1
1
Fork 0
mirror of https://github.com/pbatard/rufus.git synced 2024-08-14 23:57:05 +00:00

[wue] add 'Local' to the list of disallowed local account names

* Closes #2493.
* Also add 'KRBTGT' as it is mentioned at https://learn.microsoft.com/en-us/windows-server/identity/ad-ds/manage/understand-default-user-accounts#default-local-accounts-in-active-directory
  along with 'Administrator' and 'Guest' and is probably disallowed too.
This commit is contained in:
Pete Batard 2024-07-08 13:13:21 +01:00
parent 7c6dbdc1ce
commit 6d29120b38
No known key found for this signature in database
GPG key ID: 38E0CF5E69EDD671
2 changed files with 10 additions and 9 deletions

View file

@ -33,7 +33,7 @@ LANGUAGE LANG_NEUTRAL, SUBLANG_NEUTRAL
IDD_DIALOG DIALOGEX 12, 12, 232, 326 IDD_DIALOG DIALOGEX 12, 12, 232, 326
STYLE DS_SETFONT | DS_MODALFRAME | DS_CENTER | WS_MINIMIZEBOX | WS_POPUP | WS_CAPTION | WS_SYSMENU STYLE DS_SETFONT | DS_MODALFRAME | DS_CENTER | WS_MINIMIZEBOX | WS_POPUP | WS_CAPTION | WS_SYSMENU
EXSTYLE WS_EX_ACCEPTFILES EXSTYLE WS_EX_ACCEPTFILES
CAPTION "Rufus 4.6.2184" CAPTION "Rufus 4.6.2185"
FONT 9, "Segoe UI Symbol", 400, 0, 0x0 FONT 9, "Segoe UI Symbol", 400, 0, 0x0
BEGIN BEGIN
LTEXT "Drive Properties",IDS_DRIVE_PROPERTIES_TXT,8,6,53,12,NOT WS_GROUP LTEXT "Drive Properties",IDS_DRIVE_PROPERTIES_TXT,8,6,53,12,NOT WS_GROUP
@ -397,8 +397,8 @@ END
// //
VS_VERSION_INFO VERSIONINFO VS_VERSION_INFO VERSIONINFO
FILEVERSION 4,6,2184,0 FILEVERSION 4,6,2185,0
PRODUCTVERSION 4,6,2184,0 PRODUCTVERSION 4,6,2185,0
FILEFLAGSMASK 0x3fL FILEFLAGSMASK 0x3fL
#ifdef _DEBUG #ifdef _DEBUG
FILEFLAGS 0x1L FILEFLAGS 0x1L
@ -416,13 +416,13 @@ BEGIN
VALUE "Comments", "https://rufus.ie" VALUE "Comments", "https://rufus.ie"
VALUE "CompanyName", "Akeo Consulting" VALUE "CompanyName", "Akeo Consulting"
VALUE "FileDescription", "Rufus" VALUE "FileDescription", "Rufus"
VALUE "FileVersion", "4.6.2184" VALUE "FileVersion", "4.6.2185"
VALUE "InternalName", "Rufus" VALUE "InternalName", "Rufus"
VALUE "LegalCopyright", "<22> 2011-2024 Pete Batard (GPL v3)" VALUE "LegalCopyright", "<22> 2011-2024 Pete Batard (GPL v3)"
VALUE "LegalTrademarks", "https://www.gnu.org/licenses/gpl-3.0.html" VALUE "LegalTrademarks", "https://www.gnu.org/licenses/gpl-3.0.html"
VALUE "OriginalFilename", "rufus-4.6.exe" VALUE "OriginalFilename", "rufus-4.6.exe"
VALUE "ProductName", "Rufus" VALUE "ProductName", "Rufus"
VALUE "ProductVersion", "4.6.2184" VALUE "ProductVersion", "4.6.2185"
END END
END END
BLOCK "VarFileInfo" BLOCK "VarFileInfo"

View file

@ -60,10 +60,11 @@ extern StrArray modified_files;
/// <returns>The path of a newly created answer file on success or NULL on error.</returns> /// <returns>The path of a newly created answer file on success or NULL on error.</returns>
char* CreateUnattendXml(int arch, int flags) char* CreateUnattendXml(int arch, int flags)
{ {
const static char* xml_arch_names[5] = { "x86", "amd64", "arm", "arm64" };
const static char* unallowed_account_names[] = { "Administrator", "Guest", "KRBTGT", "Local" };
static char path[MAX_PATH]; static char path[MAX_PATH];
FILE* fd; FILE* fd;
int i, order; int i, order;
const char* xml_arch_names[5] = { "x86", "amd64", "arm", "arm64" };
unattend_xml_flags = flags; unattend_xml_flags = flags;
if (arch < ARCH_X86_32 || arch > ARCH_ARM_64 || flags == 0) { if (arch < ARCH_X86_32 || arch > ARCH_ARM_64 || flags == 0) {
uprintf("Note: No Windows User Experience options selected"); uprintf("Note: No Windows User Experience options selected");
@ -150,10 +151,10 @@ char* CreateUnattendXml(int arch, int flags)
fprintf(fd, " </OOBE>\n"); fprintf(fd, " </OOBE>\n");
} }
if (flags & UNATTEND_SET_USER) { if (flags & UNATTEND_SET_USER) {
if ((unattend_username[0] == 0) || (stricmp(unattend_username, "Administrator") == 0) || for (i = 0; (i < ARRAYSIZE(unallowed_account_names)) && (stricmp(unattend_username, unallowed_account_names[i]) != 0); i++);
(stricmp(unattend_username, "Guest") == 0)) { if (i < ARRAYSIZE(unallowed_account_names)) {
uprintf("WARNING: '%s' is not allowed as local account name - Option ignored", unattend_username); uprintf("WARNING: '%s' is not allowed as local account name - Option ignored", unattend_username);
} else { } else if (unattend_username[0] != 0) {
uprintf("• Use '%s' for local account name", unattend_username); uprintf("• Use '%s' for local account name", unattend_username);
// If we create a local account in unattend.xml, then we can get Windows 11 // If we create a local account in unattend.xml, then we can get Windows 11
// 22H2 to skip MSA even if the network is connected during installation. // 22H2 to skip MSA even if the network is connected during installation.