• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 823
  • Last Modified:

create an account through logon script

I would like to create an account "Administrator" which is a domain administrator account, in each machine on the network.
My script will be like:
when you go to Control Panels--->User Accounts---Add, then you enter user name and domain.


I am in Windows 2000 domain.

Thanks,
0
Chuckbuchan
Asked:
Chuckbuchan
  • 4
  • 3
  • 3
  • +2
1 Solution
 
luv2smileCommented:
I'm not sure I understand your question.

To be able to create a domain admin account then you need to be logged onto the server as a domain admin. The domain admin account is not a local account...it is a domain account so you don't need to create one for each workstation.
0
 
virtuoso1Commented:
If you read the first part of the question, it seems you want a local admin account, but the last part makes it seem like you want a domain admin account.  
0
 
ChuckbuchanAuthor Commented:
Actually the reason why I want to do that is, I am deploying Panda communication agents , and when it gets to some workstations it asks for user name and password. since I have the domain Admin password I would like to create it in each workstation through logon script, then whenever The Panda (antivirus software) asks for username and password I can enter it.
thanks
0
NEW Veeam Agent for Microsoft Windows

Backup and recover physical and cloud-based servers and workstations, as well as endpoint devices that belong to remote users. Avoid downtime and data loss quickly and easily for Windows-based physical or public cloud-based workloads!

 
luv2smileCommented:
By default...when you add a computer to the domain...the domain admins group should be added to the local admin group of that computer. If not, you can do this via group policy. Is the domain admins group listed as a part of the local admin group on your computers?

0
 
_Jochen_Commented:
hi,
i´m not sure what you want to create.
First thing, never create a user via logon script because every user can read this script and can see the password for this user !!!
What´s the way you are deploying the panda agents ? Normaly you must have an Account which is in the local Admin Group to install the agent.
Do you want to add a domain Account into the local Admin group of a computer ?
--> you cannot do that, because you need Admin privileges to do this and logon script is running in user context.

Please tell us exacty what you want to do and how do you deploy the agents (Managment Software, Group Policy ,...)

cheers, jochen.
0
 
luv2smileCommented:
I agree. I still don't understand the question.

Are you logged into the computer as a local admin when deploying the panda agents?
0
 
ChuckbuchanAuthor Commented:
I can manually add Administrator account and the name of the domain through Control Panel---->User Accounts, why can't I add it through a script?

there is a domain admins group added to the local administrators group, but there is no Administrator user account added to the local administrators group until I add it manually.



thanks
0
 
_anom_Commented:
Here are the commands you would add to the batch file/logon script:
---begin---
net user /add panda
net localgroup administrators /add panda
net user panda pandapass
---end---

those commands will add the local user panda, add it to the local admins group, and set it's password to pandapass (respectively).  Obviously, you can change the username and password values as needed.  Note, however, that anyone reading your logon script would immediately have knowledge of an administrative logon on the local computers, so i would 1. make the logon script readable only by you and 2. delete it as soon as you are done.

Cheers
0
 
_Jochen_Commented:
anon is riht with his command, but to do this, you have to logon with an admin account.
you say that the local user called Administrator is not in the local admin group ?
Which Accounts are in these Group ? In which local Group ist the local Account Administrator.
Maybe it is renamed via Group Policy ?
cheers, jochen.
0
 
_Jochen_Commented:
another possibility to create or modify accounts or groups is this one:
1.) create a visual basic scipt (or WSH) which add the Administrator to the local Admin Group.
2.) encrypt the script
3.) use this script via Group Policy as logon / logff script on the clients and run it with elevated privileges.
cheers, jochen.

0
 
ChuckbuchanAuthor Commented:
anom: your batch file is good. but let me explain to you what I need.

I have a domain name =Mydomain
I have a user account= Administrator

I would like to have after running your batch file, to find on the user accounts:
User name=Administrator
domain=Mydomain
group=Administrators.


thanks
0
 
_anom_Commented:
Hmm, I don't think I'm understanding you correctly

I thought you meant you wanted a LOCAL machine account to be created with LOCAL administrative privileges.  If you want a DOMAIN account with DOMAIN administrative priviliges, then you only need one account to do it.  If you have a DOMAIN account that needs to have LOCAL administrative priviliges, then you would just put in the line

net localgroup administrators /add mydomain\useracct

If it's something else you require, please explain as I am quite lost on what you need ;)

Cheers
0
 
ChuckbuchanAuthor Commented:
To anom: your batch file worked just fine now. thank you so much.

I  have another question that I am gonna ask separately. you may know the answer for it. it's 500 points.

I will post it in a minute.
0

Featured Post

New feature and membership benefit!

New feature! Upgrade and increase expert visibility of your issues with Priority Questions.

  • 4
  • 3
  • 3
  • +2
Tackle projects and never again get stuck behind a technical roadblock.
Join Now