I'm trying to create new users with powershell. We're not running active directory (not sure if that changes things or not). Here's what I'm trying to do:
$machine = [ADSI]"WinNT://localhost,computer"
$newUser = $machine.Create("User", $Username)
$newUser.setpassword($Password)
$newUser.SetInfo()
Everything works up to this point and the user is created. But now I want to change additional settings like this, but they all fail
$newUser.Put("sAMAcountName", $Username)
$newUser.SetInfo()
$newUser.Put("userAccountControl", 0x10000)
$newUser.SetInfo()
UPDATE
This is the error I'm getting
Exception calling "Put" with "2" argument(s): "Exception from HRESULT: 0x8000500F"
Any idea what I'm doing wrong? Thanks!
Solution
JPBlanc's answer helped point me in the right direction.
The biggest problem is that there's is little to no documentation on using [ADSI]
on machines that are not part of an Active Directory domain.
I was able to solve the issue using the UserFlags
property.
$newUser.UserFlags = $UserFlags.DONT_EXPIRE_PASSWD
$newUser.CommitChanges()
Can you try as administrator :
$obj = [ADSI]"WinNT://$env:COMPUTERNAME"
$user = $obj.Children.find("utilisateur1")
$user.psbase.rename("user1")
$user.put('FullName','user1')
$user.setinfo()
According to the followin code I cant see sAMAcountName
or userAccountControl
which are AD user attributes :
PS C:\Windows\system32> $a | fl *
UserFlags : {513}
MaxStorage : {-1}
PasswordAge : {917}
PasswordExpired : {0}
LoginHours : {255 255 255 255 255 255 255 255 255 255 255 255 255 255 255 255 255 255 255 255 255}
FullName : {user1}
Description : {}
BadPasswordAttempts : {0}
HomeDirectory : {}
LoginScript : {}
Profile : {}
HomeDirDrive : {}
Parameters : {}
PrimaryGroupID : {513}
Name : {user1}
MinPasswordLength : {0}
MaxPasswordAge : {3628800}
MinPasswordAge : {0}
PasswordHistoryLength : {0}
AutoUnlockInterval : {1800}
LockoutObservationInterval : {1800}
MaxBadPasswordsAllowed : {0}
objectSid : {1 5 0 0 0 0 0 5 21 0 0 0 151 181 85 95 2 227 17 190 248 24 47 102 18 4 0 0}
AuthenticationType : Secure
Children : {}
Guid : {D83F1060-1E71-11CF-B1F3-02608C9E7553}
ObjectSecurity :
NativeGuid : {D83F1060-1E71-11CF-B1F3-02608C9E7553}
NativeObject : System.__ComObject
Parent : WinNT://WORKGROUP/JPBHPP2
Password :
Path : WinNT://WORKGROUP/JPBHPP2/user1
Properties : {UserFlags, MaxStorage, PasswordAge, PasswordExpired...}
SchemaClassName : User
SchemaEntry : System.DirectoryServices.DirectoryEntry
UsePropertyCache : True
Username :
Options :
Site :
Container :
PS C:\Windows\system32> $a | select -ExpandProperty properties
PropertyName Value
------------ -----
UserFlags 513
MaxStorage -1
PasswordAge 917
PasswordExpired 0
LoginHours {255, 255, 255, 255...}
FullName user1
Description
BadPasswordAttempts 0
HomeDirectory
LoginScript
Profile
HomeDirDrive
Parameters
PrimaryGroupID 513
Name user1
MinPasswordLength 0
MaxPasswordAge 3628800
MinPasswordAge 0
PasswordHistoryLength 0
AutoUnlockInterval 1800
LockoutObservationInterval 1800
MaxBadPasswordsAllowed 0
objectSid {1, 5, 0, 0...}