Solved

Create local accounts on multiple servers

Posted on 2014-04-10
9
1,410 Views
Last Modified: 2014-04-11
Hi EE

Anyone have a script that will create multiple accounts on multiple servers?

Accounts.txt will have the account names:
Test1
Test2
Test2

servers listed in servers.txt
oh yeah .. they need to be added to the Local administrator group on each server
0
Comment
Question by:MilesLogan
9 Comments
 
LVL 19

Expert Comment

by:Raheman M. Abdul
ID: 39993536
Try this:

function create-account ([string]$accountName, [string]$accountDescription, [string]$hostname ) {
$comp = [adsi]"WinNT://$hostname"
$user = $comp.Create("User", $accountName)
$user.SetPassword("change")
$user.SetInfo()
$user.description = $accountDescription
$user.SetInfo()

$objOU = [ADSI]("WinNT://$hostname/Administrators,group")
$objOU.add("WinNT://$hostname/$accountName")
}

$servers =get-content "C:\temp\servers.txt"
foreach ($server in $servers)
{
$accounts = Get-Content "C:\temp\accounts.txt"
foreach ($account in $accounts)
 {
  create-account $account "" $server
 }
}



Checked using dos command:  
net user
net user Test1
0
 
LVL 70

Expert Comment

by:Chris Dent
ID: 39993555
Sure, no problem :)
# Hold this for later on
$Users = Get-Content accounts.txt

# The WinNT interface is complex at best. This lets us get properties from group members when we need to below.
$Properties = "AdsPath", "Name", "AccountDisabled", "Class", "Description"
[Array]$Select = Invoke-Expression "@{n='Server';e={ `$ServerName }}"
$Select += $Properties | ForEach-Object {    
  Invoke-Expression "@{n='$_';e={ `$_.GetType().InvokeMember('$_', 'GetProperty', `$null, `$_, `$null) }}"    
}

# Loop through the list of servers
Get-Content servers.txt | ForEach-Object {
  # If we can ping the server
  if (Test-Connection $_ -Quiet -Count 1) {

    $ServerName = $_    

    # Connect to the server. Connection is used to create users.
    $Server = [ADSI]"WinNT://$ServerName"

    # Connect to the administrators group so we can add members.
    $AdminGroup = [ADSI]"WinNT://$ServerName/Administrators, group"

    $Users | ForEach-Object {

      # Create the user
      $User = $Server.Create("user", $_)
      # Set a dull password
      $User.SetPassword("Password123")
      # Save the changes
      $User.SetInfo()

      # Add the new user to the admin group
      $AdminGroup.Add($User.Path)

      # Just a little bit of validation to do. This shows all (including new) members of the 
      # administrators group on the server.
      $AdminGroup.Members() | Select-Object $Select
    }

  } else {
    # If ping failed we'll say so.
    Write-Warning "Failed to connect to $_"
  }
}

Open in new window

Cheers!

Chris
0
 
LVL 70

Expert Comment

by:Chris Dent
ID: 39993559
Sorry Raheman, I should have refreshed before posting. Hopefully two similar methods are better than one :)

Cheers,

Chris
0
Netscaler Common Configuration How To guides

If you use NetScaler you will want to see these guides. The NetScaler How To Guides show administrators how to get NetScaler up and configured by providing instructions for common scenarios and some not so common ones.

 
LVL 65

Expert Comment

by:RobSampson
ID: 39993615
Theres a script here to do it with the Password Never Expires flag set.
http://mobile.experts-exchange.com/Programming/Languages/Visual_Basic/VB_Script/Q_26953782.html

Rob.
0
 
LVL 10

Expert Comment

by:Pramod Ubhe
ID: 39993881
You may find my accepted solution helpful in below link -

http://www.experts-exchange.com/OS/Microsoft_Operating_Systems/Windows/Q_28381551.html
0
 
LVL 2

Author Comment

by:MilesLogan
ID: 39994400
Thanks guys .. I tried Chris since it has mode details and more function .. Chris can you
also add the code to add a description to the new accounts ?
0
 
LVL 70

Accepted Solution

by:
Chris Dent earned 500 total points
ID: 39994695
Sure, it should only need this:
# Hold this for later on
$Users = Get-Content accounts.txt

# The WinNT interface is complex at best. This lets us get properties from group members when we need to below.
$Properties = "AdsPath", "Name", "AccountDisabled", "Class", "Description"
[Array]$Select = Invoke-Expression "@{n='Server';e={ `$ServerName }}"
$Select += $Properties | ForEach-Object {    
  Invoke-Expression "@{n='$_';e={ `$_.GetType().InvokeMember('$_', 'GetProperty', `$null, `$_, `$null) }}"    
}

# Loop through the list of servers
Get-Content servers.txt | ForEach-Object {
  # If we can ping the server
  if (Test-Connection $_ -Quiet -Count 1) {

    $ServerName = $_    

    # Connect to the server. Connection is used to create users.
    $Server = [ADSI]"WinNT://$ServerName"

    # Connect to the administrators group so we can add members.
    $AdminGroup = [ADSI]"WinNT://$ServerName/Administrators, group"

    $Users | ForEach-Object {

      # Create the user
      $User = $Server.Create("user", $_)
      # Tag on a description
      $User.Description = "New description"
      # Set a dull password
      $User.SetPassword("Password123")
      # Save the changes
      $User.SetInfo()

      # Add the new user to the admin group
      $AdminGroup.Add($User.Path)
    }

    # Just a little bit of validation to do. This shows all (including new) members of the 
    # administrators group on the server.
    $AdminGroup.Members() | Select-Object $Select

  } else {
    # If ping failed we'll say so.
    Write-Warning "Failed to connect to $_"
  }
}

Open in new window

The description can be read from the file if you wish (so it's unique to each account), just needs a bit of tweaking.

Chris
0
 
LVL 24

Expert Comment

by:Coralon
ID: 39995309
There is an easy batch file way to do this, if you allow access to the admin$ share, and get a copy of SysInternals PSExec. (http://technet.microsoft.com/en-us/sysinternals/bb897553).

for /f %f in (servers.txt) do for /f %A in (accounts.txt) do psexec \\%f net user %A <temppassword> /add
for /f %f in (servers.txt) do for /f %A in (accounts.txt) do psexec \\%f net localgroup administrators %A /add

Open in new window


Coralon
0
 
LVL 2

Author Closing Comment

by:MilesLogan
ID: 39995512
No worries , thanks you !! This saved me alot of time
0

Featured Post

PRTG Network Monitor: Intuitive Network Monitoring

Network Monitoring is essential to ensure that computer systems and network devices are running. Use PRTG to monitor LANs, servers, websites, applications and devices, bandwidth, virtual environments, remote systems, IoT, and many more. PRTG is easy to set up & use.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

OfficeMate Freezes on login or does not load after login credentials are input.
This script can help you clean up your user profile database by comparing profiles to Active Directory users in a particular OU, and removing the profiles that don't match.
This tutorial will show how to configure a new Backup Exec 2012 server and move an existing database to that server with the use of the BEUtility. Install Backup Exec 2012 on the new server and apply all of the latest hotfixes and service packs. The…
This tutorial will walk an individual through setting the global and backup job media overwrite and protection periods in Backup Exec 2012. Log onto the Backup Exec Central Administration Server. Examine the services. If all or most of them are stop…

825 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question