[Last Call] Learn how to a build a cloud-first strategyRegister Now

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 415
  • Last Modified:

Creating local users for a group of computers using GPO

Hi,

I have windows 2008 DC and I have around 100 clients connected to DC. In that I want to create a local user called 'serviceaccount' in 50 systems and they are under one OU called "roaming"

I tried to do the same using http://blog.korteksolutions.com/how-to-create-local-accounts-via-group-policy/
http://www.techrepublic.com/blog/datacenter/deploy-local-accounts-via-group-policy/2880

But it did not worked..It is not showing the accounts in local systems. I tried with windowx XP SP2 client

what might be the cause.

thnaks
0
vneedhelp
Asked:
vneedhelp
1 Solution
 
oBdACommented:
That's because this is a group policy preference which has been introduced long after XP has been released. Having a W2k8 DC is not enough, you need to install the Group Policy Preference Client Side Extensions to be able to use them on XP.
Information about new Group Policy preferences in Windows Server 2008
http://support.microsoft.com/kb/943729
0
 
kevinhsiehCommented:
You should also upgrade those systems to SP3 anyway so you can get the security updates since July 13, 2010. You can't get any new XP related updates until you go to SP3.

http://www.daniweb.com/hardware-and-software/microsoft-windows/windows-nt-2000-xp/news/287954
0
 
chakkoCommented:
You should be able to do this as is with restricted Groups policy

see here for more information

http://www.windowsecurity.com/articles/using-restricted-groups.html

0
Creating Active Directory Users from a Text File

If your organization has a need to mass-create AD user accounts, watch this video to see how its done without the need for scripting or other unnecessary complexities.

 
oBdACommented:
Another way to do that without having to install the GPPCSE would be a computer startup script, for example as batch:
@echo off
net user "Serviceaccount" "NotSoSecretPassword" /add

Open in new window

But that's a security risk, and it's something that you have to know is happening in this script, unlike the Preferences where you can directly see what's going on.

chakko,
Restricted Groups policies can't create users, neither local nor in the domain; they only control membership in/of existing groups and existing users.
0
 
vneedhelpAuthor Commented:
I updated to XP SP3 and also tried in windows 7, but in both are not working..

I did the same step what is mentioned in the above article
0
 
johnb6767Commented:
Not sure why obda's suggestion didnt work. Should be a very simple way to do it....
0
 
chakkoCommented:

you might try this to see if there is any error message
net user "Serviceaccount" "NotSoSecretPassword" /add > c:\output.txt

then check c:\output.txt for any message
0
 
chakkoCommented:

If you don't mind using Kix for a script then here is a page with several useful functions.

For your startup script you need something like this (I just put into a .bat file)

\\server\share\kix32.exe \\server\share\adduser.kix        --see code attached and put into a text file adduser.kix

On the is page (source of function) there is another to add the user to local admin group

http://www.kixtart.org/forums/ubbthreads.php?ubb=showflat&Number=191051

Lastly, you can 'scramble' the adduser.kix file to that is it unreadable.

kix32 adduser.kix /t         that will output a file name adduser.kx

to run it:   \\server\share\kix32.exe  \\server\share\adduser.kx





CreateLocalUser(Username, Password, "some description")


Function CreateLocalUser($strName, $strPassword, $Description)
	;DESCRIPTION : Attempts to create a local user account
	
	Dim $strComputer, $objComputer, $objUser  
	;Set Variables
	$strComputer = @WKSTA
	;Create Object
	$objComputer = GetObject("WinNT://" + $strComputer)
	;Create object of class user on the computer.  
	$objUser = $objComputer.Create("user", $strName)  
	$objUser.Put("description", $Description)
	;Save changes.  
	$objUser.SetInfo
	;set password.  
	$objUser.SetPassword($strPassword)
	$objUser.SetInfo  
EndFunction

Open in new window

0
 
chakkoCommented:
www.kixtart.org for download and information
0

Featured Post

VIDEO: THE CONCERTO CLOUD FOR HEALTHCARE

Modern healthcare requires a modern cloud. View this brief video to understand how the Concerto Cloud for Healthcare can help your organization.

Tackle projects and never again get stuck behind a technical roadblock.
Join Now