Jump to content

Create local admin account with rotating credentials

Recommended Posts

I am looking fo a script that I can deploy where Pulseway can check to see if a specific local admin account has been created.  If not have it create it.  With that local admin account, there is a rotating password, which is recorded in a report per computer.

Link to post
Share on other sites
  • 2 weeks later...
  • 3 weeks later...

So here is a script that I use and just set it up on a schedule.  What it does is create a local and/or domain account with the specified user name and password.  I can run it manually, on an individual system basis or through a workflow.   The only minor drawback is that the password is listed in plain text.  But my justification for this is that anyone internal to my organization is going to have access to this anyway.  Its not visible to the client or anyone else.


# Inputs
$SetPassword = "Password Here"
$SetUserName = "User Name Here"
$group = "Administrators"

$adsi = [ADSI]"WinNT://$env:COMPUTERNAME"
$existing = $adsi.Children | where {$_.SchemaClassName -eq 'user' -and $_.Name -eq $SetUsername }

if ($existing -eq $null) {

    & NET USER $SetUsername $SetPassword /add /y /expires:never
    & NET LOCALGROUP $group $SetUsername /add

else {

& WMIC USERACCOUNT WHERE "Name='$SetUsername'" SET PasswordExpires=FALSE

Link to post
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.

Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

  • Create New...