How to Manage Windows Workgroup Machines in an Active Directory Environment

• Last updated: Nov 9, 2024

It's quite rare, but we can sometimes find Microsoft Windows Home Edition PC in company networks, or computers that we can't integrate into the domain (machines that aren't fully managed by the IT department). These computers cannot be added to the Active Directory, but they often need access to network resources, such as file shares. Here are a few commands to help you manage this.

The commands

• Adding a network share:

net use X: \\192.168.1.251\share user_password /USER:domainame\my_user /PERSISTENT:YES

• Adding credentials to Windows Vault:

cmdkey /add:192.168.1.251 /user:my_user /pass:domainame\user_password

• Add a local user:

net user admin_account AdminPass! /add

• Set password to never expire:

WMIC USERACCOUNT WHERE Name='admin_account' SET PasswordExpires=FALSE

• Add a local user to local administrators group:

net localgroup administrators admin_account /add

Batch Script

We can write a .bat file to automate this operation.

@echo off set USER=domainame\user01 set PASSWD=MyUser01Password net use X: \\192.168.1.251\share %PASSWD% /USER:%USER% /PERSISTENT:YES net use Y: \\192.168.1.251\scans %PASSWD% /USER:%USER% /PERSISTENT:YES cmdkey /add:192.168.1.251 /user:%USER% /pass:%PASSWD% net user admin_account AdminPass! /add net localgroup administrators admin_account /add

Note

Password escape characters

If you want to use special characters for your users passwords, you need to know that you'll need escape characters. Here's a list of some special characters and their escape sequences.

Character	Escape Sequence
>	^>
&	^&
"	\"
<	^<
|	^|
^	^^

Example

• Add user admin with password >&"|assword:

net user admin ^>^&\"^|asword /add