我正在更新我们的本地管理脚本,其中不包括服务器 2008 r2。
因为 2008 和 Windows 7 具有相同版本的 Microsoft Windows [版本 6.1.7601],所以我无法进行版本搜索。
我已经尝试过这些选项
systeminfo |findstr /B /C:"OS Name"|find "2008"
if not ERRORLEVEL 1 goto W2008
或者
wmic OS get Caption|find "2008"
if not ERRORLEVEL 1 goto W2008
但两种选择都失败了。脚本从 GP 运行并应用到计算机
@echo off
setlocal
:: Set full path to logfile:
set logfile=C:\temp\pwd.log
:: Initialise logfile:
date /T >%logfile%
echo Starting pwd.log on %computername% >>%logfile%
:: ##############################################################
:: Set the required passwords here:
set ntw2kadmin=ntwpass
set xpvistaadmin=xppass
set w2k3admin=2003pass
set w2k8admin=P2008pass
:: ##############################################################
:: Exceptions:
if /I "%COMPUTERNAME%"=="PC1" goto SKIP
if /I "%COMPUTERNAME%"=="PC2" goto SKIP
if /I "%COMPUTERNAME%"=="PC3" goto SKIP
:: Set password based on OS version:
ver|find "4.0" >nul
if not ERRORLEVEL 1 goto NTW2K
ver|find "5.0" >nul
if not ERRORLEVEL 1 goto NTW2K
ver|find "5.1" >nul
if not ERRORLEVEL 1 goto XPVISTA
ver|find "5.2" >nul
if not ERRORLEVEL 1 goto 2K3
ver|find "6.0" >nul|
if not ERRORLEVEL 1 goto XPVISTA
wmic OS get Caption|find "2008"
if not ERRORLEVEL 1 goto W2008
:: Catch any unusual circumstances:
goto XPVISTA
:NTW2K
echo Setting local administrator password for this NT4 or Windows 2000 machine >>%logfile%
net user Administrator %ntw2kadmin% 2>&1 >>%logfile%
goto EOF
:XPVISTA
echo Setting local administrator password for this XP or Vista or Win 7 machine >>%logfile%
net user Administrator %xpvistaadmin% 2>&1 >>%logfile%
goto EOF
:2K3
echo Setting local administrator password for this Windows 2003 Server >>%logfile%
net user Administrator %w2k3admin% 2>&1 >>%logfile%
goto EOF
:W2008
echo Setting local administrator password for this Windows 2008 r2 Server >>%logfile%
net user Administrator %w2k8admin% 2>&1 >>%logfile%
goto EOF
:SKIP
echo Not setting local administrator password for %COMPUTERNAME% >>%logfile%
goto EOF
:EOF
echo setlapwd.bat: exiting >>%logfile%
:: Remove user permissions from the logfile's ACL:
cacls %logfile% /E /R BUILTIN\Users
:: End our local scope:
endlocal
更新:脚本适用于 Windows 2000、Windows XP、Windows 7、Windows Server 2003,但不适用于 Windows 2008 r2
答案1
这对我来说非常有效:
wmic OS get Caption|find "2008"
if not ERRORLEVEL 1 goto W2008
我猜错误可能出在这个脚本的其他地方。可能需要进行一些故障排除。
不过整个脚本看起来乱糟糟的。我建议用 PowerShell 脚本来替代,并且可能使用适当的 WMI 过滤器。或者更好的是,启用以下 GPO:
Computer Configuration, Windows Settings, Security Options, Account: Administrator account status, Disabled
首先,本地管理员配置文件并不是一个好主意。
答案2
答案如下。我使用 DSquery 搜索我们的广告,如果在服务器中,则作为服务器处理,否则作为桌面处理。
@echo off
:: Limit scope:
setlocal
:: Set full path to logfile:
set logfile=C:\tmp\passlog.log
:: Initialise logfile:
date /T >%logfile%
echo Starting passlog.bat on %computername% >>%logfile%
:: ##############################################################
:: Set the required passwords here:
::windows 2003 password
set w2k3admin=pass1
::windows 2008 password
set w2k8admin=Pass1
::windows xp, vista, 7 and 8 password
set desktopadmin=pcpass
:: ##############################################################
:: We need a copy of dsquery.exe on the local machine:
echo check dsquery file... >>%logfile%
if not exist %windir%\system32\dsquery.exe copy "\\shared\location\scripts\dsquery.exe" %windir%\system32\dsquery.exe
echo dsquery filed checked... >>%logfile%
:: Are we ignoreOU?
call dsquery computer -name %computername% | findstr /i "OU=ignoreOU"
if not ERRORLEVEL 1 goto ignoreOU
:: Are we a server?
call dsquery computer -name %computername% | findstr /i "OU=Servers"
if not ERRORLEVEL 1 goto server
:: Are we a DC?
call dsquery computer -name %computername% | findstr /i /C:"OU=Domain Controllers"
if not ERRORLEVEL 1 set goto server
::
goto desktop
:server
ver|find "6.1" >nul
if not ERRORLEVEL 1 goto 2k8
ver|find "5.2" >nul
if not ERRORLEVEL 1 goto 2k3
:2k8
echo Setting local administrator password for windows server 2008... >>%logfile%
net user Administrator %w2k8admin% 2>&1 >>%logfile%
goto EOF
:2k3
echo Setting local administrator password for windows server 2003... >>%logfile%
net user Administrator %w2k3admin% 2>&1 >>%logfile%
goto eof
:desktop
echo Setting local administrator password for desktop/laptop... >>%logfile%
net user Administrator %desktopadmin% 2>&1 >>%logfile%
goto eof
:ignoreOU
echo Not setting local administrator password for this ignoreOU server... >>%logfile%
goto eof
:eof
echo passlog.bat: exiting >>%logfile%
:: Remove user permissions from the logfile's ACL:
cacls %logfile% /E /R BUILTIN\Users
:: End our local scope:
endlocal