On Error Resume Next CONST ADS_UF_DONT_EXPIRE_PASSWD = &H10000 ' Account password never expires CONST ADS_UF_PASSWD_CANT_CHANGE = &H0040 ' User cannot change password rtn = createlocaladmin("user123","userpass123!","some description of the user") WScript.Quit(0) Function createlocaladmin (username,password,displayname) On Error Resume Next rtn = createlocaluser(".",username,password,displayname) if rtn = 1 Then rtn = add_remove_local_group_members("add",username,"Administrators") createlocaladmin = rtn Exit Function Else createlocaladmin = 0 Exit Function End If End Function Function createlocaluser (computer,username,password,displayname) On Error Resume Next Set oADSI = GetObject("WinNT://" & computer) if Err.Number <> 0 Then WScript.Echo "Failed getting WinNT Object to create user (" & username & ")" WScript.Echo "Error: " & Err.Description createlocaluser = 0 Exit Function End If Set ouser = GetObject("WinNT://" & computer & "/" & username) if Err.Number = 0 Then if ouser.Class = "User" Then WScript.Echo "User exists already" createlocaluser = 1 Exit Function Else WScript.Echo "An object of type " & ouser.Class & " already exists with the same name as your user" createlocaluser = 0 Exit Function End If ElseIf Hex(Err.Number) <> "800708AC" Then WScript.Echo "Error getting User account prior to creation: " & Hex(Err.Number) & " -- " & Err.Description Else Err.Clear ' 800708AC = Object does not exist End If Set ouser = oADSI.Create("user", username) if Err.Number <> 0 Then WScript.Echo "Failed creating user (" & username & ")" WScript.Echo "Error: " & Err.Description createlocaluser = 0 Exit Function End If ouser.SetPassword(password) if Err.Number <> 0 Then WScript.Echo "Error setting password for " & username createlocaluser = 0 Exit Function End If ouser.put "UserFlags", ADS_UF_PASSWD_CANT_CHANGE OR ADS_UF_DONT_EXPIRE_PASSWD ouser.SetInfo if Err.Number <> 0 Then WScript.Echo "Failed setting user information (" & username & ")" WScript.Echo "Error: " & Err.Description createlocaluser = 0 Exit Function End If ouser.Description = displayname if Err.Number <> 0 Then WScript.Echo "Failed putting display name (" & username & ")" WScript.Echo "Error: " & Err.Description createlocaladmin = 0 Exit Function End If ouser.SetInfo() if Err.Number <> 0 Then WScript.Echo "Failed setting user information for displayname (" & username & ")" WScript.Echo "Error: " & Err.Description createlocaluser = 0 Exit Function End If createlocaluser = 1 End Function Function add_remove_local_group_members (addremove,username,group_name) On Error Resume Next Set WshShell = CreateObject("WScript.Shell") server = WshShell.ExpandEnvironmentStrings("%COMPUTERNAME%") Set group = GetObject("WinNT://" & server & "/" & group_name) if Err.Number <> 0 Then WScript.Echo "Error running GetObject for WinNT provider (group): ('WinNT://" & server & "/" & group_name & "')" & Err.Description add_remove_local_group_members = 0 Exit Function End If if InStr(username,"\") > 0 Then user_dom = Left(username,Instr(username,"\")-1) user_nm = Right(username,Len(username)-Instr(username,"\")) else user_nm = username user_dom = server End If Set user = GetObject("WinNT://" & user_dom & "/" & user_nm) if Err.Number <> 0 Then WScript.Echo "Error running GetObject for WinNT provider (user): ('WinNT://" & user_dom & "/" & user_nm & "')" & Err.Description add_remove_local_group_members = 0 Exit Function End If WScript.Echo user.ADsPath if group.IsMember(user.ADsPath) = True Then WScript.Echo " IsMember - " & username & " (" & group_name & ")" if addremove = "remove" Then group.Remove user.ADsPath if Err.Number <> 0 Then WScript.Echo "Error Removing user from " & group_name & ": " & Hex(Err.Number) & " - " & Err.Description add_remove_local_group_members = 0 Exit Function Else WScript.Echo " Removed " & username & " (" & group_name & ")" End If End If Else Err.Clear WScript.Echo " IsNotMember - " & username & " (" & group_name & ")" if addremove = "add" Then group.Add user.ADsPath if Err.Number <> 0 Then WScript.Echo "Error adding " & username & " to " & group_name & ": " & Hex(Err.Number) & " - " & Err.Description add_remove_local_group_members = 0 Exit Function Else WScript.Echo " Added " & username & " (" & group_name & ")" End If End If End If add_remove_local_group_members = 1 End Function