none
Creating Local Accounts with MDT and Config Mgr OSD: How to?

    Question

  • We are using an MDT 2012 UDI deployment Task Sequence  in Config Mgr 2012. I have attempted to create and add a local account to the administrators group during deployment using both the default unattend.xml and a custom answer file. In both cases this setting is ignored. I am a little confused because other settings I specify in the answer file such as IE home page are preserved after deployment, but the local account is never created.

    Is this possible to do via the method I am describing or is there another method I must use?

    Tuesday, July 03, 2012 7:21 PM

Answers

  • Hi,

    You can create a mdt vbscript / batch to create and add the user to a group. Either you use the script in the TS with a command line action or simply add an application step (if you create an app for this task)

    example addusers.cmd :

    net user /add useraccountname mypassword
    net localgroup administrators useraccountname /add

    regards,


    Revue du Geek | Déployer Windows 7 avec MDT 2010

    • Marked as answer by BryanCP Thursday, July 05, 2012 3:36 PM
    Tuesday, July 03, 2012 8:56 PM

All replies

  • Hi,

    You can create a mdt vbscript / batch to create and add the user to a group. Either you use the script in the TS with a command line action or simply add an application step (if you create an app for this task)

    example addusers.cmd :

    net user /add useraccountname mypassword
    net localgroup administrators useraccountname /add

    regards,


    Revue du Geek | Déployer Windows 7 avec MDT 2010

    • Marked as answer by BryanCP Thursday, July 05, 2012 3:36 PM
    Tuesday, July 03, 2012 8:56 PM
  • I could be wrong but I was looking through my unattend.xml via the system image manager and I think that when I set the admin password, the account becomes active.  I did that here:

    7. oobe\ms-windows-shell-setup_neutral \UserAccounts\LocalAccount\AdministratorPassword

    The fact that the admin account is active on the machine supports the theory because I'm not adding the account in any other way.  -It is possible that I activated it long ago when I first build the WIM though.

    Tuesday, July 03, 2012 10:26 PM
  • Thanks Yannick, worked like a charm.
    Thursday, July 05, 2012 3:36 PM
  • HI,

    You helped me today in MDT 2013 :) 

    Thanks Yannick

    regards


    • Edited by Maryary Thursday, June 11, 2015 4:43 PM
    Thursday, June 11, 2015 4:41 PM
  • Hello, I just want to say thank you so much for this solution! I was banging my head for months because the default administrator profile will not open up any store apps after using MDT 2013 update 2 deployment. I could have just went into the local policy and re enabled as I saw online, but I wanted an account to just work after adding to the administrators group. Thanks again!
    Thursday, September 13, 2018 2:21 PM