Working at an MSP, I’ve been trying to script a lot of the repetitious tasks I have to do with Powershell. One of the smaller ones is hiding a local admin account on non domain computers.
Usually, I would have to navigate into the registry to HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsNT\CurrentVersion\Winlogon and create a new key, called SpecialAccounts, and then another new key called UserList and then add a new dword value with the name of the account. That’s a lot of work!
Today, I fired up Google and Powershell ISE and came up with this simple, simple script:
New-Item -Path “HKLM:\Software\Microsoft\Windows NT\CurrentVersion\Winlogon” -Name SpecialAccounts –Force
New-Item -Path “HKLM:\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\SpecialAccounts” -Name UserList –Force
New-ItemProperty “HKLM:\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\SpecialAccounts\UserList” -Name “[LOCAL ACCOUNT NAME]” -Value 1 -PropertyType “DWord”
Saved it as a PS1 script file and ran it on my computer successfully.