User and host management in Windows 2000 is normally done by clicking the MMC GUI. Since we prefer text based configuration files for host and user information (because of documentation and reproducibility), we developed two tools that do user and host administration using text files: usermgr and hostmgr. To do management of the local users wich are not in the Active Directory we developped the tool lusermgr

usermgr, rmusers, hostmgr, and lusermgr are three tools that use a common configuration repository made of text files in a directory. We will refer to that directory as confdir, but at our site it is /usr/drwho/winpack-a/isgtc/etc/win32 on Unix and \\isgtc\isgtc\etc on Windows. The configuration files represent different OU (organizational units), one file per OU. In addition there is a file named GLOBAL that contains common configuration settings for all OUs.

The parsing of those configuration files is done by a perl module called ISG::Win32::Config, which also contains detailed information about the syntax of these files.

domain = hades

*** network ***

dns = 129.132.7.87

+ 129.132.7.64

  gateway  = 129.132.7.65
  netmask  = 255.255.255.192

This example shows what is contained in the GLOBAL configuration: domain-controller hostname (note that we assume one single do-it-all server) and network configuration.

description = Informatik Support Gruppe

*** users ***

zaucker   Fritz     Zaucker     zaucker@ee.ethz.ch     *    -
strub     Ruedi     Strub       strub@ee.ethz.ch       *    -
luki      Christian Lukasczyk   luki@ee.ethz.ch        *    -

*** hosts ***

00:50:fe:bc:65:13    129.132.116.12    test2
00:50:fe:bc:65:14    129.132.116.13    test3
00:50:fe:bc:65:15    129.132.116.14    test4

*** local_config ***

reporting_email = w2k-admin@ee.ethz.ch

+autwin48
    auto_login=default_user
    ++default_user
        group=Users
        must_change_password=false
        allow_password_change=false
        send_password_to=file:///c:\Documents%20and%20Settings\ 
         Administrator\Desktop\default_user_password.txt

This is the configuration for the OU=isg,OU=ee,DC=hades OU, the file is called isg.ee and determines the OU path in the Active Directory.

usermgr does set in the Active Directory all the properties specified in the users section of the OU configuration. It does use the ISG::Win32::ActiveDirectory module and creates the OU structure if it is not already present. If a new account is done, usermgr will generate a password for that account and if an account is changed the changes will be transfered the the AD. Note that at the moment user removal is not supported, so you will have to manually delete the user from the file and from the AD.

rmusers finds all accounts on the system that are not listed in the text account config files. When started it will display a list of accounts, and will ask for confirmation to remove them, both from the active diretory as well as from the disk.

hostmgr synchronizes the information contained in the hosts section of the OU configuration files and the information of the GLOBAL file with the information in the DHCP configuration of the server and the Active Directory. New hosts will be added to the Server, and hosts that do not occure in the text configuration file will be removed.

DHCP configuration is done by executing netsh commands to dump the DHCP database contents, comparing the database with the information in the configuration files and executing other netsh commands to sync the database with the configuration files. hostmgr will activate the DHCP service if it is disabled.

Information in the Active Directory is entered similarly to usermgr with the ISG::Win32::ActiveDirectory module.

The purpose of win32-lusermgr is to manage local accounts on client machines and membership of domain users in local groups. lusermgr is usually executed as a bootmgr feature on managed client machines under the SYSTEM account. It may also be started manually with local Administrator privileges.