Solved

Create local accounts on multiple servers

Posted on 2014-04-10
9
1,501 Views
Last Modified: 2014-04-11
Hi EE

Anyone have a script that will create multiple accounts on multiple servers?

Accounts.txt will have the account names:
Test1
Test2
Test2

servers listed in servers.txt
oh yeah .. they need to be added to the Local administrator group on each server
0
Comment
Question by:MilesLogan
9 Comments
 
LVL 19

Expert Comment

by:Raheman M. Abdul
ID: 39993536
Try this:

function create-account ([string]$accountName, [string]$accountDescription, [string]$hostname ) {
$comp = [adsi]"WinNT://$hostname"
$user = $comp.Create("User", $accountName)
$user.SetPassword("change")
$user.SetInfo()
$user.description = $accountDescription
$user.SetInfo()

$objOU = [ADSI]("WinNT://$hostname/Administrators,group")
$objOU.add("WinNT://$hostname/$accountName")
}

$servers =get-content "C:\temp\servers.txt"
foreach ($server in $servers)
{
$accounts = Get-Content "C:\temp\accounts.txt"
foreach ($account in $accounts)
 {
  create-account $account "" $server
 }
}



Checked using dos command:  
net user
net user Test1
0
 
LVL 71

Expert Comment

by:Chris Dent
ID: 39993555
Sure, no problem :)
# Hold this for later on
$Users = Get-Content accounts.txt

# The WinNT interface is complex at best. This lets us get properties from group members when we need to below.
$Properties = "AdsPath", "Name", "AccountDisabled", "Class", "Description"
[Array]$Select = Invoke-Expression "@{n='Server';e={ `$ServerName }}"
$Select += $Properties | ForEach-Object {    
  Invoke-Expression "@{n='$_';e={ `$_.GetType().InvokeMember('$_', 'GetProperty', `$null, `$_, `$null) }}"    
}

# Loop through the list of servers
Get-Content servers.txt | ForEach-Object {
  # If we can ping the server
  if (Test-Connection $_ -Quiet -Count 1) {

    $ServerName = $_    

    # Connect to the server. Connection is used to create users.
    $Server = [ADSI]"WinNT://$ServerName"

    # Connect to the administrators group so we can add members.
    $AdminGroup = [ADSI]"WinNT://$ServerName/Administrators, group"

    $Users | ForEach-Object {

      # Create the user
      $User = $Server.Create("user", $_)
      # Set a dull password
      $User.SetPassword("Password123")
      # Save the changes
      $User.SetInfo()

      # Add the new user to the admin group
      $AdminGroup.Add($User.Path)

      # Just a little bit of validation to do. This shows all (including new) members of the 
      # administrators group on the server.
      $AdminGroup.Members() | Select-Object $Select
    }

  } else {
    # If ping failed we'll say so.
    Write-Warning "Failed to connect to $_"
  }
}

Open in new window

Cheers!

Chris
0
 
LVL 71

Expert Comment

by:Chris Dent
ID: 39993559
Sorry Raheman, I should have refreshed before posting. Hopefully two similar methods are better than one :)

Cheers,

Chris
0
Problems using Powershell and Active Directory?

Managing Active Directory does not always have to be complicated.  If you are spending more time trying instead of doing, then it's time to look at something else. For nearly 20 years, AD admins around the world have used one tool for day-to-day AD management: Hyena. Discover why

 
LVL 65

Expert Comment

by:RobSampson
ID: 39993615
Theres a script here to do it with the Password Never Expires flag set.
http://mobile.experts-exchange.com/Programming/Languages/Visual_Basic/VB_Script/Q_26953782.html

Rob.
0
 
LVL 10

Expert Comment

by:Pramod Ubhe
ID: 39993881
You may find my accepted solution helpful in below link -

http://www.experts-exchange.com/OS/Microsoft_Operating_Systems/Windows/Q_28381551.html
0
 
LVL 2

Author Comment

by:MilesLogan
ID: 39994400
Thanks guys .. I tried Chris since it has mode details and more function .. Chris can you
also add the code to add a description to the new accounts ?
0
 
LVL 71

Accepted Solution

by:
Chris Dent earned 500 total points
ID: 39994695
Sure, it should only need this:
# Hold this for later on
$Users = Get-Content accounts.txt

# The WinNT interface is complex at best. This lets us get properties from group members when we need to below.
$Properties = "AdsPath", "Name", "AccountDisabled", "Class", "Description"
[Array]$Select = Invoke-Expression "@{n='Server';e={ `$ServerName }}"
$Select += $Properties | ForEach-Object {    
  Invoke-Expression "@{n='$_';e={ `$_.GetType().InvokeMember('$_', 'GetProperty', `$null, `$_, `$null) }}"    
}

# Loop through the list of servers
Get-Content servers.txt | ForEach-Object {
  # If we can ping the server
  if (Test-Connection $_ -Quiet -Count 1) {

    $ServerName = $_    

    # Connect to the server. Connection is used to create users.
    $Server = [ADSI]"WinNT://$ServerName"

    # Connect to the administrators group so we can add members.
    $AdminGroup = [ADSI]"WinNT://$ServerName/Administrators, group"

    $Users | ForEach-Object {

      # Create the user
      $User = $Server.Create("user", $_)
      # Tag on a description
      $User.Description = "New description"
      # Set a dull password
      $User.SetPassword("Password123")
      # Save the changes
      $User.SetInfo()

      # Add the new user to the admin group
      $AdminGroup.Add($User.Path)
    }

    # Just a little bit of validation to do. This shows all (including new) members of the 
    # administrators group on the server.
    $AdminGroup.Members() | Select-Object $Select

  } else {
    # If ping failed we'll say so.
    Write-Warning "Failed to connect to $_"
  }
}

Open in new window

The description can be read from the file if you wish (so it's unique to each account), just needs a bit of tweaking.

Chris
0
 
LVL 25

Expert Comment

by:Coralon
ID: 39995309
There is an easy batch file way to do this, if you allow access to the admin$ share, and get a copy of SysInternals PSExec. (http://technet.microsoft.com/en-us/sysinternals/bb897553).

for /f %f in (servers.txt) do for /f %A in (accounts.txt) do psexec \\%f net user %A <temppassword> /add
for /f %f in (servers.txt) do for /f %A in (accounts.txt) do psexec \\%f net localgroup administrators %A /add

Open in new window


Coralon
0
 
LVL 2

Author Closing Comment

by:MilesLogan
ID: 39995512
No worries , thanks you !! This saved me alot of time
0

Featured Post

On Demand Webinar - Networking for the Cloud Era

This webinar discusses:
-Common barriers companies experience when moving to the cloud
-How SD-WAN changes the way we look at networks
-Best practices customers should employ moving forward with cloud migration
-What happens behind the scenes of SteelConnect’s one-click button

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

OfficeMate Freezes on login or does not load after login credentials are input.
The Nano Server Image Builder helps you create a custom Nano Server image and bootable USB media with the aid of a graphical interface. Based on the inputs you provide, it generates images for deployment and creates reusable PowerShell scripts that …
This tutorial will show how to push an installation of Backup Exec to an additional server in both 2012 and 2014 versions of the software. Click on the Backup Exec button in the upper left corner. From here, select Installation and Licensing, then I…
This Micro Tutorial hows how you can integrate  Mac OSX to a Windows Active Directory Domain. Apple has made it easy to allow users to bind their macs to a windows domain with relative ease. The following video show how to bind OSX Mavericks to …

733 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question