Last active
August 23, 2021 19:34
-
-
Save dstreefkerk/954bac10b860d75d2693e4b3fb0f083c to your computer and use it in GitHub Desktop.
Creates a backup local admin user with a random password. Designed for use with Microsoft LAPS. Should be run as a computer logon script.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
# The name of the account | |
$accountName = 'LocalAdmin' | |
$accountFullName = 'Local Administrator' | |
$accountComment = 'Backup Local Administrator Account' | |
# Any users listed here will be disabled by this script | |
$usersToDisable = 'Administrator','Guest' | |
# Set up some Event Log stuff | |
$sourceName = "$($MyInvocation.MyCommand.Name).ps1" | |
New-EventLog -LogName Application -Source "$sourceName" -ErrorAction SilentlyContinue -WarningAction SilentlyContinue | |
# If the account already exists, exit | |
if ((Get-WmiObject Win32_UserAccount -filter "domain = '$Env:COMPUTERNAME' and Name = '$accountName'") -ne $null) { | |
Write-EventLog -LogName Application -Source $sourceName -EntryType Information -EventId 1 -Message "$accountName already exists" -ErrorAction SilentlyContinue -WarningAction SilentlyContinue | |
exit | |
} | |
# Create the account | |
cmd.exe /c "net user $accountName `"$([guid]::NewGuid().guid)`" /add /y /comment:`"$accountComment`" /fullname:`"$accountFullName`"" | |
# Add the account to the Administrators group | |
cmd.exe /c "net localgroup Administrators $accountName /add" | |
# Disable the specified users | |
$usersToDisable | Foreach-Object {cmd.exe /c "net user $_ /active:no"} | |
# Try and write an event to the Event Log | |
Write-EventLog -LogName Application -Source $sourceName -EntryType Information -EventId 2 -Message "Created local administrator account: $accountName" -ErrorAction SilentlyContinue -WarningAction SilentlyContinue |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment