A. The simple answer is to use the net user <username> <password> /add (/domain) , however it is possible to automate not only the addition of the user, but also his/her addition to groups and the creation of a template user account directory structure. Many organizations have a basic structure with word, excel directories and some template files. This can be automated with a basic script. For example
addnew.bat net user %1 password /add /homedir:\\<server>\users\%1 /scriptpath:login.bat /domain net localgroup "<local group>" %1 /add repeat for local groups net group "<groups>" %1 /add /domain repeat for global groups xcopy \\<server>\users\template \\<server>\users\%1 /e nltest /sync /server:BDCname repeat for all BDCs you might be authenticating to sleep 20 cacls \\<server>\users\%1 /e /r Everyone remove the everyone permission to the directory cacls \\<server>\users\%1 /g %1:F /e cacls \\<server>\users\%1 /g Administrators:F /e
The nltest commands are needed as otherwise it fails to do the cacls command, since the user account does not exist on the BDC to which you are authenticating as only the PDC has been updated.