- This topic has 3 replies, 2 voices, and was last updated 1 month ago by .
-
Posts
-
Hi there.
Can you please guide me how to use BatchPatch to create a local user and add him to the Administrators local group on a remote PC.
Thanks,
AviThis tutorial demonstrates how you can use BatchPatch to execute a script to modify local group membership on multiple computers:
Using BatchPatch to Modify Local Group Membership on Multiple Remote Computers
You can also use the same concept that is described in the tutorial above to create a local user account first. In the tutorial above we use the following command to add an account to the local administrators group:
net localgroup Administrators USERNAME /addBut you can use this command to first create a local account:
net user USERNAME PASSWORD /addBatchPatch executes the command via PsExec. If you are using PsExec v2.1 or newer, network communication is encrypted. However, there are some things to still note:
1. On a modern LAN, even unencrypted traffic is NOT seen by everyone. Traffic in a switched LAN is sent only to the particular port on the switch where the destination computer is plugged in. Unless an attacker has direct access to the switch, the traffic can generally only be seen by the source and destination switch ports.
2. If you are logging command line activity of your computers (this is somewhat common at large enterprises), any commands that are sent to the command line (including the net user USERNAME PASSWORD /add command) would therefore be logged, including your command to set the password.
3. It’s always best to verify any concerns with your own eyes. You can review network traffic on the source and target computers by using an application like Wireshark to capture the traffic and then look at it.
- You must be logged in to reply to this topic.