Jump to content

Create a local admin account


Recommended Posts

I use this when I am onboarding a new client. Computers have been there and most people don't know/have their own admin password

Quote

 

$Username = "ADMIN-USERNAME-HERE"
$Password = "ADMIN-PASSWORD-HERE"

$group = "Administrators"

$adsi = [ADSI]"WinNT://$env:COMPUTERNAME"
$existing = $adsi.Children | where {$_.SchemaClassName -eq 'user' -and $_.Name -eq $Username }

if ($existing -eq $null) {

    Write-Host "Creating new local user $Username."
    & NET USER $Username $Password /add /y /expires:never
    
    Write-Host "Adding local user $Username to $group."
    & NET LOCALGROUP $group $Username /add

}
else {
    Write-Host "Setting password for existing local user $Username."
    $existing.SetPassword($Password)
}

Write-Host "Ensuring password for $Username never expires."
& WMIC USERACCOUNT WHERE "Name='$Username'" SET PasswordExpires=FALSE

 

 

Link to post
Share on other sites
  • 10 months later...
  • 1 year later...
On 4/4/2017 at 9:11 PM, andy0609 said:

I use this when I am onboarding a new client. Computers have been there and most people don't know/have their own admin password

 

I am trying to use this script, but I keep getting the error

"Where-Object : Cannot process command because of one or more missing mandatory parameters: FilterScript. At C:\Program Files\Pulseway\automation_dc45fa75_cbe2_4a45_bfb5_18a9f9945795.ps 1:16 char:4 + } ? <<<< + CategoryInfo : InvalidArgument: (:) [Where-Object], ParameterBi ndingException + FullyQualifiedErrorId : MissingMandatoryParameter,Microsoft.PowerShell.C ommands.WhereObjectCommand"

 

Ideas?

Link to post
Share on other sites
  • 2 months later...
  • 1 month later...

Adding one line hides the ID from the user.

$Username = "ID to create"
$Password = "Password for created ID"

$group = "Administrators"

$adsi = [ADSI]"WinNT://$env:COMPUTERNAME"
$existing = $adsi.Children | where {$_.SchemaClassName -eq 'user' -and $_.Name -eq $Username }

if ($existing -eq $null) {

    Write-Host "Creating new local user $Username."
    & NET USER $Username $Password /add /y /expires:never
    
    Write-Host "Adding local user $Username to $group."
    & NET LOCALGROUP $group $Username /add
    
	New-ItemProperty -Path "HKLM:\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\SpecialAccounts\UserList" -Name $Username -PropertyType DWord -Value 0 -ea SilentlyContinue -wa SilentlyContinue

}
else {
    Write-Host "Setting password for existing local user $Username."
    $existing.SetPassword($Password)
}

Write-Host "Ensuring password for $Username never expires."
& WMIC USERACCOUNT WHERE "Name='$Username'" SET PasswordExpires=FALSE

exit 0;

I have not used created ID to run scripts. Wanted to give back, if I didn't post this now I would never post it.

I am new to scripting with pulseway. Does Write-Host go somewhere meaningful, or is this just also a script you manually run?

Thanks for the ID creation with  error checking!

Link to post
Share on other sites
  • 7 months later...


This works perfect, almost...I have an encoding problem...
I am on a swedish OS and the name of the administrators group is "Administratörer".
How do I get that ö over to the machine instead of a Çô or whatever gets in to that powershell session.

Best regards
Mike :)

2020-02-08@21_54_59.png

Edited by kappnet
Link to post
Share on other sites
  • 2 weeks later...
  • 3 months later...

sure seems like way too much code for this project, I do this as a bath script not power shell.

net user localpcadmin Password /add
net localgroup administrators localpcadmin /add
net localgroup administrators administrator /add
net localgroup administrators "domain admins" /add
net localgroup "Power Users" "domain users" /add

Link to post
Share on other sites
On 2/8/2020 at 10:03 PM, kappnet said:


This works perfect, almost...I have an encoding problem...
I am on a swedish OS and the name of the administrators group is "Administratörer".
How do I get that ö over to the machine instead of a Çô or whatever gets in to that powershell session.

Best regards
Mike :)

2020-02-08@21_54_59.png

 

Unfortunately, Pulseway doesn't support Swedish characters within scripts at this point in time (I'd love to see that in the future though). However there's a way around it.. You can use ASCII-code instead of letters. I did this with a script recently in order to create a scheduled task, and it's working fine.  

 

Replace the following: 

$group = "Administrators"

 

With:

$group = [char]065+[char]100+[char]109+[char]105+[char]110+[char]105+[char]115+[char]116+[char]114+[char]097+[char]116+[char]246+[char]114+[char]101+[char]114

(The ASCII code above says Administratörer. Please note that putting the code within quotation marks will store the ASCII-code itself, which we don't want in this case)

Edited by AC_Martin_J
Link to post
Share on other sites
  • 2 weeks later...

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
×
  • Create New...