I would like to write a console app that can determine the local administrator account using its SID and then change the password. I have been using a vbscript to do this but ran into an issue where it no longer works properly (long story). I would like to rewrite this as a C# console app instead. I am hoping that a compiled app will sufficiently hide the password being used which would be present in the source code.
The vbscript uses the WMI Win32_UserAccount namespace to determine which local account belongs to the administrator. It's done this way because you don't always know the name of the administrator account (it's renamed for increased security).
I'm fairly new to C# and I'm not sure where to start. I have been doing some searches for awhile now but I'm not finding any good sources on using WMI with C# or any other method for that matter.
What is the proper way to approach this task? Is WMI the wrong way to go about it? I think using WMI would be the easiest approach if I could figure out how to use it. I think I'll need a reference to System.Management for starters.
I'm not necessarily looking for someone to give me a solution but rather offer guidance to get me on the right track. I really want to learn C# but it feels like a huge task at this point even for this simple project. The language is enormous!
it doesn't sound 'too hard' in c# - I guess its far for me to suggest that
a) using MSAD is a better choice
b) hiding the password in a compiled app, well, it can still be discovered - it all depends on a risk analysis of what the threats are as to wether that risk is acceptable
c) you could do a first cut with C# & WMI since you know WMI already - I personally don't like WMI, I feel it has too much overhead, I may get shouted down for that comment - but heck, if it works and you're happy with it - else translate out the WMI parts for 'native' C# (which may also be p/invokes since C# doesn't cover every possible Win32 API)
d) how is this program supposed to run ? obviously someone could simply stop it running - which is a risk in itself
e) what if the program 'breaks' - how do you then get access to that machine/account ? ( a back-door ? [shiver] )
There is plenty (even here on CP) about using WMI with .Net - there's even a tool somewhere, Im still looking for the reference that iirc build the WMI query for you
a) MSAD - If you're suggesting GPO, information security rejected that method because the communication is all clear text.
b) My executable will be inspected before it is adopted to see how easily the password can be discovered. Only then will I be able to deploy it. I'm currently using Microsoft Encoder to encode my vbscript. VBS becomes VBE but it is only protection from casual browsing. That has been acceptable for the last 13 years, so I'll have to see if I can gain approval. I can report back the result for those that are curious.
c) I don't use WMI much but there are some cases where it's pretty handy. I get what you're saying about overhead. It does noticeably slows things down. Another method that is perhaps more efficient would be to read the keys from HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\ProfileList into an array and look for the local admin. I don't know if the SID is the same for local admin across all computers but I'd lean towards that it's not the same. I notice the username isn't located in those profiles but WMI will expose that information.
d) This app would run hidden/silent on a daily basis. Our users aren't savvy enough to kill the process. It would happen in a random fashion and run in a split second. This has been considered acceptable risk.
e) In the event a password doesn't seem to be working properly, we have accounts to get around that.
I haven't found very much info on C# and WMI so far. I do know where to find a list of WMI classes. I can also figure out which properties are available with each class. I find MSDN to be difficult to understand at times until you understand the basic concepts. You can literally get lost in all of the documentation.
I'm not discouraged. I've found everyone in this forum to be very helpful and professional. Every project you can come up with is a bit of a puzzle. It's fun to work as a community to find solutions...
ok, so, let me ask a questions about your 'process'
how are you going to 'start' it - are you for example going to run this new program, and pass into it (maybe via the commandline) the current password (possibly encrypted), just as a 'start' step to transition off your script
so far you've got
a) get the current password (possibly command line)
b) possibly decrypt the current password
c) find the local Administrator account
d) derive a new random password
e) change the Administrator account password to the new password
f) store the new password & possibly Administrator account name [somewhere], encrypted
g) possibly email an administrator the machine name, administrator account name, password, all encrypted with some other 'key'
The application will be deployed via System Center Configuration Manager 2012 to all client workstations. I haven't written any Pseudocode yet but I would basically do the following:
Set variable to new password of my choosing (it is the same on all workstations)
Find the local administrator account
Reset the local administrator password
Output the results to event viewer log
This solution only needs to be very simple.
I just found out from information security that if they can see the password within the EXE, they will accept it as a temporary solution. Not sure if this is a waste of time or not. It sounds like they will be looking for a commercial solution in the end.
I need a sample code to implement the Conditional Activities (IfElse, IfElseBranch and While Activity). I want to implement it using C# code. Kindly provide a sample or an example of to implement the Activity
We do not do your homework: it is set for a reason. It is there so that you think about what you have been told, and try to understand it. It is also there so that your tutor can identify areas where you are weak, and focus more attention on remedial action.
Try it yourself, you may find it is not as difficult as you think!
Bad command or file name. Bad, bad command! Sit! Stay! Staaaay...
We can't answer that: we can't see your screen, access your HDD, or read your mind.
We don't even know what you consider "too long"! For some applications a couple of seconds will be "too long" - for others, a couple of milliseconds needs speeding up: but we can't tell.
Please, try giving a better idea of exactly what is going on: what your service does, where it is in relation to your app, how long it takes to respond and so forth. Because we can't help based on no information!
Bad command or file name. Bad, bad command! Sit! Stay! Staaaay...
To test the webservice use SOAPUI tool. This is open Source and a completely free tool. You can also use .NET tool provided to test the webservice.
Check the following for your webservice response
Do the ping or telnet request to the objects and servers your webservice is trying to access.
publicpartialclass Form1 : Form
privatevoid button1_Click(object sender, EventArgs e)
now dynamicDotNetTwain1 have a image i want to save this image in my sql server
Last Visit: 31-Dec-99 18:00 Last Update: 13-Jun-21 1:28