Question
tried creating users with powershel.This worked fine for local machine. But how to create a local user account in a remote machine using remote powershell?
The script localwindows.ps1 is
https://stackoverflow.com/questions/20186677
italiano
english
français
española
中国
日本の
العربية
Deutsch
한국어
Português
Russian$comp = [adsi]'WinNT://machinename,computer';
$user = $comp.Create('User', 'account4');
$user.SetPassword('change,password.10');
$user.SetInfo();
I tried the same thing through C# :
PSCredential credential = new PSCredential(userName, securePassword);
WSManConnectionInfo connectionInfo = new WSManConnectionInfo(false, "machinename", 5985, "/wsman", shellUri, credential);
using (Runspace runspace = RunspaceFactory.CreateRunspace(connectionInfo))
{
runspace.Open();
String file = "C:\\localwindows.ps1";
Pipeline pipeline = runspace.CreatePipeline();
pipeline.Commands.AddScript(System.IO.File.ReadAllText(file));
pipeline.Commands.Add("Out-String");
// execute the script
Collection<PSObject> results = pipeline.Invoke();
}
This also works fine locally .But for remote computer its throwing exception "create :Access is denied ".
La solution
I was able to create a local user account in a remote computer using the following command :
Invoke-Command -ComputerName machineName -filepath c:\script.ps1 -credential $getcredential
The script is
$comp = [adsi]'WinNT://localhost,computer';
$user = $comp.Create('User', 'account11');
$user.SetPassword('change,password.10');
$user.SetInfo();
$user
Autres conseils
Use the ADSI WinNT provider:
$username = "foo"
$password = "bar"
$computer = "hostname"
$prov = [adsi]"WinNT://$computer"
$user = $prov.Create("User", $username)
$user.SetPassword($password)
$user.SetInfo()
The powershell script invoke-Command executes any powershell script on a remote computer. You didn't say just how you use powershell to create the user, but as an example you write:
invoke-command -computername myserver {[ADSI]$server="WinNT://localhost";$HD=$server.Create("User","HD");$HD.SetPassword("H3lpD3>K");$HD.SetInfo()}
You can also execute your local powershell script remotely by using the -filepath parameter:
Invoke-Command -ComputerName MyRemoteServer -filepath c:\Scripts\DaScript.ps1
To enable remote commands you will have to enable winrm on the remote computer. you can do this by running
winrm quickconfig
On the remote computer.
If you have a PowerShell script to create a local user account locally on a server, then just simply use PSExec to run it on remote machines with administrative account
Invoke-Command works but you can also use Enter-PSSession -Computer to submit commands locally on a remote machine. The following will prompt the user for the username and add them to the local Administrators group with no password:
$user = read-host 'What is the name of the local user you would like to add?'
net user /add $user
net localgroup Administrators /add $user
I don't know if the question is still relevant, but I have tried this out and found what needs to be fixed. When you create the directory entry object, use the following code
$objOu = New-Object System.DirectoryServices.DirectoryEntry("WinNT://$computer", $admin, $adminPass, "Secure")
The rest is the same.
