K2000 : Create a local administrator account during mid-level post-install task
Hi all,
I have a question about K2000 deployment... I don't like we need to connect on the computer with the built-in local administrator account (it's not really secured). So I would like to know if it possible to create a local administrator account during a mid-level task (from KBE) with a random password (for example linked to the computer name like this it would be unique for a computer) I would use to connect in Windows to execute the post-install tasks and I would delete at the end of the deployment...?
Or if it's possible use the built-in administrator account to execute the tasks but without connect interactively in Windows to deny the user to do something if he comes on the computer during a deployment.
Someone did already try this or know if it's possible?
Thank you for you help and your answer...
Michaël
0 Comments
[ + ] Show comments
Answers (1)
Please log in to answer
Posted by:
chucksteel
7 years ago
Microsoft recommends that the Administrator account should remain disabled. We create a local administrator account during installation via the unattended installation settings. We prefer scripted installs in our environment, but if you are creating images then you should still Sysprep them before uploading. Your unattend.xml file can then include the settings to create a user in the OOBE settings pass.
Comments:
-
Thank you for your answer but my question is mainly when I apply Windows 10 upgrade. Now I only have the built-in local administrator and I would like to create an new one only for applying upgrade and delete it at the end of the process.
I followed this article to upgrade my computers from Windows 10 1511 to 1607 : http://www.itninja.com/blog/view/upgrading-to-windows-10 - SITEL 7 years ago-
If you have a K1000, use it to send a script before upgrading to create the account you want, and then either a PO task to delete it or another K1 task. - cserrins 7 years ago
-
Thank you I already do that and it works but it would be perfect if it could be fully automated during a K2000 deployment process. - SITEL 7 years ago
-
How about using Password Renew [http://www.kood.org/windows-password-renew/]? You can .zip it with a batch and run it, though you will need to enter things manually, but that would create an account for you as a midlevel. - cserrins 7 years ago