/build/static/layout/Breadcrumb_cap_w.png

SMA - PowerShell Script to Create Local User Account

Hello.  I am needing assistance.  I have a PowerShell script that creates a local Windows user account.  It works great if run on the local Windows machine.  But I try to push it out through our SMA as a Online KScript, it says it ran but the receiving windows device does not create the account.  Event Viewer does not give a failure error that I can find and the SMA says everything ran successfully.

I have tried:

1) "Windows Run As" with both Local System and a Domain Admin credential.

2) Tried running the PowerShell script as an Online Shell Script, putting the script contents in and made sure to name it create.ps1

3) Tried running a batch file that runs the commandline to run the powershell script (Both are attached as dependancies). Batch file command line is: powershell -nologo -executionpolicy bypass -noprofile -file create.ps1

The following is the credential gutted version of the PowerShell script.

$username = "username"

$password = ConvertTo-SecureString "password" -AsPlainText -Force

New-LocalUser -Name "$username" -Password $password -FullName "$username" -Description ""


Any suggestions would be greatly appreciated on being able to get this script to push to remote machines via the SMA.

Thank you.

Asked 7 months ago 0 views
2 Comments   [ + ] Show comments
  • So here's something of interest. Finally found a log that shows the Online Shell Script gives the error below. It seems the KACE SMA does not understand what this PowerShell command is. But it still doesn't explain why I can't run the script via a dependancy and that it seems like it isn't getting the needed elevated permissions. I ran it locally on another Windows machine and it worked with seconds.

    CategoryInfo : ObjectNotFound: (New-LocalUser:String) [], CommandNotFoundException+ FullyQualifiedErrorId : CommandNotFoundException - ryanreb 7 months ago
  • I found that trying to run the PowerShell command "New-LocalUser" does not work when running on a remote machine. Windows doesn't seem to recognize it. So I had to go old school Command Prompt commands to do what I needed. They still run in a PowerShell script but are the old commands:
    net user username password /add
    net localgroup administrators username
    NET USER username /COMMENT:"Comment Here" - ryanreb 7 months ago

Answers (2)

Posted by: josed558 7 months ago
Senior White Belt
0

Try running an online KScript using a .bat file with "net user username password /add"

I ran in to an issue trying to enable the local administrator account using a PowerShell script as well and i switched to .bat file that just run the following command and it worked right away "net user administrator /active:yes".  

Posted by: gwir 6 months ago
Second Degree Brown Belt
0

Add this at the bigining of your script to be sure it runs in 64bits :

if ($PSHOME -like "*syswow64*") {
    Write-Output 'Relaunching as x64'
    & (Join-Path ($PSHOME -replace 'syswow64', 'sysnative') powershell.exe) `
        -File $Script:MyInvocation.MyCommand.Path `
        @args
    Exit
}


Thanks Nate Webb.

 
This website uses cookies. By continuing to use this site and/or clicking the "Accept" button you are providing consent Quest Software and its affiliates do NOT sell the Personal Data you provide to us either when you register on our websites or when you do business with us. For more information about our Privacy Policy and our data protection efforts, please visit GDPR-HQ