Bu makalede powershell ile local account yönetiminden bahsedilecektir. Bilindiği gibi powershell kullanarak local ve Domain hesapları oluşturulabilir, şifresi değiştirilebilir ve silinebilir. Ancak bunu birden fazla komutla ve bir çok bilgisayara uygulamak için aşağıdaki komutları kullanmak işlemleri kolaylaştırabilir.

www.powershell.nu adresinden Set-LocalAccount.ps1 script edinilmelidir. Bu scriptin içeriği;

 
 

##################################################################################

#

# Script name: Set-LocalAccount.ps1

# # Homepage: www.powershell.nu

#

##################################################################################

 

param([string]$UserName, [string]$FullName, [string]$Password, [switch]$Add, [switch]$Remove, [switch]$ResetPassword, [switch]$help, [string]$computername)

 

function GetHelp() {

$HelpText = @”

DESCRIPTION:

 

NAME: Set-LocalAccount.ps1

Adds or Removes a Local Account

 

PARAMETERS:

 

-UserName Name of the User to Add or Remove (Required)

-Password Sets Users Password (optional)

-Add Adds Local User (Optional)

-Remove Removes Local User (Optional)

-ResetPassword Resets Local User Password (Optional)

-help Prints the HelpFile (Optional)

 

SYNTAX:

 

.\Set-LocalAccount.ps1 -UserName nika -Password Password1 -Add

Adds Local User nika and sets Password to Password1

 

.\Set-LocalAccount.ps1 -UserName nika -Remove

Removes Local User nika

 

.\Set-LocalAccount.ps1 -UserName nika -Password Password1 -ResetPassword

Sets Local User nika’s Password to Password1

 

.\Set-LocalAdmin.ps1 -help

Displays the helptext

“@

$HelpText

}

 

function AddRemove-LocalAccount ([string]$UserName, [string]$FullName, [string]$Password, [switch]$Add, [switch]$Remove, [switch]$ResetPassword, [string]$computerName) {

if($Add) {

[string]$ConnectionString = “WinNT://$computerName,computer”

$ADSI = [adsi]$ConnectionString

$User = $ADSI.Create(“user”,$UserName)

$User.SetPassword($Password)

echo “————-DEBUGGING—————”

Echo “Connection String: $connectionstring”

echo “Username: $username”

#echo “Password: $password”

echo “————————————-”

$User.SetInfo()

 

([ADSI]”WinNT://$computerName/Administrators,group”).Add(“WinNT://$UserName”)

$user.put(“Description”,”IDI User Account”)

$user.setInfo()

$user.put(“FullName”,$FullName)

$user.Put(“PasswordExpired”, 0)

$user.SetInfo()

}

 

if($Remove) {

[string]$ConnectionString = “WinNT://$computerName,computer”

$ADSI = [adsi]$ConnectionString

$ADSI.Delete(“user”,$UserName)

}

 

if($ResetPassword) {

[string]$ConnectionString = “WinNT://” + $ComputerName + “/” + $UserName + “,user”

$Account = [adsi]$ConnectionString

$Account.psbase.invoke(“SetPassword”, $Password)

}

}

 

if($help) { GetHelp; Continue }

if($UserName -AND $Password -AND $Add -AND !$ResetPassword -and !$FullName) { AddRemove-LocalAccount -UserName $UserName -Password $Password -Add -computerName $computerName}

if($UserName -AND $FullName -AND $Password -AND $Add -AND !$ResetPassword) { AddRemove-LocalAccount -UserName $UserName -FullName $FullName -Password $Password -Add -computerName $computerName}

if($UserName -AND $Password -AND $ResetPassword) { AddRemove-LocalAccount -UserName $UserName -Password $Password -ResetPassword -computerName $computerName}

if($UserName -AND $Remove) { AddRemove-LocalAccount -UserName $UserName -Remove -computerName $computerName}

 
 

Yukarıdaki Script local hesaplar üzerinde birçok işlemi tek bir komut satırı ile gerçekleştirebilir. Örneğin

 
 

AddRemove-LocalAccount -UserName OkanEkeLocal -Password Password1 -Add -computerName 10.10.1.10

 
 

10.10.1.10 sunucusuna local hesap olan OkanEkeLocal oluşturulur.

 
 

Birden çok sunucuya aynı hesap oluşturulmak isteniyorsa komut aşağıdaki gibi düzenlenir.

 
 

Get-Content e:\a\ComputerList.txt | ForEach-Object {AddRemove-LocalAccount -UserName OkanEkeLocal -Password Password1 -Add -computerName $_ }

 
 

Komut tecrübeyle sabittir 🙂