How to Manage Windows Workgroup Machines in an Active Directory Environment
- Last updated: Nov 9, 2024
It's quite rare, but we can sometimes find Microsoft Windows Home Edition PC in company networks, or computers that we can't integrate into the domain (machines that aren't fully managed by the IT department). These computers cannot be added to the Active Directory, but they often need access to network resources, such as file shares. Here are a few commands to help you manage this.
The commands
- Adding a network share:
net use X: \\192.168.1.251\share user_password /USER:domainame\my_user /PERSISTENT:YES
- Adding credentials to Windows Vault:
cmdkey /add:192.168.1.251 /user:my_user /pass:domainame\user_password
- Add a local user:
net user admin_account AdminPass! /add
- Set password to never expire:
WMIC USERACCOUNT WHERE Name='admin_account' SET PasswordExpires=FALSE
- Add a local user to local administrators group:
net localgroup administrators admin_account /add
Batch Script
We can write a .bat file to automate this operation.
@echo off
set USER=domainame\user01
set PASSWD=MyUser01Password
net use X: \\192.168.1.251\share %PASSWD% /USER:%USER% /PERSISTENT:YES
net use Y: \\192.168.1.251\scans %PASSWD% /USER:%USER% /PERSISTENT:YES
cmdkey /add:192.168.1.251 /user:%USER% /pass:%PASSWD%
net user admin_account AdminPass! /add
net localgroup administrators admin_account /add
Note
Password escape characters
If you want to use special characters for your users passwords, you need to know that you'll need escape characters. Here's a list of some special characters and their escape sequences.
Character | Escape Sequence |
---|---|
> | ^> |
& | ^& |
" | \" |
< | ^< |
| | ^| |
^ | ^^ |
Example
- Add user admin with password >&"|assword:
net user admin ^>^&\"^|asword /add