Jump to content


P3nnyw1se

Disabling Administrator..... creating new?

Recommended Posts

Hi, In sccm2012, Win 7 Task Sequence.
I'm interested in Disabling the standard 'Administrator' account during OSD
It seems fairly easy as there are two possibilities presented to me

1: Enable Administrator
2: Randomly Generate a password and Disable account(recommended)

I wanna take step 2 and then create a new Administrator 'ITadmin' and have the OSD install through that user.
I'm new to Task Sequence and I'm unsure where to go from here to create that new Administrator
I couldn't find anything about it on this forum or google.

But I'm assuming I have to create a new Variable?

Share this post


Link to post
Share on other sites

Well I'm just going by company politics, besides some programs become problematic if not added through a domain user..
This is a post I just did on StackExchange:

during my Windows 7 OSD.

Going by Company Politics I'm suppose to

A: Disabled the standardlized Administrator (Done, can do that in task sequence) B: Create a new Administrator called 'ITadmin' and set a fixed password C: Join a Domain (Done that aswell in the Task Sequence) D: Use a Domain Admin to install programs that would otherwise give problems if attempted to install through Local Admin, like Dynamics AX

As written I join the computer to the Domain During the OSD, and as Result have the correct Domain Admins added as Administrators through GPO, but I don't know how to use them.

I'm looking at CustomSettings.ini in the MDT pack and thinking its gotta be possible to do it from here? or from the unattend.xml

 

in pseudo here is what I wanna do:

 

AddLocalAdmin: ITadmin

Password: 1234

UseThisAccountToInstallOSD: Domain\Install_User

Password : 1234

 

Any help appreciated, can't seem to google my way out of this one.

Share this post


Link to post
Share on other sites

For your Local admin account you could:

 

  • Create an answerfile OR
  • use this script and create a package out of it

@echo off
cls
echo Creating Local Account: ITadmin
pushd %~dp0
echo.
net user ITadmin password1 /ADD /FULLNAME:"ITadmin" /COMMENT:"Built in Local Admin Account" /ACTIVE:YES /PASSWORDCHG:NO /EXPIRES:NEVER
net localgroup "Administrators" ITadmin /add
wmic useraccount where "name='ITadmin'" set PasswordExpires=False
popd

 

 

OR you can use run commandline steps to achieve this also. If you like I will post them tomorrow if the above solutions are not suffice!

OR as Peter mentioned use group policy to change the administrator account name and set the password in the task sequence.

Share this post


Link to post
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

Loading...

×
×
  • Create New...