Skip to content

LocalUsers.adoc

Latest commit

 

History

History
177 lines (141 loc) · 3.71 KB

LocalUsers.adoc

File metadata and controls

177 lines (141 loc) · 3.71 KB

DSC Resource 'LocalUsers'

LocalUsers creates and manages local user accounts.

When to use 'LocalUsers'

Use this resource when you need to create or configure local user accounts on target nodes. This is used for service accounts, application accounts, or administrator accounts that need to exist locally on the machine (as opposed to Active Directory domain accounts managed by AddsDomainPrincipals).

Source

DSC Resource

Documentation
Table 1. Attributes of category 'LocalUsers'
Parameter Attribute DataType Description Allowed Values

Users

Hashtable[]

List of users to create.
Table 2. Selected Attributes of category 'LocalUsers/Users'
Parameter Attribute DataType Description Allowed Values

UserName

Key

String

Indicates the account name for which you want to ensure a specific state.

Password

PSCredential

Specifies a new password value for the account.

Ensure

String

Specifies whether the user account should be present or absent.

  • Present (default)

  • Absent

Disabled

Bool

Indicates if the account is enabled.

Set this property to $true to ensure that this account is disabled, and set it to $false to ensure that it is enabled.

  • True

  • False

FullName

String

Specifies the full name assigned to the user account.

Description

String

Indicates the description you want to use for the user account

PasswordChangeNotAllowed

Bool

Indicates if the user can change the password.

Set this property to $true to ensure that the user cannot change the password.

-True - False (default)

PasswordChangeRequired

Bool

Indicates if the user must change the password at the next sign in.

Set this property to $true if the user must change the password.

  • True (default)

  • False

PasswordNeverExpires

Bool

Indicates if the password will expire.

To ensure that the password for this account will never expire, set this property to $true.

-True - False (default)

MemberOf

String[]

List of Local Groups of the user.

Only Local groups are supported.
Example
LocalUsers:
  Users:
    - UserName: TestUser1
      Description: Standard Local User
      FullName: Test User 1
      Password: '[ENC=PE9ianM...=]'
      PasswordChangeNotAllowed: false
      PasswordChangeRequired: true
      PasswordNeverExpires: true
      Ensure: Present
      MemberOf:
        - BuiltIn\Users
    - UserName: TestUser2
      Description: Standard Local User with specific rights
      Password: '[ENC=PE9ianM...=]'
      Ensure: Present
      MemberOf:
        - Administrators
        - Users
Recommended Lookup Options in Datum.yml (Excerpt)
lookup_options:

  LocalUsers:
    merge_hash: deep
  LocalUsers\Users:
    merge_hash_array: UniqueKeyValTuples
    merge_options:
      tuple_keys:
        - UserName
See also