Hi Gerhard,
I have another question, about your excellent effort to create a scripted appsonly batch file.
Your "appsonly.pl" code currently has:
system("net user $autologinuser $autologinpwd /add /expires:never");
system("net localgroup Administratoren $autologinuser /add");
system("%z%\\bin\\autolog.pl --logon=1 --user=$autologinuser --password=$autologinpwd");
This doesn't really make sense. There are two problems with this.
1. If you have rights to add somebody to the "Administratoren" group then you probably already are an Administrator.
2. The name "Administratoren" is one that MS have localized. So in this scenario it would be better to use their numeric security descriptor that is fixed across languages. S-1-5-32-544 (see http://support.microsoft.com/default.aspx?scid=kb;EN-US;Q243330)
But more importantly, what were you trying to achieve? Can't we assume that the person doing the "appsonly.bat" will need to be a local or domain or enterprise admin and therefore we won't need these lines in? I for one surely wouldn't want to have normal user execute this script and also have them added to the local administrators group on their machine.
What do you think?
Regards,
Urs Rau
------------------------------------------------------- SF email is sponsored by - The IT Product Guide Read honest & candid reviews on hundreds of IT Products from real users. Discover which products truly live up to the hype. Start reading now. http://ads.osdn.com/?ad_id=6595&alloc_id=14396&op=click _______________________________________________ unattended-devel mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/unattended-devel
