The following script is an example of adding and removing a domain
account (we use a domain group but you can work with individual users)
to/from a local account on a domain member computer. Apply the script to
the machine startup.
'adds DOMAIN GROUP to local admin group and removes it from power users
group
on error resume Next
Dim DomainName
Dim UserAccount
Set net = WScript.CreateObject("WScript.Network")
local = net.ComputerName
DomainName = "DOMAIN NAME HERE"
UserAccount = "DOMAIN GROUP HERE"
'removes DOMAIN GROUP Users from local power users group
set group = GetObject("WinNT://"& local &"/power users")
group.Remove "WinNT://"& DomainName &"/"& UserAccount &""
'Adds DOMAIN GROUP to loacal administrators group
set group = GetObject("WinNT://"& local &"/administrators")
group.Add "WinNT://"& DomainName &"/"& UserAccount &""
-----Original Message-----
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of
[EMAIL PROTECTED]
Sent: Tuesday, February 15, 2005 11:25 AM
To: [email protected]
Cc: [email protected]; [EMAIL PROTECTED]
Subject: RE: [ActiveDir] Create Local Account via GPO?
Hi All
You could add the following line into a startup script - that would
apply to every computer in the OU.
net user accountname accountpassword /add
This line will add that user to the local admin group
net localgroup Administrators /add accountname
Randy Barger wrote a nice script called changepwdservers.vbs that will
then reset the password on all the local machines once the user is
created so it does not end up being easily found in the script itself.
Regards;
James R. Day
Active Directory Core Team
Office of the Chief Information Officer
National Park Service
(202) 354-1464 (direct)
(202) 371-1549 (fax)
[EMAIL PROTECTED]
|---------+-------------------------------------->
| | Jorge de Almeida Pinto |
| | <[EMAIL PROTECTED]|
| | icacmg.com> |
| | Sent by: |
| | [EMAIL PROTECTED]|
| | dir.org |
| | |
| | |
| | 02/15/2005 04:32 PM CET |
| | Please respond to ActiveDir|
|---------+-------------------------------------->
>-----------------------------------------------------------------------
-------------------------------------------------------|
|
|
| To: [email protected]
|
| cc: (bcc: James Day/Contractor/NPS)
|
| Subject: RE: [ActiveDir] Create Local Account via GPO?
|
>-----------------------------------------------------------------------
-------------------------------------------------------|
Hi,
You could create a script that uses some list with computers, pings
those computer and creates a local user account with ADDUSERS.EXE (and
if needed in combination with CUSRMGR) or create a Vbscript that checks
if the computer is up and creates the account if it does not exist yet
Cheers
jorge
-----Original Message-----
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of Harding, Devon
Sent: dinsdag 15 februari 2005 15:16
To: [email protected]
Subject: [ActiveDir] Create Local Account via GPO?
How can I create a local user on all my XP workstation using GPOs?
Devon Harding
Windows Systems Engineer
Southern Wine & Spirits - GSD
954-602-2469
-----------------------------------------
__________________________________ This message and any attachments are
solely for the intended recipient and may contain confidential or
privileged information. If you are not the intended recipient, any
disclosure, copying, use or distribution of the information included in
the message and any attachments is prohibited. If you have received
this communication in error, please notify us by reply e-mail and
immediately and permanently delete this message and any attachments.
Thank You.
List info : http://www.activedir.org/List.aspx
List FAQ : http://www.activedir.org/ListFAQ.aspx
List archive:
http://www.mail-archive.com/activedir%40mail.activedir.org/
This e-mail and any attachment is for authorised use by the intended
recipient(s) only. It may contain proprietary material, confidential
information and/or be subject to legal privilege. It should not be
copied, disclosed to, retained or used by, any other party. If you are
not an intended recipient then please promptly delete this e-mail and
any attachment and all copies and inform the sender. Thank you.
List info : http://www.activedir.org/List.aspx
List FAQ : http://www.activedir.org/ListFAQ.aspx
List archive:
http://www.mail-archive.com/activedir%40mail.activedir.org/
List info : http://www.activedir.org/List.aspx
List FAQ : http://www.activedir.org/ListFAQ.aspx
List archive:
http://www.mail-archive.com/activedir%40mail.activedir.org/
Confidentiality Notice: The information contained in this message may be
legally privileged and confidential information intended only for the use of
the individual or entity named above. If the reader of this message is not the
intended recipient, or the employee or agent responsible to deliver it to the
intended recipient, you are hereby notified that any release, dissemination,
distribution, or copying of this communication is strictly prohibited. If you
have received this communication in error please notify the author immediately
by replying to this message and deleting the original message. Thank you.
List info : http://www.activedir.org/List.aspx
List FAQ : http://www.activedir.org/ListFAQ.aspx
List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/
