Recently I needed a quick way to add local users to my Windows Servers running 2008 R2. Previously I have been using the “net” command for this, but I lacked some features. So, I took a look into PowerShell to find out what I could do. After some trial and error I finally got it to work as desired:
function create-account ([string]$accountName, [string]$accountDescription) {
$hostname = hostname
$comp = [adsi]“WinNT://$hostname”
$user = $comp.Create(“User”, $accountName)
$user.SetPassword(“change,password.10″)
$user.SetInfo()
$user.description = $accountDescription
$user.SetInfo()
$User.UserFlags[0] = $User.UserFlags[0] -bor 0×10000 #ADS_UF_DONT_EXPIRE_PASSWD flag is 0×10000
$user.SetInfo()
$objOU = [ADSI]“WinNT://$hostname/Administrators,group”
$objOU.add(“WinNT://$hostname/$accountName”)
$objOU = [ADSI]“WinNT://$hostname/Remote Desktop Users,group”
$objOU.add(“WinNT://$hostname/$accountName”)
}
create-account “testuser2″ “Some Description”
The above function adds a local user to Windows, and sets the following properties:
- Added to local Administrator group
- Added to local Remove Desktop Users group (enables the users to use Remote Desktop)
- Set the password to Never Expire
