Improve company productivity with a Business Account.Sign Up

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 1852
  • Last Modified:

Dynamically adding domain account to local administrator group

Does anyone know of a way to add a users domain account to the local administrator group on any machine that they log into on the domain.  We are trying to setup a way for users to login and have full rights to the computer that they login to without us having to add them to the local administrators group by hand.  Thanks for the help.
0
jsmall562
Asked:
jsmall562
  • 3
  • 2
1 Solution
 
RDAdamsCommented:
Create a global group LocalAdmin ensure this group exists on each computer as administrator

example domain-x\LocalAdmin as a member on each computer in Administrator group

Add users who need local admin to this group as needed.  If they no longer need the access then remove them from the group.  
0
 
RDAdamsCommented:
You still need to add to each computer but this could be done via a script or batch file.
0
 
jsmall562Author Commented:
RDAdams - I appreciate the response.... I have already thought of doing that to be honest but like you said that will still require adding that group to each computer.  You are correct in that I could do that withy a script but unfortunately my scripting skills arent quite that good yet.  If you could give me an example of a script that would do this that would be very helpful.  Thanks for the help.
0
 
RDAdamsCommented:
see http://www.myitforum.com/articles/11/view.asp?id=2457


Add Global Groups to Local Admin Group
 
By: Rod Trent
Posted On: 3/25/2002

Use this script to add global (domain) groups to the local Administrators group.

Modify the items in bold to your specific information.

Copy and paste the following script (between the lines) into Notepad, making sure to have Word Wrap disabled, then save it with a .vbs extension.

==================================
On Error Resume Next

'get main objects/variables
Set ws = WScript.CreateObject ( "WScript.Shell" )
compname = ws.ExpandEnvironmentStrings ( "%COMPUTERNAME%" )
Set adGrp = GetObject ( "WinNT://" & compname & "/Administrators,group" )

'add domain groups to local admin group
adGrp.Add ( "WinNT://domain/groupname,group" )
adGrp.Add ( "WinNT://domain/groupname,group" )

'handle errors
If (Err.Number <> 0) Then
strError = "AddAdmins.vbs was unable to add the specified groups to the local Administrators group."
strError = strError & vbCrLf & vbCrLf
strError = strError & "Error #: " & Err.Number & vbCrLf
strError = strError & "Source: " & Err.Source & vbCrLf
strError = strError & "Description: " & Err.Description & vbCrLf
ws.LogEvent 1, strError
Else
ws.LogEvent 0, "The local Administrators group was successfully updated."
End If
==================================

NOTE: Make sure you have the latest scripting engines on the workstation you run this script from. Download the latest scripting engines here: Microsoft Scripting Home Page
 
 
0
 
jsmall562Author Commented:
Thanks for the quick response!!  I appreciate the help, this should work out perfect.
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

Join & Write a Comment

Featured Post

Improve Your Query Performance Tuning

In this FREE six-day email course, you'll learn from Janis Griffin, Database Performance Evangelist. She'll teach 12 steps that you can use to optimize your queries as much as possible and see measurable results in your work. Get started today!

  • 3
  • 2
Tackle projects and never again get stuck behind a technical roadblock.
Join Now