Jump to content


  • 0
SamayCSA

Local account will not get created with sysprep answer file

Asked by SamayCSA

Question

SamayCSA Newbie

SamayCSA

Posted
Posted

Hello-

 

I am using SCCM R2 and using it to deploy Windows 7 machines.

 

It has been working great so far, except just one thing. I need to create another local administrator account on my refrence image. I could have included this account by creating it before the machine gets imaged by SCCM, however I am also using the "CopyProfile" tag to copy the admin profile to the default profile on the machine and apparently you can only have ONE local account on the machine when you do this else you will have problems.

 

The only other way to create a local account was to have an XML answer file, and use it while deploying the image back to a machine. So I created a Task Sequence to deploy, and Under the Install Operating System -> Apply Operating System, I specify a Sysprep answer file from a package that has the following section to create the local account and add it to local administrators group.

 

<UserAccounts>

<LocalAccounts>

<LocalAccount wcm:action="add">

<Password>

<Value>KgAqAFIAYgBjAG0AMgAwADAANQBQAGEAcwBzAHcAbwByAGQA</Value>

<PlainText>false</PlainText>

</Password>

<DisplayName>Local Admin 2</DisplayName>

<Name>LocalAdmin</Name>

<Group>Administrators</Group>

</LocalAccount>

</LocalAccounts>

</UserAccounts>

 

But its not working, can you please tell me what am I doing wrong ?

 

Thanks

Share this post

Link to post
Share on other sites

5 answers to this question

Recommended Posts

  • 0
anyweb Proficient

anyweb

Posted
Posted

why not just create a run command line step called Add Local Admin

 

which does as follows:-

 

cmd /c net localgroup "Administrators" "DOMAIN\%USERNAME%" /add

 

you can get the %USERNAME% via a frontend HTA by prompting the user at the start of the installation, or via computer variables or other methods...

Share this post

Link to post
Share on other sites
  • 0
SamayCSA Newbie

SamayCSA

Posted
Posted

Thank you for getting back to me, I really appreciate the help you provide via this website.

 

Running the command will "ADD" an "Existing" domain user to the local admin group. What I was trying to accomplish here was to "Create" a local user account, add his to local admins group and set a password for the account as well.

 

Thanks

 

 

why not just create a run command line step called Add Local Admin

 

which does as follows:-

 

cmd /c net localgroup "Administrators" "DOMAIN\%USERNAME%" /add

 

you can get the %USERNAME% via a frontend HTA by prompting the user at the start of the installation, or via computer variables or other methods...

Share this post

Link to post
Share on other sites
  • 0
Lucid Newbie

Lucid

Posted
Posted

Why not use a script? You can then package it up just like you would a program, or use a task sequence to connect to your server and run it from there. Here's a snippet of VBScript code to illustrate how to make a local account:

 

strUsername = "JohnDoe"

strPassword = "password101"

strCheckName = ""

 

Set objUserAccounts = GetObject("WinNT://" & objNetwork.ComputerName & "")

Set objUser = objUserAccounts.Create("user", strUsername)

objUser.Description = "local account"

objUser.SetPassword strPassword

objUser.SetInfo

objUserFlags = objUser.Get("UserFlags")

objPasswordExpirationFlag = objUserFlags OR ADS_UF_DONT_EXPIRE_PASSWD

objUser.Put "userFlags", objPasswordExpirationFlag

objUser.SetInfo

If Not objUser.UserFlags AND ADS_UF_PASSWD_CANT_CHANGE Then

'Setting the password to never expire"

objPasswordNoChangeFlag = objUser.UserFlags XOR ADS_UF_PASSWD_CANT_CHANGE

objUser.Put "userFlags", objPasswordNoChangeFlag

objUser.SetInfo

End If

Set objGroup = GetObject("WinNT://" & objNetwork.ComputerName & "/Users,group")

If Not objGroup.IsMember(objUser.AdsPath) Then

'Making the user a member of the local ""Users"" group

objGroup.Add(objUser.AdsPath)

End If

 

Set colWin32_UserAccount = objWMI.ExecQuery ("Select * from Win32_UserAccount Where LocalAccount = True")

For Each objItem in colWin32_UserAccount

If UCase(objItem.Name) = UCase(strUserName) Then

strCheckName = "found"

End If

Next

If strCheckName = "found" Then

'Successfully created the local user account

Else

'Failed to create the local user account - Aborting the script

Wscript.Quit(1)

End If

Share this post

Link to post
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Answer this question...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

Loading...
×
Go to question listing
×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.