Important Notice: On February 29th, this community was put into read-only mode. All existing posts will remain but customers are unable to add new posts or comment on existing. Please feel to join our Community Discord for any questions and discussions.

creating local admin account on remote pc

i am using LAPS.msi and trying to create local admin user on remote PC using this command "

msiexec /q /i <path>\LAPS.<platform>.msi CUSTOMADMINNAME=<name of custom local admin account>"

but it didn't create account. it did install LAPS package. is there way i can do both. i don't want to use GP to create local admin account. i have most of the Windows 7 devices.

 

thanks

sa




Deployment 79 76-lt-hr01 Step 1.txt
0

Comments

2 comments
Date Votes
  • You could do this to create a user account on the computer and then add that user to the local administrators group. replace [username] with your desired username and [password] with your desired password.

     

    net user [username] [password] /add

    net localgroup administrators [username] /add

    0
  • Found my 5y old batch :)

    -----

    :: create_local_PC_account.bat
    :: Create local pc account, password, description, disable password change, full name
    :: Password never expires
    :: Disable local built-in Administrator account
    :: Add new user to administrators group
    :: Remove new user from Users group
    :: NB! Beware plain text password. Set NTFS security on the batchfile or folder so only admins and the pdq sys account can open / read it.

    @echo off
    net user admin zuperzecretpass /add /comment:"Local PC Admin" /passwordchg:NO /fullname:"Admin"
    wmic useraccount where "name='admin'" set passwordexpires=FALSE
    wmic useraccount where name='administrator' set disabled='true'
    net localgroup "administrators" admin /add
    net localgroup "Users" admin /delete

    :: Some commands
    :: Create hidden admin account
    :: net user hiddenaccountusername supersecretpassword /add
    :: net localgroup "administrators" hidden /add
    :: Some other commands
    :: wmic useraccount where name='Administrator' call rename name='admin'
    :: net user administrator /active:no
    :: net localgroup "Power Users" admin /add
    exit

    0