Up until this point, I’ve been using the “net user” commands to add user accounts to windows boxes. While this still works, I’ve found PowerShell cmdlets that add more functionality, such as “-FullName” and “-AccountNeverExpires”. Now when I want to add a user account I can run:
[code language=”PowerShell”] New-LocalUser -Name JSmith [/code]
That’s nice but what if I want it to be an administrator? Easy, just run Add-LocalGroupMember with the user account of your choice.
[code language=”PowerShell”] Add-LocalGroupMember -Group Administrators -Member JSmith [/code]
You can make more complex adjustments by adding switches. In the example below, this adds a new local user with a full name and description, sets the password, and tells the account and password to never expire. It will also take the password from the command line as a secure string, which is required for entering a password.
[code language=”PowerShell”]
$Password = Read-Host -AsSecureString
New-LocalUser -Name “JSmith” -FullName “John Smith” -Description “John Smith” -Password $Password -PasswordNeverExpires -AccountNeverExpires
Add-LocalGroupMember -Group “Administrators” -Member “JSmith”
[/code]
Here it is all tidied up as a PowerShell function with variables and default values.
[code language=”PowerShell”]
function Add-User {
[CmdletBinding()]
param (
[PSDefaultValue(Help = ‘Admin’)]
$Username = “Admin”,
[PSDefaultValue(Help = ‘Admin’)]
$Fullname = “Admin”
)
$Password = Read-Host -AsSecureString
New-LocalUser -Name $Username -FullName $Fullname -Description $Fullname -Password $Password -PasswordNeverExpires -AccountNeverExpires
Add-LocalGroupMember -Group Administrators -Member $Username
}
[/code]