Kyle_Sanders Posted February 13, 2021 Posted February 13, 2021 I am looking fo a script that I can deploy where Pulseway can check to see if a specific local admin account has been created. If not have it create it. With that local admin account, there is a rotating password, which is recorded in a report per computer.
WYE Posted February 24, 2021 Posted February 24, 2021 Kyle, It's not Pulseway, but have a look at LAPS from Microsoft. If you have an AD Environment, it works a treat, and meets the requirement of recording password "relatively" securely, and allows for password rotation. AC_Martin_J 1
Nexusphreez Posted March 15, 2021 Posted March 15, 2021 So here is a script that I use and just set it up on a schedule. What it does is create a local and/or domain account with the specified user name and password. I can run it manually, on an individual system basis or through a workflow. The only minor drawback is that the password is listed in plain text. But my justification for this is that anyone internal to my organization is going to have access to this anyway. Its not visible to the client or anyone else. # Inputs $SetPassword = "Password Here" $SetUserName = "User Name Here" $group = "Administrators" $adsi = [ADSI]"WinNT://$env:COMPUTERNAME" $existing = $adsi.Children | where {$_.SchemaClassName -eq 'user' -and $_.Name -eq $SetUsername } if ($existing -eq $null) { & NET USER $SetUsername $SetPassword /add /y /expires:never & NET LOCALGROUP $group $SetUsername /add } else { $existing.SetPassword($SetPassword) } & WMIC USERACCOUNT WHERE "Name='$SetUsername'" SET PasswordExpires=FALSE Maruco 1
Recommended Posts
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
Register a new accountSign in
Already have an account? Sign in here.
Sign In Now