I wanted to find a simple PowerShell script to create local user accounts on unmanaged laptops.
The script needed to use the laptop serial as part of the username.
Also, the accounts shouldn’t expiry or require the user to change their password on the first login attempt.
The first test command created the account but didn’t insert the laptop serial as part of the username.
New-LocalUser -Name "test-account" -NoPassword -AccountNeverExpires -UserMayNotChangePassword -Description "test account" | Set-LocalUser -PasswordNeverExpires $true
The second script did everything required successfully, including added the laptop serial.
$Error.clear()
$startupVariables=””
$SN = gwmi win32_bios | Select-Object -Expandproperty SerialNumber
net user student$SN /add /passwordchg:no
wmic useraccount where "name='student$SN'" set passwordexpires=false
The third script includes the user password and adds the user to the local administrators group.
$Error.clear()
$startupVariables=””
$SN = gwmi win32_bios | Select-Object -Expandproperty SerialNumber
net user admin$SN MyPa55W0rd /add /passwordchg:no
wmic useraccount where "name='admin$SN'" set passwordexpires=false
net localgroup administrators admin$SN /add
To process the commands in one line add semicolons after each command.
$Error.clear();
$startupVariables=””;
$SN = gwmi win32_bios | Select-Object -Expandproperty SerialNumber;
net user student$SN /add /passwordchg:no;
wmic useraccount where "name='student$SN'" set passwordexpires=false