Welcome to Powergui.org - an open source community for Windows Powershell

PowerGUI.org PowerGUI.org and blogs

Forums » Request a Script

Thread: Script to disable 'annon*' local users on multiple servers (Citrix Servers)

This question is not answered. Helpful answers available: 2. Answered answers available: 1.

Reply to this Thread Reply to this Thread Back to Thread List Back to Thread List Point your RSS reader here for a feed of the latest messages in all forums

Permlink Replies: 4 - Pages: 1 - Last Post: Apr 18, 2012 1:02 AM by: Hans Wurst
dorz3l

Posts: 2
Registered: 4/16/12
Script to disable 'annon*' local users on multiple servers (Citrix Servers)
Posted: Apr 16, 2012 11:45 AM 		 
  Click to reply to this thread Reply

I'm looking for some PS script help because, well, I'm just learning and not very good yet. 
I would like to use a PS script that calls a csv file containing server names and then disables specific local users on each server.  These local users are installed during Citrix XenApp role install to provide support for optional anonymous users. The local anonymous accounts created on each server follow the name convention of 'anon001', 'anon002', etc... up through 'anon014'.  We currently have a significant # of servers and this wasn't done prior to creating our image in VMware so I need to go back and disable all of them on existing servers.

Thanks!


Hans Wurst


Posts: 134
Registered: 2/9/12
Re: Script to disable 'annon*' local users on multiple servers (Citrix Servers)
Posted: Apr 16, 2012 1:25 PM   in response to: dorz3l 		 
  Click to reply to this thread Reply

Hello,
try this:

From here "http://gallery.technet.microsoft.com/scriptcenter/f75801e7-169a-4737-952c-1341abea5823" I got this function:

<pre class="powershell">Function Remove-LocalUser {   [CmdletBinding()]  Param(   [Parameter(Position=0,       Mandatory=$True,       ValueFromPipeline=$True)]   [string]$userName,   [string]$computerName = $env:ComputerName  )  $User = [ADSI]"WinNT://$computerName"  $user.Delete("User",$userName) }
</pre>$names = "anon001", "anon002", "anon003", "anon004", "anon005", "anon006", "anon007", "anon008", "anon009", "anon010", "anon011", "anon012", "anon013", "anon014"

import-csv "path_to_csvfile" | foreach-object { $_=$pc; $names | foreach-object {
<pre class="powershell">Remove-LocalUser -username $_ -computername $pc</pre>}}

Tell me if it worked.

Hans Wurst


Posts: 134
Registered: 2/9/12
Re: Script to disable 'annon*' local users on multiple servers (Citrix Servers)
Posted: Apr 16, 2012 1:31 PM   in response to: dorz3l 		 
  Click to reply to this thread Reply

Sorry I dont know what happened. Here it is once again:

Function Remove-LocalUser {  
[CmdletBinding()] 
Param(   [Parameter(Position=0, Mandatory=$True, ValueFromPipeline=$True)]
  [string]$userName,  
  [string]$computerName = $env:ComputerName  ) 
$User = [ADSI]"WinNT://$computerName" 
$user.Delete("User",$userName)
}

$names = "anon001", "anon002", "anon003", "anon004", "anon005", "anon006", "anon007", "anon008", "anon009", "anon010", "anon011", "anon012", "anon013", "anon014"

import-csv "path_to_csvfile" | foreach-object { $_=$pc; $names | foreach-object {

Remove-LocalUser -username $_ -computername $pc

}}

dorz3l

Posts: 2
Registered: 4/16/12
Re: Script to disable 'annon*' local users on multiple servers (Citrix Servers)
Posted: Apr 17, 2012 5:58 AM   in response to: Hans Wurst 		 
  Click to reply to this thread Reply

forgive my ignornace on this but the function looks like it's performing a delete as opposed to simply disabling the account.  is that correct or am I misunderstanding?

thanks!


Hans Wurst


Posts: 134
Registered: 2/9/12
Re: Script to disable 'annon*' local users on multiple servers (Citrix Servers)
Posted: Apr 18, 2012 1:02 AM   in response to: dorz3l 		 
  Click to reply to this thread Reply

Hello dorz3l, your absolutely right! Please excuse my improper reading....

so try this one:

function Set-LocalUser
{
 [CmdletBinding()]
 Param(
  [Parameter(Position=0,
      Mandatory=$True,
      ValueFromPipeline=$True)]
  [string]$userName,
  [Parameter(Position=1,
      Mandatory=$True,
      ValueFromPipeline=$True,
      ParameterSetName='EnableUser')]
  [string]$password,
  [Parameter(ParameterSetName='EnableUser')]
  [switch]$enable,
  [Parameter(ParameterSetName='DisableUser')]
  [switch]$disable,
  [string]$computerName = $env:ComputerName,
  [string]$description = "modified via powershell"
 )
 $EnableUser = 512 # ADS_USER_FLAG_ENUM enumeration value from SDK
 $DisableUser = 2  # ADS_USER_FLAG_ENUM enumeration value from SDK
 $User = [ADSI]"WinNT://$computerName/$userName,User"
 
 if($enable)
  {
      $User.setpassword($password)
      $User.description = $description
      $User.userflags = $EnableUser
      $User.setinfo()
  } #end if enable
 if($disable)
  {
      $User.description = $description
      $User.userflags = $DisableUser
      $User.setinfo()
  } #end if disable
} #end function Set-LocalUser

$names = "anon001", "anon002", "anon003", "anon004", "anon005", "anon006", "anon007", "anon008", "anon009", "anon010", "anon011", "anon012", "anon013", "anon014"

import-csv "path_to_csvfile" | foreach-object { $_=$pc; $names | foreach-object {

Set-LocalUser -username $_ -disable -computername $pc

}}

Pages: 1
Back to Thread List Back to Thread List
Legend
MVP: 2501 + pts
Guru: 2001 - 2500 pts
Expert: 751 - 2000 pts
Enthusiast: 31 - 750 pts
Novice: 0 - 30 pts
Moderators
Helpful answer (5 pts)
Answered (10 pts)

Point your RSS reader here for a feed of the latest messages in all forums



© 2011 Quest Software, Inc  |  Legal Agreement  |  Privacy Policy  |  Terms of Use  |  Report a Problem with This Site
Powered By Jive Software