If you want to create service accounts with PowerShell and the result must be like:

image

 

Use this PowerShell script:

 

# To run this script use: & "C:\Users\rLisdonk\Desktop\ToServer\Test.ps1"

$computerName = "MyComputerNameā€¯
$serviceAccountWebName = "saAsaWeb"
$serviceAccountWebPassword = "MyPassword123"

 

"Get computer info"
$computer = [ADSI]("WinNT://" + $computerName + ",computer")

 

"Determine if user [saAsaWeb] exists"
$serviceAccount = [ADSI]("WinNT://" + $computerName + "/$serviceAccountWebName" + ",user")
if(!$serviceAccount.Name)
{
    "Create user [saAsaWeb]"
    $user = $computer.Create("user", $serviceAccountWebName)

    "Set password"
    $user.SetPassword($serviceAccountWebPassword)
    $user.SetInfo()

    "Disable [User must change password at next logon]"
    $user.PasswordExpired = 0
    $user.SetInfo()

    "Enable [Password never expires]"
    $wmiuser = Get-WmiObject -class "Win32_UserAccount" -filter "name=’$serviceAccountWebName’"
    $wmiuser.PasswordExpires = $false
    $wmiuser.Put()
}

2 Comments

  1. $computer = [ADSI]”WinNT://$computerName”
    $serviceAccountWebName = “saAsaWeb”
    $serviceAccountWebPassword = “MyPassword123”
    $description = “SA ASA Web Account”
    # Create user [saAsaWeb]
    $ADS_USERFLAG_DONT_EXPIRE_PASSWD = 65536
    $user = $computer.Create(“user”, $serviceAccountWebName)
    $user.put(“description”,$description)
    # Set password
    $user.SetPassword($serviceAccountWebPassword)
    $user.UserFlags.value = $user.UserFlags.Value -bor $ADS_USERFLAG_DONT_EXPIRE_PASSWD
    $user.SetInfo()

    FYI: user must change password and password never expires can’t be active at the same time. So just setting “Password Never Expires” is enough. It automatically sets “User must change password at next logon” to disabled

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.