Kaseya Community

Creation of Domain admin accounts

  • Dear All,

    I have been trying to build a script that creates a Service account and makes it a member of the administrators group in the domain, I need it to be deployable on any site but I struggel all sites have difrent AD structures and names.

    Has anyone got this working that is willing to share ??


    regards,

    Legacy Forum Name: Creation of Domain admin accounts,
    Legacy Posted By Username: Andreasb
  • Not sure if this will help but I have a script that when run on the domain controller resets the password of an account. I ran this on different domains successfully.

    execute shell command
    net user username password /expires:never
    execute as user

    Where username and password where my account and the new password. So I belive you could modify this possibly.
    Also try the following, I never did test it on a domain but it appears it will create the account. Leave the %userdomain% and the domain will automatically be calculated and filled in.

    net localgroup Administrators %UserDomain%\UserID /add

    Legacy Forum Name: Scripts Forum,
    Legacy Posted By Username: JonJohnston
  • Thanx a mil for the brain storm, net group /domain:%userdomain% /add is the correct one, thanx for the feed back, will post script in this post when it is tested.

    Legacy Forum Name: Scripts Forum,
    Legacy Posted By Username: Andreasb
  • Andreasb
    Thanx a mil for the brain storm, net group /domain:%userdomain% /add is the correct one, thanx for the feed back, will post script in this post when it is tested.


    Here is the script as promised .! :



    Script Name: Create Kservice account
    Script Description: This script creates the KService System account on domain controllers and adds to the Dimain Admins group.

    IF Service is Running
    Parameter 1 : Netlogon
    THEN
    Execute Shell Command
    Parameter 1 : net user KService /expires:never /add
    Parameter 2 : 1
    OS Type : 0
    Execute Shell Command
    Parameter 1 : net group "Domain Admins" KSERVICE /add
    Parameter 2 : 1
    OS Type : 0
    Write Script Log Entry
    Parameter 1 : The KService account was created and added to the domain admins group
    OS Type : 0
    ELSE
    Write Script Log Entry
    Parameter 1 : This is not a Domain controller
    OS Type : 0

    Legacy Forum Name: Scripts Forum,
    Legacy Posted By Username: Andreasb