.
I also tried the Task Scheduler setting mentioned in Sujith's answer, but it never turned on that I could tell.
Edit2: Or please tell me what you need to provide an answer?

Create a task scheduler to run a vbscript, this task can be triggered while the user logs off from his session by selecting the trigger option "On disconnect from user session" & Any user.
The vbscript which is scheduled on trigger may have the code for remote login on the machine. For the code the below links will help you.
connect to Remote server in vb script
Connecting to a Remote Server on a different domain -- how do I enter the username and password?

I don't think what you're trying to do is possible. If you can do a reboot first, you can solve it by using Windows' built-in "Auto Logon" feature.
If so, I've got some suggestions for an alternate solution for you:
Logging off users at a specified time
Follow the instructions for Assigning Logon Hours. Old article, but still valid for newer Windows Server OS.
OR
Create a script that logs off all logged on users, then create a scheduled task running as NT AUTHORITY\SYSTEM to execute it at a specified time.
Automatically rebooting and logging on with a specific username/password
Create a batch file called, say, "Enable_AutoLogon_and_Reboot.cmd" and place it in a folder, e.g. "C:\BatchFiles". Contents:
set sUsername=SOMEDOMAIN\Someusername
set sPassword=somepassword
:: Enable autologon on next boot
reg add "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\WinLogon" /v AutoAdminLogon /t REG_SZ /d 1 /f
:: Set autologon to only log on once
reg add "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\WinLogon" /v AutoLogonCount /t REG_DWORD /d 1 /f
:: Set username
reg add "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\WinLogon" /v DefaultUsername /t REG_SZ /d "%sUsername%" /f
:: Set password
reg add "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\WinLogon" /v DefaultPassword /t REG_SZ /d "%sPassword%" /f
:: Reboot
shutdown /r /t 0 /f
Replace the values of the variables at the start with the actual username and password.
Create a scheduled task running as NT AUTHORITY\SYSTEM (e.g. running daily at 06:00):
schtasks /create /tn "\CustomTasks\Enable AutoLogon and Reboot" /tr "%comspec% /c C:\BatchFiles\Enable_AutoLogon_and_Reboot.cmd" /st 06:00 /sc DAILY /ru "NT AUTHORITY\SYSTEM" /f

Related

How to disable Fast Boot (Fast Startup, Hybrid Boot) only once by the next shutdown?

The problem is;
Our software (setup) detects that the computer (win10), it is running on, needs to be restarted due to file operations, other setups and so on. Then we are asking for restart now or later to continue.
If the user restarts the computer immediately or later, pending operations have been done, and all is ok. But if the user only does shutdown (from start menu) and later starts the computer up again (there is a Fast Boot) pending operations would not been done. It is clear, because of fast boot...
My question is; How can i programatically say windows to disable fast boot only once by the next shutdown? I don't want disable it completely and activate it after next startup. Is it possible?
Thanks to the comment of RbMm on the comments of the answer I did this script which disables the Hybrid boot and adds a command to the RunOnce key in the registry to reenable it on the next boot.
The batch needs to be run with administrator rights:
#ECHO OFF
%COMSPEC% /C reg add "hklm\SYSTEM\CurrentControlSet\Control\Session Manager\Power" /v HiberbootEnabled /t REG_DWORD /d 0 /F
%COMSPEC% /C REG ADD HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce /v DisableHiberbootOnce /t REG_SZ /d "%COMSPEC% /C reg add """hklm\SYSTEM\CurrentControlSet\Control\Session Manager\Power""" /v HiberbootEnabled /t REG_DWORD /d 1 /F
As RbMm said the HLKM RunOnce key only it's executed if one administrator logins on the computer. To fix this I run on a GPO computer login script the command runonce.exe /explorer which runs the RunOnce scripts on the HKLM registry key without the need to log in as administrator.

Running the .bat batch file in administrator mode

Iam trying to synch certain computers to a TimeServer within the network, hence i've written a simple batch script to do the task. I've put into our WDS server.
How do i run it in administrator mode.
If i open the cmd prompt as administrator it starts with "C:\Windows\System32\"
this is where i want to run so how do i achieve it.I dont want to schedule it nor i want to use RMB Click and select "Run as Administrator"
OS: Win 2012R2
My batch file contains.
reg add HKLM\SYSTEM\CurrentControlSet\services\w32time\Config /v MaxNegPhaseCorrection /t REG_DWORD /d 0xffffffff /f
reg add HKLM\SYSTEM\CurrentControlSet\services\w32time\Config /v MaxPosPhaseCorrection /t REG_DWORD /d 0xffffffff /f
w32tm /config /syncfromflags:manual /manualpeerlist:"132.186.XX.XX 132.186.127.XX 132.186.192.XX 132.186.XXX.XX" /largephaseoffset:120000
net stop w32time
net start w32time
w32tm /resync
Thanks in Advance
Create a shortcut to the batch file.
Right click on the shortcut, go to properties -> shortcut tab -> advanced.
Tick run as adminstrator
Add this to the start of your batch file:
runas.exe /savecred /user:#administratoraccount# "%windir%/System32/cmd.exe"
Replace #administratoraccount# with the username of an admin.
The first time you run it, it will ask for the password of that admin account. Enter it. Unless the password is removed from the windows credential locker or the password or username of that admin is changed or the username is disabled, whenever the batch file is run from then on, it will automatically run cmd.exe as administrator.

Adding Entries to HKCU for all users

I am trying to run a registry file for each users when they first log in. I was looking at different options to add HKEY_CURRENT_USER but couldn't get a definitive answer. Need someone to direct me to the right direction.
So I have the following commands
reg add "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\foo.reg" /v "Version" /d "1" /t REG_SZ /f
add HKEY_CURRENT_USER\C:\mykit\foo.reg /v "EnableRPCEncryption" /d "1" /t REG_DWORD /f" /f
Ican execute them and but the reg_key doesn't run when I first login as a new user.
I am running windows 2012 server
Add the appropriate registry settings within HKU.Default using the same relative paths. Log in with a new user and check to see that the settings are present.
You can also create a Group Policy Object (GPO) that runs for all users and checks to see if the HKCU registry key is present and adds if necesary.
If you are not keen on GPO, you can write a batch file and place it in within the startup folder of the All Users Start Menu.

Script that runs "reg add" as admin

I need help in making a script (bat, vbs, whatever) that runs at startup as a different user (admin) the following command:
reg add HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Google\Chrome /f /v RestoreOnStartup /t REG_DWORD /d 1
I've tried combining that with "runas /savecred /user:administrator", without any success..
Background
On my work computer, in Chrome, the Startup Options are disabled. The only way to change them is through the registry, but after every restart, it reverts back to its original form (Continue where left off disabled).
So I would like a script that does enables it every time, so I don't have to do it manually.
If you have default settings use RunAs with the administrator account, except it will be disabled (but if it isn't is will run elevated as if standard settings apply).
This is a security not a programming question.
net user administrator /active:yes
You then have to allow logon with blank password in Local Security Policy.
Then
runas /user server\administrator "notepad.exe \"c:\windows\win.ini\""
The server is YOUR computer name.
I just turn offf UAC.

Windows XP batch command schtasks doesnt' run a remote script

I'm trying to create a batch file in order to run automatic scripts on several remote PCs.
My main machine should be able to connect to any remote PCs and set a local scheduled task.
The batch file uses these commands:
schtasks /delete <--- remove any previous version
/S \\10.1.2.3 <--- the remote PC's IP
/U theAdministrator <--- the username to access the PC
/P MyPassword <--- the password to access the PC
/TN MyTask <--- task name
/F <--- don't ask, just do it option
schtasks /create
/S \\10.1.2.3
/U theAdministrator
/P MyPassword
/RU theAdministrator <--- the username to execute the task
/RP MyPassword <--- the password to execute the task
/SC dayly /MO 1 <--- run every day
/TN MyTask
/TR C:\task.bat <--- the script to run on the remote PC
When I launch the first /delete command everything works, but the second returns a warning:
"task has been created but probably it will not run because it hasn't been possible to set the account information" (I'm sorry if this is not the exact error message but I have to translate it by myself)
I'm sure that username and password are correct because the /delete command is OK, and also /create one creates the task, even if it doesn't run.
Therefore the problem should be with /RU and /RP options...
Solution:
I wasn't able to execute the command itself without this error message, anyway I've reached my aim and found two different options:
The simplest way using the AT command:
AT \\10.1.2.3 12:00 C:\task.bat
It has no problem but needs to have specified an hour to run; this means if you want the task to be executed immediately you'll have to chatch %time% variable.
This option also doesn't allow to set an user to run the task (I've tested it as Administrator and the task was set to execute as NT AUTHORITY/SYSTEM)
The full featured way using PsTools:
Passing the schtasks /create command to PsExec
set command=schtasks /create /SC dayly /MO 1 /TN MyTask /TR C:\task.bat /RU theAdministrator /RP MyPassword
PsExec \\10.1.2.3 -u theAdministrator -p MyPassword %command%
NB.
The target IP, user and password to access the remote PC have to be set within PsExec command, therefore you don't need them on schtasks.
The script task.bat already exists on root C:\ of the target PC.
Are the PC's on a domain??
I've used schtasks on a domain before, and it works without the /ru and /rp. I just used /u and /p as the username and password of the machine that I was scheduling the task on.
Never tried it on standard workgroup/homegroup machines though.
You may also want to look at this, and make sure UAC is off on all remote machines, as thes could cause issues later.
Edit
I've just tried from one laptop to another (no domain involved).
These two lines work (in CMD, so should work through batch) for me
schtasks /delete /S \\xxx.xxx.xxx.xxx /U USERNAME /P PASSWORD /TN MyTask /F
schtasks /create /S \\xxx.xxx.xxx.xxx /U USERNAME /P PASSWORD /TN MyTask /SC once /st START_TIME /it /TR c:\test.bat
Things to note are;
- Obviously, replace the x's with the IP you need, and the USERNAME and PASSWORD with relevant data
- I used /sc once /st START_TIME, and not your /sc daily /mo 1, but that shouldn't make a difference
- I've added /it which (taken from CMD) "Enalbes the task to run interactively..." (in my experience, not using it has cause problems)
- The user on the laptop I was scheduling the task for does not exist on the laptop I ran schtasks from
- The user on the laptop I ran schtasks from does not exist on the laptop i was scheduling the task for (so users not existing on client/host does not matter)

Resources