Showing posts with label security. Show all posts
Showing posts with label security. Show all posts

Thursday, August 28, 2014

ASP - Function to Get Windows Logon UserName

This requires that you have some form of authentication enabled on the web site configuration.  I prefer Windows Authentication, but forms or basic might also suffice.  Basically, regardless of the web browser, as long as some form of authentication is required, and the user provides it (or the browser hands it over silently, like IE usually does, cough-cough), it will spew forth the "logon_user" or "remote_user" server variable.  Using that, you can parse out a NetBIOS domain prefix, such as "contoso\dumbass" to return just the "dumbass" part.

[asp]
<%
Function Get_UserName()
    Dim tmp, result
    result = ""
    tmp = Trim(Request.ServerVariables("LOGON_USER"))
    If tmp = "" Then
        tmp = Trim(Request.ServerVariables("REMOTE_USER"))
    End If
    If tmp <> "" Then
        If InStr(tmp, "\") > 0 Then
            arrtmp = Split(tmp,"\")
            result = Lcase(arrtmp(1)
        Else
            result = Lcase(tmp)
        End If
    End If
    Get_UserName = result
End Function

 ' test it out...

 If Get_UserName() = "dave" Then
    Response.Write "yay!  it's dave!"
Else
    Response.Write "boo.  it's not dave. bummer."
End If
%>
[/asp]
Posted by at No comments:
Labels: , , , ,

Tuesday, July 20, 2010

MS Security Essentials vNext Silent Install

The new Microsoft Security Essentials is out in beta, and here's how to install it silently using a VBscript.  You still need to tweak it for UAC unless you adapt the command string for use within something else like ConfigMgr.  Enjoy…

const x86 = "mseinstall_en_us_x86.exe"
const x64 = "mseinstall_en_us_amd64.exe"

Function ScriptPath()
    ScriptPath = Replace(wscript.ScriptFullName, "\" & wscript.ScriptName, "")
End Function

Set fso = createobject("Scripting.FileSystemObject")
If fso.FolderExists("c:\Program Files (x86)") Then
    cmd = x64
Else
    cmd = x86
End If

cmdpath = ScriptPath() & "\" & cmd

If fso.FileExists(cmdpath) Then
    Set objShell = CreateObject("Wscript.Shell")
    objShell.Run cmdpath & " /s /runwgacheck /o", 1, True
    Set objShell = Nothing
Else
    wscript.echo cmdpath & " not found"
End If

Set fso = Nothing
Posted by at No comments:
Labels: , , ,

Tuesday, July 14, 2009

VBScript Query All Domain Controllers for a User Account Status

Query all domain controllers for the status of a specified user account. This can come in handy when there are suspected replication problems in AD and some domain controllers are not up to date on a given account (locked, disabled, modified, etc.).


Const userid = "ServiceAccount20"
Const ou = "OU=ServiceAccounts,OU=IT,OU=Corp,DC=contoso,DC=com"

Const pageSize = 1000
Const ADS_SCOPE_SUBTREE = 2

Set dso = GetObject("LDAP:")

'----------------------------------------------------------------

Function Domain_LDAP()
    Dim retval, objRootDSE
    Set objRootDSE = GetObject("LDAP://RootDSE")
    retval = objRootDSE.Get("defaultNamingContext")
    Domain_LDAP = retval
End Function

'----------------------------------------------------------------
' function: 
'----------------------------------------------------------------

Function CName(strval)
    Dim tmp
    tmp = Replace(strval, "CN=NTDS Settings,CN=", "")
    CName = Split(tmp, ",")(0)
End Function

'----------------------------------------------------------------
' function: 
'----------------------------------------------------------------

Function DomainControllers()
    Dim objConnection, objCommand, objRecordSet
    Dim dn, retval : retval = ""

    dcn = Domain_LDAP()

    Set objConnection = CreateObject("ADODB.Connection")
    Set objCommand = CreateObject("ADODB.Command")
    objConnection.Provider = "ADsDSOObject"
    objConnection.Properties("ADSI Flag") = 1
    objConnection.Open "Active Directory Provider"

    Set objCommand.ActiveConnection = objConnection

    objCommand.CommandText = _
        "SELECT distinguishedName FROM " & _
        "'LDAP://cn=Configuration," & dcn & "' " & _
        "WHERE objectClass='nTDSDSA'"

    objCommand.Properties("Page Size") = pageSize
    objCommand.Properties("Searchscope") = ADS_SCOPE_SUBTREE

    Set objRecordSet = objCommand.Execute
    objRecordSet.MoveFirst

    wscript.echo "info: querying for list of domain controllers..."

    Do Until objRecordSet.EOF
        dn = objRecordSet.Fields("distinguishedName").Value
        If retval <> "" Then
            retval = retval & vbTab & dn
        Else
            retval = dn
        End If
        objRecordSet.MoveNext
    Loop
    DomainControllers = retval
End Function

'----------------------------------------------------------------

wscript.echo "info: user account = " & userid
dclist = DomainControllers()

wscript.echo "info: querying user account status from each domain controller..."

For each strDC in Split(dclist, vbTab)
    cn = CName(strDC)
    dcn = Replace(strDC, "CN=NTDS Settings,", "")
 
    Set objUser = GetObject("LDAP://" & cn & "/CN=" & userid & "," & ou)
    On Error Resume Next
 
    ' refer to http://support.microsoft.com/kb/305144
 
    uac = objUser.Get("userAccountControl")
    If err.Number <> 0 Then
        wscript.echo err.Number & " - " & err.Description
    Else
        ' add more cases below if you prefer, or logand the results
        Select Case uac
            Case 512: wscript.echo "info: " & cn & " = normal"
            Case 16: wscript.echo "info: " & cn & " = locked"
            Case 2: wscript.echo "info: " & cn & " = disabled"
            Case 65536: wscript.echo "info: " & cn & " = never-expires"
            Case Else: wscript.echo "info: " & cn & " = unknown: " & uac
        End Select
    End If
Next
Posted by at No comments:
Labels: , , , ,

Friday, July 10, 2009

KiXtart: Enumerate HOSTS file Entries 


Break ON

$systemRoot = ExpandEnvironmentVars("%systemroot%")
$hostsFile  = $systemRoot+"\system32\drivers\etc\hosts"
$fileHandle = FreeFileHandle()
$entries = 0

If Exist($hostsFile)
    ? "info: hosts file found at "+$hostsFile
    If Open($fileHandle, $hostsFile, 1) = 0
        ? "info: reading file..."
        $line = ReadLine($fileHandle)
        While @ERROR = 0
            If Left($line, 1) <> "#"
                ; ignore lines beginning with # as they are comments
                ? "line --> $line"
                $entries = $entries + 1
            EndIf
            $line = ReadLine($fileHandle)
        Loop
        $=Close($fileHandle)
        ? "info: $entries entries found"
    Else
        ? "fail: unable to open hosts file!"
    EndIf
Else
    ? "fail: hosts file cannot be found!"
EndIf
Posted by at No comments:
Labels: , , ,
Subscribe to: Posts (Atom)