locked
How do I create a local user on a remote machine and add it to one of the machine's groups? RRS feed

  • Question

  • I am trying to write a C# method that will create a new local user on a remote machine, and add that user to the machine's Administrators group.  I have found examples of this on the web which fork a process and use the net use command, but I would like to do everything in process in order to capture exceptions, feedback, etc.

    Note I cannot use the Directory Services API because the user I must create cannot be a member of the domain; the user must be local to that remote machine.


    Derrick Lau
    Tuesday, March 10, 2009 7:03 PM

All replies

  • Currently I have a C# method that forks a process on the remote machine and uses net.exe to do the work.

    However, when I call the ManagementScope.Connect() method, I get the following exception:

    User credentials cannot be used for local connections.
    Derrick Lau
    • Proposed as answer by ahmadifx Wednesday, March 11, 2009 3:54 AM
    • Unproposed as answer by Derrick Lau Wednesday, March 11, 2009 3:10 PM
    Tuesday, March 10, 2009 8:00 PM
  • Hello Lau,

    You might want to try this function
  • msdn.microsoft.com/en-us/library/aa370649.aspx (NetUserAdd).
  • HOPE THIS HELPS


    Ahmad , Microsoft Student Partner - India
Wednesday, March 11, 2009 4:02 AM
  • If you are using Windows XP Service Pack 3 or above or Windows Vista then you can do this centrally in Active Directory by using Group Policy Preferences, since it offers the ability to create Local User accounts and manage Local Groups. You just need to ensure the Group Policy Preference extensions get installed, which is most easily done via WSUS or SMS.
    Wednesday, March 11, 2009 10:21 AM
  • The user I need to create cannot be a member of the active directory domain.  The user must exist on the machine only.
    Derrick Lau
    Wednesday, March 11, 2009 2:31 PM
  • Group Policy Preferences can create local (non-domain member) user accounts and also manage Local Groups like the built-in Administrators group.
    Wednesday, March 11, 2009 3:18 PM
  •  
    AndyCadley said:

    If you are using Windows XP Service Pack 3 or above or Windows Vista then you can do this centrally in Active Directory by using Group Policy Preferences, since it offers the ability to create Local User accounts and manage Local Groups. You just need to ensure the Group Policy Preference extensions get installed, which is most easily done via WSUS or SMS.


    Not all machines in my environment will be XP SP3 and up.  Thanks for the great suggestions anyway.
    Derrick Lau
    Wednesday, March 11, 2009 5:44 PM
  •  
    ahmadifx said:

    Hello Lau,

    You might want to try this function

  • msdn.microsoft.com/en-us/library/aa370649.aspx (NetUserAdd).
  • HOPE THIS HELPS


    Ahmad , Microsoft Student Partner - India



    I made a C# wrapper for this function and called it as NetUserAdd(remotemachine, 1, ref userinfo, rc).  However, the method returns me an error code of 1113.  How do I tell this method what user to run as?
    Derrick Lau
    Wednesday, March 11, 2009 5:45 PM