I have a state job myself....and anything computer related is tracked. And tracked well. If this is a public school, then you can count on things being monitored. I don't know about the private sector, but I imagine that things like this are tagged and forwarded for review even there. Be careful young one......
+1 to that. It's not a case of whether the new users could do anything, it's the fact that you're adding users to a system without authorisation. From a legal standpoint the fact that they're deleted when the computer restarts and the fact that they may not be able to do anything is irrelevant.
Yes, you're only messing around and seeing what you can do with a few batch files, and I believe you on that. But the naturally suspicious admin that doesn't like anyone playing around with his network probably won't, from his standpoint it'll probably look as though you were creating users to exploit the network in some way.
Yes, things should be locked down properly and personally I think the law should be seriously slackened in this respect to give all the idiots that can't be bothered to secure things properly a kick up the backside. It might actually see people securing things properly for a change! But practically, that isn't going to happen.
In short, while your actions aren't malicious, adding users to a system without any authorisation can easily be seen as such - and can therefore can land you in very hot water indeed.