Script needed to run on a 2012 R2 domain controller

I need a powershell script that will create  (from a remote DC) a local account on several hundred servers with the Full Name and Description populated.  Then set the account to "User cannot change password " and also "password never expires".  The input for this script will be a flat text file from a network drive.  I need the script to then verify to a file and host screen the addition and setting for the newly created account.
Rusty WaltzSystems AdministratorAsked:
Who is Participating?
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

Justin EvansCommented:
This script should help you on your way

save it with a .ps1 extention

[CmdletBinding()]
Param(
    [string[]$ComputerName = $env:COMPUTERNAME,
 
    [Parameter(Mandatory=$true)]
    [ValidateSet("Group","User")]
    [string]$ObjectType,
 
    [Parameter(Mandatory=$true)]
    [string]$ObjectName
)
 
if($ObjectType -eq "User") {
    $PasswordForUser = Read-Host -Prompt "Enter a password for user account" -AsSecureString
    $BSTR = [System.Runtime.InteropServices.Marshal]::SecureStringToBSTR($PasswordForUser)
    $PlainPassword = [System.Runtime.InteropServices.Marshal]::PtrToStringAuto($BSTR)
}
 
foreach($Computer in $ComputerName) {
   Write-Host "Working on $Computer"
   if(Test-Connection -ComputerName $Computer -count 1 -Quiet) {
        try {
            $CompObject = [ADSI]"WinNT://$Computer"
            $NewObj = $CompObject.Create("$ObjectType",$ObjectName)
            if($ObjectType -eq "User") {
                $NewObj.SetPassword($PlainPassword)
            }
            $NewObj.SetInfo()
           
            Write-Host "$ObjectTYpe with the name $ObjectName created successfully" -ForegroundColor Green
        } catch {
            Write-Warning "Error occurred while creating the group"
            Write-Verbose "More details : $_"
 
        }
   } else {
        Write-Warning "$Computer is not online"
   }
0
Justin EvansCommented:
then run with the following syntax

$Targets = Get-Content c:\share\computers.txt
.\New-LocalObject.ps1 -ComputerName $Targets -ObjectType Group -ObjectName AppGroup1
0
DBAduck - Ben MillerPrincipal ConsultantCommented:
You could use the New-LocalUser cmdlet on each of the servers with either Invoke-Command or remoting.  Here is the reference. You should also make sure that your servers have WMF 5.1 on them so that you can take advantage of other good things.

https://docs.microsoft.com/en-us/powershell/module/microsoft.powershell.localaccounts/new-localuser?view=powershell-5.1
0
Rusty WaltzSystems AdministratorAuthor Commented:
Does this run remotely on my DC and update the servers in the text file I provide.  I know I have some minor things to do to point this correctly,  but I did not see where the references for calling the Server from the DC.   I don't want all servers just what is in the text file.......  Also,  where is the code for populating the Description and Full Name?
0
DBAduck - Ben MillerPrincipal ConsultantCommented:
This can run on your DC, but you would have to run it in Invoke-Command with reference to the ComputerName in a parameter using the servers you have in the txt file.  There are other ways to do this but this should give you an idea of how it works.

$pass = Read-Host -Prompt "Enter a Password:" -AsSecureString
foreach($server in (gc c:\path\file.txt)) { param ($password)
     Invoke-Command -ComputerName $server -ScriptBlock { New-LocalUser -Name username -AccountNeverExpires -UserMayNotChangePassword -FullName "This is the full Name" -Description "This is the description" -Password $password } -ArgumentList $pass
} 

Open in new window

1

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Powershell

From novice to tech pro — start learning today.

Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.