dimitrifrom31 Posted October 15, 2009 Share Posted October 15, 2009 Most of you may be doing it manually, everytime you have to create a new server you create a new windows user then grant him rights on the game server path and TCA service and finally open the services.msc to run the service under his account. Thats not taking hours but it would be better if it could be automated no? That was my thought so with the help of Luis I created this install/uninstall script : Prerequisites : Create a new windows group (lusrmgr.msc) - here I called it "tcagroup" - and grant him the permission to log on as a service and deny log on locally (Administrative tools > local strategy > user rights). Now add the following to your install script : @echo off&setlocal enableextensions for %%* in (.) do set serviceid=%%~n* if not defined serviceid set serviceid=%CD:\=% REM the line below creates an user with username %serverip%%serverport% and password %serverport% net user %serverip%%serverport% %serverport% /add /passwordchg:no REM The line below assigns this user to the "tcagroup", change group name if you chose another one net localgroup tcagroup %serverip%%serverport% /add net accounts /maxpwage:unlimited REM The line below grants full rights to the user over the GameServer path cacls %gameserverroot-notrailingslash% /t /e /g %serverip%%serverport%:f REM The line below grants full rights to the user over the TCA Service Path, adapt to your own path cacls "C:\Program Files (x86)\TCAdmin Control Panel\Monitor\Services\%serviceid%" /t /e /g %serverip%%serverport%:f REM The line below sets the service to be started as your new user sc config %serviceid% obj= .\%serverip%%serverport% password= %serverport% Of course I recommend you to change the password in red by another variable as serverport would be too much simple. A good choice could be : a13%serverport%bg5 ie some random characters of your choice associated to a TCA variable but your free to do what you want even use same password for all. For convenience Ive put the password in red in script to make it clear to change it. Uninstall script : net user %serverip%%serverport% /delete RMDIR /S /Q "C:\documents and settings\%serverip%%serverport%" Feel free to leave your comments and feed back, note that so far it seems to be working with all games but rFactor. For some reason I could not identify yet the rfactor instance starts properly but changes made to config arent applied if not running as localsystem. If you got any idea about that thx for replying Link to comment Share on other sites More sharing options...
dimitrifrom31 Posted October 15, 2009 Author Share Posted October 15, 2009 forgot to ask : is that totally safe to allow dll upload once I got all servers running under different accounts or is there still a risk to damage other files than the concerned game server ones? Link to comment Share on other sites More sharing options...
studeggle Posted October 15, 2009 Share Posted October 15, 2009 still risk due to virus, trojans, key loggers, ect.. Link to comment Share on other sites More sharing options...
dimitrifrom31 Posted October 15, 2009 Author Share Posted October 15, 2009 still risk due to virus, trojans, key loggers, ect.. hmm even if .exe remains blocked? Link to comment Share on other sites More sharing options...
studeggle Posted October 15, 2009 Share Posted October 15, 2009 many virus, and what not travel by means of dll files. If client can upload dll files then they just place it where it'll be executed iether as part of an addon or replacing a game dll. So yep even if exe are still blocked. Link to comment Share on other sites More sharing options...
Guest louise Posted October 15, 2009 Share Posted October 15, 2009 Using the above i get Error while starting: Cannot start service TC58628758734112860283558 on computer '.'. For win 2003 use Edit Sorted it out on 2003 its slightly different Prerequisites : Create a new windows group (lusrmgr.msc) - here I called it "tcagroup" - and grant him the permission to log on as a service and deny log on locally (Administrative tools > local security settings > local policy's > user rights assignments ). hay presto Link to comment Share on other sites More sharing options...
dimitrifrom31 Posted October 18, 2009 Author Share Posted October 18, 2009 updated the script, the cacls required /t argument to apply to subfolders, this could create troubles starting certain games. Link to comment Share on other sites More sharing options...
CrimsonGT Posted January 18, 2010 Share Posted January 18, 2010 Hmm, cannot get this to work for some reason, heres my install/uninstall scripts. Anyone notice anything wrong with these? Btw, thanks for the great script mate, looking forward to it working *Note* Wanted to mention, for the uninstall script, if you use Server 2008, there is no document and settings, you need to change it to C:\Users Install Script: netsh firewall add allowedprogram "%gameserverexe%" %serverip%_%serverport% ENABLE @echo off&setlocal enableextensions for %%* in (.) do set serviceid=%%~n* if not defined serviceid set serviceid=%CD:\=% net user %serverip%%serverport% 20Rnd%serverport%Pass10 /add /passwordchg:no net localgroup TCAdminUsers %serverip%%serverport% /add net accounts /maxpwage:unlimited cacls %gameserverroot-notrailingslash% /t /e /g %serverip%%serverport%:f cacls "C:\Program Files (x86)\TCAdmin Control Panel\Monitor\Services\%serviceid%" /t /e /g %serverip%%serverport%:f sc config %serviceid% obj= .\%serverip%%serverport% password= 20Rnd%serverport%Pass10 Uninstall Script: netsh firewall del allowedprogram "%gameserverexe%" net user %serverip%%serverport% /delete RMDIR /S /Q "C:\Users\%serverip%%serverport%" Link to comment Share on other sites More sharing options...
dimitrifrom31 Posted January 18, 2010 Author Share Posted January 18, 2010 Hmm, cannot get this to work for some reason, heres my install/uninstall scripts. Anyone notice anything wrong with these? Btw, thanks for the great script mate, looking forward to it working *Note* Wanted to mention, for the uninstall script, if you use Server 2008, there is no document and settings, you need to change it to C:\Users Install Script: netsh firewall add allowedprogram "%gameserverexe%" %serverip%_%serverport% ENABLE @echo off&setlocal enableextensions for %%* in (.) do set serviceid=%%~n* if not defined serviceid set serviceid=%CD:\=% net user %serverip%%serverport% 20Rnd%serverport%Pass10 /add /passwordchg:no net localgroup TCAdminUsers %serverip%%serverport% /add net accounts /maxpwage:unlimited cacls %gameserverroot-notrailingslash% /t /e /g %serverip%%serverport%:f cacls "C:\Program Files (x86)\TCAdmin Control Panel\Monitor\Services\%serviceid%" /t /e /g %serverip%%serverport%:f sc config %serviceid% obj= .\%serverip%%serverport% password= 20Rnd%serverport%Pass10 Uninstall Script: netsh firewall del allowedprogram "%gameserverexe%" net user %serverip%%serverport% /delete RMDIR /S /Q "C:\Users\%serverip%%serverport%" Please use my updated version posted in user scripts forum and post your batch error messages when running the batch manually. Link to comment Share on other sites More sharing options...
CrimsonGT Posted January 18, 2010 Share Posted January 18, 2010 Ah woops, I failed to see this one was last updated 2009. Sorry. Link to comment Share on other sites More sharing options...
Recommended Posts
Archived
This topic is now archived and is closed to further replies.