MDT 2010 – Create a Task Sequence using PowerShell to Rename Local Administrator Account
I am working on to create a Windows 7 image using MDT 2010, one of the request is to rename the local administrator account in the image. I did this in XP build which I have no problem, rename the local admin account then capture the image. The deployed image will keep my renamed local admin account. But in Windows 7 image, I just can’t do that! I rename the admin account, capture the image. But when I deploy the captured image, the local admin account reverse back to “administrator”. The indication is this is by design, may have something to do with UAC?
Here is my solution, I built my “gold” image without trying to rename local admin account. I then deploy the captured image but add a task sequence to rename local admin account. There are some ways to do this, but with my PowerShell root, I decide to accomplish using PowerShell! Michael Niehaus has a blog about how to create a task sequence using PowerShell. All we need to do is to save our PowerShell script in the %ScriptRoot% folder and then reference it in the Task Sequence like
PowerShell.exe – File “%ScriptToot%\RenameLocalAdmin.ps1
But there is a catch, as we know by default, PowerShell set the execution policy to “restricted”, in order to run our PowerShell script, we need to change the execution policy to at least “Remotesigned”
Here is the exact command enlightened by this thread
Powershell.exe -command "Set-ExecutionPolicy RemoteSigned; cpi z:\scripts\RenameLocalAdmin.ps1 -Destination c:\; c:\RenameLocalAdmin.ps1; ri c:\RenameLocalAdmin.ps1; Set-ExecutionPolicy Restricted"
What it does is to set the ExecutionPolicy to “RemoteSigned” ;
Copy our script from %ScriptRoot% locally to the C drive;
Run the script; and delete the script from C drive;
Last but not least, set the ExecutionPolicy back to “Restricted”
Here is what’s in my RenameLocalAdmin.ps1
$admin=[adsi]"WinNT://./Administrator,user"
$admin.psbase.rename("whatever")
So now with this technique, running PowerShell Task Sequence in MDT 2010 is as easy as 1 – 2 – 3! :)