PowerShell. You can create a password as a secure string, put that in your script and then decode it to set the password for the user.
Daniel Ratliff From: [email protected] [mailto:[email protected]] On Behalf Of Gary Ossewaarde Sent: Wednesday, June 18, 2014 2:32 PM To: [email protected] Subject: [mssms] Create Local User on all Domain Computers Due to an out-of-town user not being able to access his account (something strange happened with the cached creds), I've been asked to create a local (non-admin) account on all domain-joined machines so in such cases, helpdesk can provide this local account username/password and they can login, setup VPN, and switch user. I can easily do this with a batch file (net user) but have the added requirement the password does not appear in plaintext on the system (e.g., in the ccmcache). Any good ways of doing this? Additionally, is it a best practice to disable and randomize the Administrator account's password (as possible in OSD) and have a separate local admin, named differently? What are other people doing? Thanks, Gary The information transmitted is intended only for the person or entity to which it is addressed and may contain CONFIDENTIAL material. If you receive this material/information in error, please contact the sender and delete or destroy the material/information.
