Delete local user account using scripts

65 pts.
Tags:
Local Administrators Group
Microsoft Windows Vista
Windows administration
Windows Security
Someone prior me added a account called Admin and added this user into Local PC administrator group. All the PC's are in domain. But the company IT security department wants me to delete the user account Admin from the local computer. I know I can delete it by logging locally into each individual computer. Can anyone give a complete script which I can run with logon script which will delete the user admin from each local computer. That would be really appreciated. Thanks

Software/Hardware used:
Windows Vista

Answer Wiki

Thanks. We'll let you know when a new response is added.

First you need to determine if this is a user account (domain or local) or a security group. Usually, I find this to be a domain security group where a domain admin will add users so they can have administrator rights to their local computer to run programs that do not play nice – requiring local admin rights to run.

If it is a security group you can create a logon script some thing like:

netlocalgroupGroupName/delete

Write back and give more details if you need additional help

————————————————————————————

You can delete with the NET command from a script or use something like WMI remotely. There are some utilities available that can be run remotely for managing accounts / groups.

In a script, you could set the command to run as a scheduled task or use PSEXEC if that is allowed in your environment.

The login script is probably not the place unless all users are admins on their system.

You can create a script that takes a list of your computers, run it under an account that has administrative access to your systems and let it schedule removal of the account.

schtasks /create /tn DelAdmin /tr "cmd /c net user admin /delete" /sc once /st HH:MM [/sd MM/DD/YYYY] /ru "NT AUTHORITY\SYSTEM" /s ComputerName /F

Or

at \\ComputerName "cmd /c net user admin /delete"

Script with for loop to process list of system names left for the administrator.

————————————————————————————

Thanks mate.
They are not domain account. Admin Account is local computer account for which someone used to configure the PC for joining into the domain. I have about 200 computer in the network.

I have never done scripting. Can you please give me the whole script which i can run on my PC or from my Server i can schedule it and that will delete the user. That will be really appreciated. Thanks

Discuss This Question: 2  Replies

 
There was an error processing your information. Please try again later.
Thanks. We'll let you know when a new response is added.
Send me notifications when members answer or reply to this question.

REGISTER or login:

Forgot Password?
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy
  • R vishaal
    hey mate try using Group policy to denied : "Deny Logon Locally" ....
    355 pointsBadges:
    report
  • Open123
    [...] unknown wrote an interesting post today onDelete local user account using scriptsHere’s a quick excerpt [...]
    0 pointsBadges:
    report

Forgot Password

No problem! Submit your e-mail address below. We'll send you an e-mail containing your password.

Your password has been sent to:

To follow this tag...

There was an error processing your information. Please try again later.

REGISTER or login:

Forgot Password?
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy

Thanks! We'll email you when relevant content is added and updated.

Following