Powershell : Script a "local admin" user on multiple servers.

byartic6 -
0


Quick script that remotely creates a local admin server in some remote servers with the same password for that local account, all you need to do is specify the servers in the $servers variable and let it run.

The password will be stored in a file calledAdminPassword.txt which will conform to the requirements in the code for length and number of non-alphanumeric characters.

Script : CreateLocalUserasAdmin.ps1

# List of servers where the account needs to be created
$servers = @(
    "bearwrk1.bear.local",
    "bearwrk2.bear.local",
    "bearwrk3.bear.local"
)

# Generate a random password
Function New-RandomPassword {
    # Define password requirements
    $length = 35
    $nonAlphaChars = 5   
    Add-Type -AssemblyName System.Web
    $password = [System.Web.Security.Membership]::GeneratePassword($length, $nonAlphaChars)   
    return $password
}

# Generate one random password to be used across all servers
$password = New-RandomPassword
$securePassword = ConvertTo-SecureString $password -AsPlainText -Force

# Store the password in a text file for reference
$password | Out-File -FilePath ".\AdminPassword.txt"

# Username for the new account
$username = "local_admin"

# Create the account on each server
foreach ($server in $servers) {
    try {
        Write-Host "Creating account on $server..."       

        # Create new local user
        $Computer = [ADSI]"WinNT://$server,computer"
        $User = $Computer.Create("user", $username)
        $User.SetPassword($password)
        $User.SetInfo()        

        # Set user properties
        $User.Description = "Remote Scripted Account"
        $User.UserFlags = 65536 # ADS_UF_DONT_EXPIRE_PASSWD
        $User.SetInfo()

        # Add user to administrators group
       $Group = [ADSI]"WinNT://$server/Administrators,group"
        $Group.Add("WinNT://$server/$username,user")       
       Write-Host "Successfully created administrator account on $server" -ForegroundColor Green
    }
    catch [System.Exception] {
        Write-Host "Error creating account on $server`: $($_.Exception.Message)" -ForegroundColor Red
    }
}

Write-Host "`nAccount creation complete. The password has been saved to AdminPassword.txt"
Write-Host "Please store this password securely and delete the text file after recording it elsewhere."

Tags
Previous Post Next Post

نموذج الاتصال