Solved

Automated removal of users from Local Admins Group?

Posted on 2004-04-27
4
131 Views
Last Modified: 2010-04-13
Hey folks,

I'm looking to set up something and automate it through GPO or login script.  What I want to do is remove all individual users from the local admins group on workstations through the domain and add one or two groups to the local admins.

If there was a way to make sure it only happened on 2KPro and XP machines as opposed to servers that would help too.  Any ideas?

Thanks in advance!

- Chris
0
Comment
Question by:cbarbere
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
4 Comments
 
LVL 41

Accepted Solution

by:
graye earned 50 total points
ID: 10935394
Rather than do this thru a GPO or login script directly... there is another way.

Take a look at the "Restricted Groups" sections of a Domain Security Policy.  It will allow you to "lock down" a group to only those folks that you want.  

http://msdn.microsoft.com/library/default.asp?url=/library/en-us/gp/611.asp

BTW: Like a lot of GPO-related things, users are free to add/delete members of that group, but on next reboot (or next application of the Security Policy) everything will be converted back to the way you want it.
0

Featured Post

Comprehensive Backup Solutions for Microsoft

Acronis protects the complete Microsoft technology stack: Windows Server, Windows PC, laptop and Surface data; Microsoft business applications; Microsoft Hyper-V; Azure VMs; Microsoft Windows Server 2016; Microsoft Exchange 2016 and SQL Server 2016.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

NTFS file system has been developed by Microsoft that is widely used by Windows NT operating system and its advanced versions. It is the mostly used over FAT file system as it provides superior features like reliability, security, storage, efficienc…
Ever wonder what it's like to get hit by ransomware? "Tom" gives you all the dirty details first-hand – and conveys the hard lessons his company learned in the aftermath.
Monitoring a network: why having a policy is the best policy? Michael Kulchisky, MCSE, MCSA, MCP, VTSP, VSP, CCSP outlines the enormous benefits of having a policy-based approach when monitoring medium and large networks. Software utilized in this v…
Monitoring a network: how to monitor network services and why? Michael Kulchisky, MCSE, MCSA, MCP, VTSP, VSP, CCSP outlines the philosophy behind service monitoring and why a handshake validation is critical in network monitoring. Software utilized …

636 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question