0
So I have had an interesting problem pop up. I am trying to make someones life easier by making a script to help reset local accounts on windows 7 machines. Ideally, we'd like to do it remotely, so I made the following batch file:
@ECHO OFF
set /p machine=Please enter machine reference/ip:
set /p account=Please enter account name:
wmic /user:".\<adminaccountname>" /node:"%machine%" process call create "net user %account% /active:yes"
pause
With the result:
ERROR:
Description = User credentials cannot be used for local connections
Is there a way to achieve this, or do I simply need to use a domain account? Would psexec allow me to do this?
James Korden
Posted 2014-08-06T12:53:35.250
Reputation: 133
I would use teamviewer to connect to the pc remotely, you can then login to another account and do it manually. If you can use a domain, you do not even need to access the pc. You can use Active Directory to reset a password. – LPChip – 2014-08-06T12:59:56.887
RDP is an option, but it seems a little much for such a specific task, which is why I am trying wmic. Also, the account isn't on AD, it's local to the machine (we use it to administer spiceworks and policy doesn't allow us to make it a domain account). – James Korden – 2014-08-06T13:05:59.917
Commenting on whether you simply need to use a domain account, you can still RDP to a machine even if it's not on the domain. (If it were on the domain you'd need to use username machinename\username to log on). I think though you'll need to configure a password on the account that's being used to log on to the machine if it doesn't have a password already. – user319647 – 2014-08-06T13:13:48.630
The local account which I am using referenced at
/user:".\<adminaccountname>"has a password. It is the same on each machine. – James Korden – 2014-08-06T13:15:23.110Try using
runas /netonlyto provide the admin credentials instead of using the/userin WMIC. – Iszi – 2014-08-06T14:10:07.270