MJCS
asked on
Is there a way to remove and/or create local user accounts through gpo?
Is there any way to remove or add Local User accounts using your domain's group policy?
I have a bunch of local admin accounts on the network that I would love to delete without doing them one by one as they have no password protection.
Also, I would love to create new ones through GPO as well.
I have a bunch of local admin accounts on the network that I would love to delete without doing them one by one as they have no password protection.
Also, I would love to create new ones through GPO as well.
It can be done by running a computer account GPO to run a login script. Below are sample commands:
net user /add jim.smith P@$$w0rd1 (create user jim.smith with password of P@$$w0rd1)
net localgroup administrator jim.smith /add (add jim.smith to local administrators groups)
net localgroup administrators domain1\user1 (add user1 from domain1 to local administrators group)
net user /add jim.smith P@$$w0rd1 (create user jim.smith with password of P@$$w0rd1)
net localgroup administrator jim.smith /add (add jim.smith to local administrators groups)
net localgroup administrators domain1\user1 (add user1 from domain1 to local administrators group)
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
This will remove any user account from the administrators group. You can't create or delete accounts via Gpo, but you can control access to wha those accounts can do.