Last active
January 15, 2025 08:20
-
-
Save ducas/3a65704a3b92dfa0301e to your computer and use it in GitHub Desktop.
Create a local administrator account using PowerShell
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| $Username = "su" | |
| $Password = "password" | |
| $group = "Administrators" | |
| $adsi = [ADSI]"WinNT://$env:COMPUTERNAME" | |
| $existing = $adsi.Children | where {$_.SchemaClassName -eq 'user' -and $_.Name -eq $Username } | |
| if ($existing -eq $null) { | |
| Write-Host "Creating new local user $Username." | |
| & NET USER $Username $Password /add /y /expires:never | |
| Write-Host "Adding local user $Username to $group." | |
| & NET LOCALGROUP $group $Username /add | |
| } | |
| else { | |
| Write-Host "Setting password for existing local user $Username." | |
| $existing.SetPassword($Password) | |
| } | |
| Write-Host "Ensuring password for $Username never expires." | |
| & WMIC USERACCOUNT WHERE "Name='$Username'" SET PasswordExpires=FALSE |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
lets just hope you do not deploy that script to the clients rather than remote-execute it, since the password is in the script.
There are methods to encrypt it in a script.