• How to create a user on a remote machine by verifying the list of passwords in a text file ?

    The script validates the username and password of the remote server, logs in with those credentials and creates user on that account.

  • @michael - I am not trying to add an AD user. I am trying to create new user and add the user to the Administrators group.

  • Hello,

    Could anyone please help with the powershell script to create a user and add it to Administrators group on Windows 2016 and 2019 servers.

    Thanks.

     

  • I am trying to register multiple Windows 2016 servers with WSUS. I am unable to register the Windows 2016 servers with WSUS and install patches with the help of WSUS.

  • Hi All,

    We are not able to patch Windows 2016 servers using WSUS. Could anyone please guide with any knowledge base ?

    Thanks.

  • @figueroa2david @michael-pietroforte Here in this command, for /f "tokens=1,2 delims=," %f in (computerlist.txt) do psexec -h %f -u <username> -p <password> net user <username> %g /add /description "local user or whatever text"

    <username> and <password> are still given as plain text in the above command even though the computer and passwords are given in computerlist.txt, how can we give without plain-text ?

    I would like to eliminate all the plain-text passwords in my psexec commands.

    Please elaborate.

  • @paolo @mkanakos How to remotely execute the commands in a secure way from one server onto another server which are not on same domain as well as on same domain ?

    I have Windows 2003 and 2008 servers to deal with.

  • @mkanakos @michael-pietroforte @paolo The user I am trying to create is not an AD user. I have to create a new user and add the user to local administrators group

  • I am trying to create a local administrator account on a Remote Windows Server 2003 and 2008. I am trying to list all the remote servers in a text-file and then trying to run a powershell script which executes on each server in the text-file and creates local administrator account. Currently, my script runs with an account that already has administrator rights on the remote systems.

    I am not able to create local admin account remotely on Windows 2003 and 2008 servers. How can I accomplish this ?

    Below is the script:

    #Define variables
    $computers = Get-Content C:Computers.txt
    $username = “test_user”
    $password = “xyz”
    $fullname = “local admin account”
    $local_security_group = “Administrators”
    $description = “Description”

    Foreach ($computer in $computers) {
    $users = $null
    $comp = [ADSI]”WinNT://$computer”

    #Check if username exists
    Try {
    $users = $comp.psbase.children | select -expand name
    if ($users -like $username) {
    Write-Host “$username already exists on $computer”}
    else {
    #Create the account

    $user = $comp.Create(“User”,”$username”)
    $user.SetPassword(“$password”)
    $user.Put(“Description”,”$description”)
    $user.Put(“Fullname”,”$fullname”)
    $user.SetInfo()
    #Set password to never expire
    #And set user cannot change password
    $ADS_UF_DONT_EXPIRE_PASSWD = 0x10000
    $ADS_UF_PASSWD_CANT_CHANGE = 0x40
    $user.userflags = $ADS_UF_DONT_EXPIRE_PASSWD + $ADS_UF_PASSWD_CANT_CHANGE
    $user.SetInfo()

    #Add the account to the local admins group
    $group = [ADSI]”WinNT://$computer/$local_security_group,group”
    $group.add(“WinNT://$computer/$username”)

    #Validate whether user account has been created or not
    $users = $comp.psbase.children | select -expand name
    if ($users -like $username) {
    Write-Host “$username has been created on $computer”
    }
    else {
    Write-Host “$username has not been created on $computer”
    }
    }
    }Catch {
    Write-Host “Error creating $username on $($computer.path): $($Error[0].Exception.Message)”
    }
    }

  • @gibon @swapnilkambli We don't have physical access. We have to access the server remotely and then create local admin account on the server

  • @gibon Please let me know What does it mean.

  • @gibon @swapnilkambli The PC is not in domain. It's a workgroup server.

  • I need to create an local admin account on remote machine without any admin rights. How is that possible ? @swapnilkambli

  • This script runs with an account that already has administrator rights on the remote systems. But how to create and add user to local admin group without administrator rights on remote system ?

    #Define variables
    $computers = Get-Content C:Computers.txt
    $username = "test_user"
    $password = "xyz"
    $fullname = "local admin account"
    $local_security_group = "Administrators"
    $description = "Description"

    Foreach ($computer in $computers) {
    $users = $null
    $comp = [ADSI]"WinNT://$computer"

    #Check if username exists
    Try {
    $users = $comp.psbase.children | select -expand name
    if ($users -like $username) {
    Write-Host "$username already exists on $computer"

    }

    else {
    #Create the account
    $user = $comp.Create("User","$username")
    $user.SetPassword("$password")
    $user.Put("Description","$description")
    $user.Put("Fullname","$fullname")
    $user.SetInfo()

    #Set password to never expire
    #And set user cannot change password
    $ADS_UF_DONT_EXPIRE_PASSWD = 0x10000
    $ADS_UF_PASSWD_CANT_CHANGE = 0x40
    $user.userflags = $ADS_UF_DONT_EXPIRE_PASSWD + $ADS_UF_PASSWD_CANT_CHANGE
    $user.SetInfo()

    #Add the account to the local admins group
    $group = [ADSI]"WinNT://$computer/$local_security_group,group"
    $group.add("WinNT://$computer/$username")

    #Validate whether user account has been created or not
    $users = $comp.psbase.children | select -expand name
    if ($users -like $username) {
    Write-Host "$username has been created on $computer"
    }
    else {
    Write-Host "$username has not been created on $computer"
    }
    }
    }

    Catch {
    Write-Host "Error creating $username on $($computer.path): $($Error[0].Exception.Message)"
    }
    }

  • Thank you Swapnil.

     

    Would this script be applicable for all the operating system versions below ?

    Windows Server 2000, Windows Server 2003, Windows Vista, Windows Server 2008, Windows Server 2003 R2, Windows Server 2000, Windows Server 2012, Windows Server 2003 with SP1, Windows 8

  • Hello,

    How to create a local user and add to local administrators group using a Powershell script with all possible error handling ?

    Thanks.

  • Nick posted a new activity comment 3 months ago

    I am new to the forum. How to ask a question in powershell forum ?

  • Nick posted an update in the group Group logo of PowerShellPowerShell 3 months ago

    How to create a local user and add to local administrators group with a Powershell script with all the error handling ?

  • Nick posted an update in the group Group logo of PowerShellPowerShell 3 months ago

    How to create a local user and add to local administrators group with a Powershell script with all the error handling ?

  • Nick joined the group Group logo of PowerShellPowerShell 3 months ago

  • Load More