Create Local Accounts in AD Bridge

After you join a domain, AD Bridge Enterprise creates two local user accounts:

  • ComputerName\Administrator: The account is disabled until you run mod-user with the root account. You are prompted to reset the password the first time you use the account.
  • ComputerName\Guest

You can view information about these accounts by executing the following command: /opt/pbis/bin/enum-users

Example output:

User info (Level-2):
====================
Name:                       EXAMPLE-01\Administrator
UPN:                        Administrator@EXAMPLE-01
Generated UPN:              YES
Uid:                        1500
Gid:                        1544
Gecos:                      <null>Shell: /bin/sh
Home dir:                   /
LMHash length:              0
NTHash length:              0
Local User:                 YES
Account disabled:           TRUE
Account Expired:            FALSE
Account Locked:             FALSE
Password never expires:     FALSE
Password Expired:           TRUE
Prompt for password change: YES
User can change password:   NO
Days till password expires: -149314


User info (Level-2):
====================
Name:                       EXAMPLE-01\Guest
UPN:                        Guest@EXAMPLE-01
Generated UPN:              YES
Uid:                        1501
Gid:                        1546
Gecos:                      <null>Shell: /bin/sh
Home dir:                   /tmp
LMHash length:              0
NTHash length:              0
Local User:                 YES
Account disabled:           TRUE
Account Expired:            FALSE
Account Locked:             TRUE
Password never expires:     FALSE
Password Expired:           FALSE
Prompt for password change: YES
User can change password:   NO
Days till password expires: -149314