Tim said:
I need to add a local NTFS user and force them to chenge their password when
they logon. All examples point to AD, but this is a local account.
How can I manipulate the "User Must Change Password at next Logon" bits via
DOS, VBS or WMI?
Hi
Here is a VBScript solution that creates a local user account (with
"User Must Change Password at Next Logon" enabled) and adds it to a
local group.
'--------------------8<----------------------
' name of user to be created
sNewUser = "mini-strator"
' name of the group the user is to be added to
sGroupname = "Administrators"
' get computer name
Set oWshNet = CreateObject("WScript.Network")
sComputerName = oWshNet.ComputerName
' connect to the Winnt provider
Set oComputer = GetObject("WinNT://" & sComputerName)
' create the user
Set oUser = oComputer.Create("user", sNewUser)
oUser.SetPassword "A1234_B1234"
On Error Resume Next
' save the user
oUser.Setinfo
' If user exists already or password restrictions
' are not fulfilled, we get an error
If Err.Number = 0 Then
' configure the user
On Error Goto 0
' Enable "User Must Change Password at Next Logon"
oUser.Put "PasswordExpired", 1
oUser.Fullname = "John Doe"
oUser.Description = "hi!"
oUser.Setinfo
End If
On Error Goto 0
' Add the user to the group
Set oGroup = GetObject("WinNT://" & sComputerName & "/" & sGroupname)
' Use error handling in case he is a member already
On Error Resume Next
oGroup.Add(oUser.ADsPath)
On Error Goto 0
'--------------------8<----------------------
More links:
Configuring a Local User Account So It Never Expires
http://www.microsoft.com/technet/community/scriptcenter/user/scrug115.mspx
WSH 5.6 documentation (local help file) can be downloaded from here
if you haven't got it already:
http://msdn.microsoft.com/downloads/list/webdev.asp