Adding local users to a group of servers

Question

Adding local users to a group of servers

Got what maybe a unique problem here. I have a bunch of servers that I need to add new local user accounts to.

I thought i had found my answer with the following command:

# Create new local Admin user for script purposes
$date = Get-Date -Format yyyy-MM-dd
$servers = get-content serverlist.txt

$username = read-host -Prompt "Enter Username"
$securepass = read-host -Prompt "Enter Password" -AsSecureString

foreach ($server in $servers)
{
    Invoke-command -ComputerName $server
    {
        $Computer = [ADSI]"WinNT://localhost"
        $LocalAdmin = $Computer.Create("User", "$username")
        $LocalAdmin.SetPassword("$securepass")
        $LocalAdmin.UserFlags = 64 + 65536 # ADS_UF_PASSWD_CANT_CHANGE + ADS_UF_DONT_EXPIRE_PASSWD
        $LocalAdmin.SetInfo()
    }
}

However when I run this code I get a few different errors. It appears that the problem is with the "$Computer.Create("User"," section of the code.

I've actually paired this down to a simple basic local account creation script, and this version works:

invoke-command -computername <server> {[ADSI]$server="WinNT://localhost";$HD=$server.Create("User","TESTUSER");$HD.SetPassword("PASSWORD");$HD.SetInfo()}

Now that version works without a problem because its able to set the user and create the password using the quoted text. So I moved on to setup variables with prompts to provide us a way to automate the process of new user creation.

So I moved on to this more automated version:

$date = Get-Date -Format yyyy-MM-dd
$username = read-host -Prompt "Enter Username"
$securepass = read-host -Prompt "Enter Password"
$server1 = "SERVER"
Invoke-command -computername $server1 {
        [ADSI]$server=("WinNT://localhost/")
        $HD=$server.Create("User",$username)        
        $HD.SetPassword($securepass)
        $HD.SetInfo()
        }

This however doesn't work and generates the following problem:

The following exception occurred while retrieving member "Create": "Unknown error (0x80005000)" + CategoryInfo : NotSpecified: (:) [], ExtendedTypeSystemException + FullyQualifiedErrorId : CatchFromBaseGetMember + PSComputerName : SERVER

You cannot call a method on a null-valued expression. + CategoryInfo : InvalidOperation: (SetPassword:String) [], RuntimeException + FullyQualifiedErrorId : InvokeMethodOnNull + PSComputerName : SERVER

You cannot call a method on a null-valued expression. + CategoryInfo : InvalidOperation: (SetInfo:String) [], RuntimeException + FullyQualifiedErrorId : InvokeMethodOnNull + PSComputerName : SERVER

I"m actually not sure what is going wrong here. The create method seems to be accepted in MULTIPLE other scripts, but for this one the moment I put that variable into the create method, it blows up.

Anybody know whats going wrong? I'm getting ridiculously frustrated.

powershell-3.0

asked on Stack Overflow May 22, 2014 by

Sean Falconer

1 Answer

You need to understand, that whenever you Invoke-Command, you don't have access to local variables (such as $username).

There are two ways to solve it in PowerShell v3.

Easier, with $using: prefix:

$username = 'foo'
Invoke-Command -ComputerName Test { $using:username }

More complicated, but works also on v2, with param() block and -ArgumentList parameter:

$username = 'foo'
Invoke-Command -ComputerName Test -ArgumentList $username {
    param ($user)
    $user
}

answered on Stack Overflow May 23, 2014 by

BartekB

User contributions licensed under CC BY-SA 3.0