?
Solved

Need script of batch to create new local admin account

Posted on 2011-10-13
3
Medium Priority
?
485 Views
Last Modified: 2012-05-12
I am wanting to batch create a local admin account on all domain workstations using a batch or script and also set the password for such account.  I would also like to then disable to built-in local admin account on those same machines.
0
Comment
Question by:murryc
  • 2
3 Comments
 
LVL 65

Accepted Solution

by:
RobSampson earned 2000 total points
ID: 36966124
Hi, this VBScript should work.

Regards,

Rob.
Set objNetwork = CreateObject("WScript.Network")
strComputer = objNetwork.ComputerName
strNewUsername = "Admin2"
strNewPassword = "AdminPass"

Set colAccounts = GetObject("WinNT://" & strComputer & "")
Set objUser = colAccounts.Create("user", strNewUsername)
objUser.SetPassword strNewPassword
objUser.SetInfo

Set objGroup = GetObject("WinNT://" & strComputer & "/Administrators,group" ) 
objGroup.Add objUser.ADsPath

Set objUser = GetObject("WinNT://" & strComputer & "/Administrator,user")
objUser.AccountDisabled = True
objUser.SetInfo

Open in new window

0
 

Author Comment

by:murryc
ID: 36966150
How best to run this against all of the computers on the network in a batch execution?  psexec?
0
 
LVL 65

Expert Comment

by:RobSampson
ID: 36966163
Is it possible to assign it as a StartUp script? That would probably be easiest.

Otherwise, yeah, you can use PSExec to run it against a list of computers.

Something like this should work:
psexec @computers.txt -accepteula -u domain\admin -p password wscript.exe //B \\server\share\CreateAdminAccount.vbs

Regards,

Rob.
0

Featured Post

Industry Leaders: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Here's a look at newsworthy articles and community happenings during the last month.
This process allows computer passwords to be managed and secured without using LAPS. This is an improvement on an existing process, enhanced to store password encrypted, instead of clear-text files within SQL
This tutorial will walk an individual through the process of transferring the five major, necessary Active Directory Roles, commonly referred to as the FSMO roles to another domain controller. Log onto the new domain controller with a user account t…
There are cases when e.g. an IT administrator wants to have full access and view into selected mailboxes on Exchange server, directly from his own email account in Outlook or Outlook Web Access. This proves useful when for example administrator want…

850 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question