This browser is no longer supported.
Upgrade to Microsoft Edge to take advantage of the latest features, security updates, and technical support.
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(16, 57.99999999999999%, 11%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EM%3C/text%3E%3C/svg%3E)
Hi everyone,
I have a working task sequence which install Windows 10 pretty well inside a domain and I would like to add this feature : AdminAccounts.
The rule "SkipAdminAccounts=NO" is set, the page appears correctly during the Wizard, but ir does nothing.
I haven't see any error or warning in any logs (or maybe I didn't search in the right place).
Maybe I'm missing the right task in my sequence ?
If someone could help me, I'll appreciate.
Regards
Michael
Hi,
Thanks for posting in Microsoft MECM Q&A forum.
1, We could try to create a .bat file like this:
net user "owner" "mypassword" /add
net localgroup "Administrators" "owner" /add
WMIC USERACCOUNT WHERE "Name='owner'" SET PasswordExpires=FALSE
WMIC USERACCOUNT WHERE "Name='owner'" SET Passwordchangeable=FALSE
Then import this.bat file as an application in MDT. The command line for the application will be filename.bat
2, We could also try to prestage the computer under Advanced Configuration>Computers. Add the computer and go into Properties. On the Administrators tab you can add an existing local user on the image or domain user as an admin.
Thanks for your time.
Best regards,
Simon
If the response is helpful, please click "Accept Answer" and upvote it.
Note: Please follow the steps in our documentation to enable e-mail notifications if you want to receive the related email notification for this thread.
https://learn.microsoft.com/en-us/answers/articles/67444/email-notifications.html
Hi,
Thanks for your answer but i'm afraid that it doesn't suit for my usage.
i can't prepare in advance the local admin I want to add during the deployment because it changes every time (the owner of the computer).
There are a feature inside MDT, so I would like to use it correctly. It does exactly what I want to do.
Do you know which script is called for this action ? Or which task of the sequence does this action ?
Regards
Hi,
Thanks for your reply.
1.Are the Windows 10 comptures joined domain? When SkipAdminAccounts is set to NO, the Wizard page is displayed, and the information on that page is collected. However, this page does not actually create accounts, instead it just adds pre-existing user accounts and adds them to the local Administrators group. This scenario is only valid when you are joining the machine to a domain, so you must Join to the Domain. Refer to:
Adding a domain user to Local Admin Groups using MDT 2012
2.Please help check the BDD.log, SMSTS.log, Wizard.log and setupact.log to see if there is any further information for troubleshooting.
Bset regards,
Simon
If the response is helpful, please click "Accept Answer" and upvote it.
Hi,
Thanks for your reply and help.
I think it records my accounts, but when it has to deal with, it does nothing or the command failed but it's not logged.
Do you know at which task in the TS this action is performed ?
Best Regards
Hi,
Thanks for your reply.
Per my experience, the SkipAdminAccounts property is configured by CustomSettings.ini and performed during the Install Operating System task sequence step, the OSInstall property is provided out of the box. Refer to:
MDT TUTORIAL PART 4: CUSTOMSETTINGS.INI
Bset regards,
Simon
Hi,
Hope everything goes well. May we know the current status of the question? If there is any other assistance we can provide, please feel free to let us know, we will do our best to help you.
Thanks and regards,
Simon
Hi,
Thanks for your interest.
It still doesn't work.
I find nowhere in log any information which can lead me to a solution.
Here you can find my unattend if you see something : https://pastebin.com/JKFvnjDJ.
About the log, the only thing I see is what I've wrote earlier : <![LOG[Property Administrators001 is now = domain\user1]LOG]!>
Thanks for your help.
Best regards.
Hi,
Thanks for your reply.
This is a strange issue. I will do more research, if there is any update, I will let you know. Thanks for your understanding.
Best regards,
Simon
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(128, 8%, 22%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EA%3C/text%3E%3C/svg%3E)
which local admin group?
I have an script which add the user to local group
adding user to local admin group is a built in feature, you add user and they will be admin of the device if needed, you just need to set up the custom setting correctly.