Setting up user workstation where i dont know username pwd combo

jamesmetcalf74
jamesmetcalf74 used Ask the Experts™
on
best work around to installing application for a user that has never logged into a windows 10 machine.  Is there anyway to set up a user profile completely for a user who is about to get a new machine issued to him.

example  
John Doe is currently working on a Windows 7 Workstation.
Jon Doe's new windows 10 workstation just arrived.  
i would like to set up his outlook fully, i would like to install his adobe photoshop fully and register it with his AdobeID(I will have the adobeID)
what i dont have and don't want is his windows username and password combination.

is there a way for me to set up application for this user without logging in as him?
Comment
Watch Question

Do more with

Expert Office
EXPERT OFFICE® is a registered trademark of EXPERTS EXCHANGE®
Distinguished Expert 2018
Commented:
No, nor (arguably) should you.  If they have a mail account, it also has a password.  Adobe ID's have passwords.  Those should be as unique and as private as their windows login password so doing those final setup steps *should* be done by them.  If you have their Adobe or Exchange passwords, there is a bigger procedure problem exposed in that type of environments.
William FulksSystems Analyst & Webmaster

Commented:
Assuming you are on a domain, you could reset his Windows password then login as him and do what you need to do. Then he can change it after he logs into it. Depends on what that might affect, though. Like if he has a laptop he uses outside the network, VPN access, cell phone email, etc. Some things you just can't do until the user has a profile setup.

Author

Commented:
Thanks guys -
you pretty much verified what I thought.  there isn't really a graceful, safe way to do this.
Natty GregIn Theory (IT)

Commented:
Thanks guys -
you pretty much verified what I thought.  there isn't really a graceful, safe way to do this.

Yes there is a safer ways to do it, ask client to log in, then load up the applications then ask client too log in the credential for adobe and others while you look away.
Distinguished Expert 2018

Commented:
Well, while you don't appear to be the OP, I wouldn't even agree with that approach.  There are ways and tools available to *install* programs; even programs that need to install per-user.  SCCM has allowed this for years.  Even Group Policy Software Installation can do this, though I don't recommend it.  Or you can make a "fat" gold image for deployment.

You don't need to ask the client to log in. You don't need to "look away."   The client simply logs into their machine.  Launches the program.  And logs in with their account.  Which can be *documented* and users can be trained on.   If you have an Office 365 subscription that has desktop apps, this is old hat.  Adobe subscriptions now operate very similarly.  The programs are pre-installed, and the user does a one-time setup that they can do themselves.  It is actually *quite* graceful in my opinion.  

You can even go one step further and if the programs support SAML logins (both office 365 and Adobe can) and you use something like Azure AD, the login can be transparent.  Even in a traditional AD domain, if you use windows 10 and set up hybrid join, it works seamlessly.

But back to the OP's original question, *PRECONFIGURING* these apps "as him" would require sharing "secret" knowledge, which is inherently bad practice and was what I was recommending against.  There is nothing wrong with letting the program configure at the time the *actual* user logs in (either seamless via SSO, or as a documented set of easy-to-follow steps), and most users will be more comfortable with that than they would be sharing passwords, which only encourages bad habits.

As "passwordless" logins start gaining traction, this will only become *more* important.  Fostering good habits and making long-term plans now for management of these scenarios is important.  Hacky workarounds are not the way to do this.  That doesn't make the process "not graceful."   Not any more than requiring users to log into windows (which has been a business standard for how many decades?)  would be considered "not graceful."

Do more with

Expert Office
Submit tech questions to Ask the Experts™ at any time to receive solutions, advice, and new ideas from leading industry professionals.

Start 7-Day Free Trial