The entire administrative account creation script is assembled below. When executed, it will create both administrative level management accounts. It will then be up to Tom to remember to set the password for the ASAT01 account to non-expiring in order to prevent the account from getting locked out, which would prevent the execution of the defrag script. Tom will also have to modify the scheduled task that runs the defrag script to run using this account.
'************************************************************************* 'ScriptName : Script 15.1.vbs 'Author: Jerry Ford 'Created: 03/15/03 'Description: This script creates 2 administrative level user accounts. 'One provides the Desktop Support Team with a backdoor into the computer. 'The other provides sufficient access to run scheduled administrative 'scripts. '************************************************************************* 'Initialization Section Option Explicit On Error Resume Next Const cTitlebarMsg = "Administrative Account Creator" Dim WshShl Dim intRunStatus Dim strDskMgtAcct Dim strSchedAcct 'Instantiate the WshShell object Set WshShl = WScript.CreateObject("WScript.Shell") strDskMgtAcct = "ADMA01" strSchedAcct = "ASAT01" 'Main Processing Section 'Get permission to proceed intRunStatus = CallRunVerification() If intRunStatus = 6 Then 'Call the procedure that creates new accounts CreateAdminAcct(strDskMgtAcct) CreateAdminAcct(strSchedAcct) End If 'Terminate script execution WScript.Quit() 'Procedure Section Function CallRunVerification() Dim strMsgText 'Display the splash screen and ask the user if he or she wants to play strMsgText = "This script will create the following Administrative level" & _ " user accounts on the local computer:" & vbTab & vbCrLf & vbCrLf & _ strDskMgtAcct & " - A Desktop Management Administrative Account" & vbCrLf & _ strSchedAcct & " - A Admin level user account used to run scheduledtasks " & _ vbCrLf & vbCrLf & "Do you wish to continue?" CallRunVerification = MsgBox(strMsgText, 36, cTitlebarMsg) End Function Sub CreateAdminAcct(strNewAcctName) Dim strPasswd Dim intCmdResult intCmdResult = 0 strPasswd = GetValidPasswd() 'Create the new account intCmdResult = WshShl.Run("netuser " & strNewAcctName & " " & _ strPasswd & " /add", 0) 'Add the account to the local administratorsgroup If intCmdResult = 0 then intCmdResult= WshShl.Run("net localgroup Administrators /add " & _ strNewAcctName, 0) If intCmdResult <> 0 then MsgBox "Error Code 2: Account creation failed for " & _ strNewAcctName, , cTitlebarMsg Else MsgBox "Account creation successful for " & strNewAcctName, , cTitlebarMsg End If Else If intCmdResult <> 0 then MsgBox "Error Code 1: Account creation failed for " & _ strNewAcctName, , cTitlebarMsg End If End If End Sub 'This procedure creates a backdoor account for the desktop management team Function GetValidPasswd() Dim strPasswd Dim strValidPassword strValidPassword = "NO" Do Until strValidPassword = "YES" 'Prompt for a password to assign to the account strPasswd = InputBox("Type a password for the " & strDskMgtAcct & _ " account and click on OK." , cTitleBarMsg) If strPasswd = "" Then MsgBox "Password Missing: You must enter a valid 8 character " & _ "password to continue.", , cTitlebarMsg Else If Len(strPasswd) < 8 Then MsgBox "Incorrect password length. Password must be at " & _ "least 8characters long", , cTitlebarMsg Else GetValidPasswd = strPasswd strValidPassword = "YES" End If End If Loop End Function