diff --git a/wsl-oobe.sh b/wsl-oobe.sh
index ace2e51..5cb4a69 100644
--- a/wsl-oobe.sh
+++ b/wsl-oobe.sh
@@ -2,7 +2,8 @@
 
 # The Fedora WSL out of box experience script.
 #
-# This command runs the first time the user opens an interactive shell.
+# This command runs the first time the user opens an interactive shell if
+# `cloud-init` is not enabled.
 #
 # A non-zero exit code indicates to WSL that setup failed.
 
@@ -10,19 +11,75 @@ set -ueo pipefail
 
 DEFAULT_USER_ID=1000
 
-echo 'Please create a default user account. The username does not need to match your Windows username.'
-echo 'For more information visit: https://aka.ms/wslusers'
+function create_user() {
+  local rc=0
+
+  while true; do
+    read -r -p "Create a default Unix user account: " username
+
+    # Create the user.
+    rc=$(
+      set +e
+      /usr/sbin/useradd -m -G wheel --uid "$DEFAULT_USER_ID" "$username" > /dev/null
+      echo $?
+    )
+
+    case $rc in
+      # 3: invalid argument to option
+      # 19: Bad login name (since Fedora 42)
+      3 | 19)
+        echo "Invalid username. A valid username must start with a letter or underscore, and can contain letters, digits, underscores, dots, dashes and a dollar sign at the end."
+        continue
+        ;;
+      # 9: username or group name already in use
+      9)
+        echo "User \"$username\" already exists"
+        continue
+        ;;
+      0)
+        break
+        ;;
+      *)
+        echo "Unexpected error code from useradd: $rc"
+        break
+        ;;
+    esac
+  done
+}
+
+# When `cloud-init` is enabled it might take care of user creation and other bits, depending on its
+# configuration contained within the WSL image; or the WSL configuration as provided by the host.
+if systemctl is-enabled cloud-init.service > /dev/null ; then
+  echo 'cloud-init is enabled, skipping user account creation. Waiting for cloud-init to finish.'
+
+  # We need to run cloud-init in a sub-shell that disables errexit so we can inspect its error code
+  # Without the script exiting.
+  (set +e cloud-init status --wait > /dev/null 2>&1)
+
+  cloud_status=$?
+
+  # We only exit unsuccesfully on a cloud-init exit status of 1. This means an unrecoverable error,
+  # and the system might not be usable. Any other exit status (0 for success, or 2 for warning) can
+  # be ignored and happens commonly, for example when there is a default configuration but the fallback
+  # data source was used.
+  if [ "${cloud_status}" -eq 1 ]; then
+    echo 'cloud-init failed unrecoverably. Failed to provision system.'
+    cloud-init status --long
+    exit 1
+  fi
+
+  exit 0
+fi
 
 if getent passwd $DEFAULT_USER_ID > /dev/null ; then
   echo 'User account already exists, skipping creation'
   exit 0
 fi
 
-# Prompt from the username
-read -r -p 'Enter new UNIX username: ' username
+echo 'Please create a default user account. The username does not need to match your Windows username.'
+echo 'For more information visit: https://aka.ms/wslusers'
 
-# Create the user
-/usr/sbin/useradd -m -G wheel --uid $DEFAULT_USER_ID "$username"
+create_user
 
 cat > /etc/sudoers.d/wsluser << EOF
 # Ensure the WSL initial user can use sudo without a password.
@@ -33,13 +90,5 @@ cat > /etc/sudoers.d/wsluser << EOF
 $username ALL=(ALL) NOPASSWD: ALL
 EOF
 
-# Set the default user; necessary when this script is manually run in versions
-# of WSL prior to 2.4.
-cat >> /etc/wsl.conf << EOF
-
-[user]
-default = "$username"
-EOF
-
 echo 'Your user has been created, is included in the wheel group, and can use sudo without a password.'
 echo "To set a password for your user, run 'sudo passwd $username'"
diff --git a/wsl-setup b/wsl-setup
index 4722334..698ca18 100755
--- a/wsl-setup
+++ b/wsl-setup
@@ -54,6 +54,7 @@ case $key in
         DEFAULT_NAME="${2}"
         shift
       else
+        echo
         echo "ERROR: Name is not provided"
         echo
         usage
@@ -65,17 +66,26 @@ case $key in
         ICON_PATH="${2}"
         shift
       else
+        echo
         echo "ERROR: Icon full path is not provided"
         echo
         usage
         exit 2
       fi
 ;;
+--help | -h )
+      usage
+      exit 0
+;;
 * )
+    echo
+    echo "ERROR BAD OPTION: $key"
+    echo
     usage
     exit 2
 ;;
 esac
+shift
 done
 
 ###############
diff --git a/wsl-setup-tmpfiles.conf b/wsl-setup-tmpfiles.conf
index 23ba7b5..a9c3d1f 100644
--- a/wsl-setup-tmpfiles.conf
+++ b/wsl-setup-tmpfiles.conf
@@ -1 +1 @@
-L+ /tmp/.X11-unix - - - - /mnt/wslg/.X11-unix
+L /tmp/.X11-unix - - - - /mnt/wslg/.X11-unix
diff --git a/wsl-setup.spec b/wsl-setup.spec
index f4f8495..4c637a0 100644
--- a/wsl-setup.spec
+++ b/wsl-setup.spec
@@ -20,6 +20,9 @@ BuildRequires:  systemd-rpm-macros
 # Needed for the distribution icon
 Requires:       system-logos
 
+# Utilities used by the OOBE script
+Requires:       shadow-utils
+Requires:       systemd
 
 %description
 Provides WSL specific configuration files and first-time setup script.
@@ -64,7 +67,7 @@ install -Dpm0644 %{SOURCE5} %{buildroot}%{_unitdir}/systemd-firstboot.service.d/
 %files
 %{_bindir}/wsl-setup
 %config(noreplace) %{_sysconfdir}/wsl.conf
-%ghost %{_prefix}/lib/wsl-distribution.conf
+%ghost %attr(644, root, root) %{_prefix}/lib/wsl-distribution.conf
 %{_sysconfdir}/wsl-distribution.conf
 %dir %{_datarootdir}/wsl-setup/
 %{_datarootdir}/wsl-setup/wsl-distribution.conf.template