Solved

how to remotely add my domain account to local admin group

Posted on 2007-04-03
10
686 Views
Last Modified: 2010-08-05
Hello,

Im trying to remotely scan computers on my network to find information such as service tag, software inventory, windows user ID's, etc..using a third party software tool.

I am logged in to my PC as ourdomain\myuserID and I am not in the local admin group on the remote PC's. I am not a domain admin nor do I have access to edit GPO's, etc. I do have the local admin password for the local admin account. My question is: Is there a way to remotely add my domain account to the local administrators group of the remote PC's?

thanks
0
Comment
Question by:mr_e_technician
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
10 Comments
 
LVL 67

Expert Comment

by:sirbounty
ID: 18846991
Nope - not unless you have domain admin priveledges, or the local admin credentials for the remote PC...sorry.
0
 

Author Comment

by:mr_e_technician
ID: 18847664
When you say local admin credentials do you mean the local admin password? I do have the local admin passwords for each workstation.
0
 
LVL 67

Expert Comment

by:sirbounty
ID: 18847682
Is it the same for each system?
0
Forrester Webinar: xMatters Delivers 261% ROI

Guest speaker Dean Davison, Forrester Principal Consultant, explains how a Fortune 500 communication company using xMatters found these results: Achieved a 261% ROI, Experienced $753,280 in net present value benefits over 3 years and Reduced MTTR by 91% for tier 1 incidents.

 

Author Comment

by:mr_e_technician
ID: 18847692
Mostly, there are about 3 variations throughout the WAN
0
 
LVL 1

Expert Comment

by:DARKMOON
ID: 18848199
I do have the local admin password for the local admin account. My question is: Is there a way to remotely add my domain account to the local administrators group of the remote PC's?

Have you tried doing this?

1. Right click My computer | Manage
2. Right click Computer Management (Local) | Connect to another computer
3. key in the computer name of the remote PC
4. If it asks you for a username and password, key in \\localcomputername\localadminaccountname and the password
5. add your domain account in the local Administrators group
0
 
LVL 66

Expert Comment

by:johnb6767
ID: 18848432
It should probably prompt for Domain Admin credentials when doing this, because it is going to query AD and the local admin probably doesnt have the rights to do so.
0
 
LVL 7

Accepted Solution

by:
tymes earned 250 total points
ID: 18850609
DARKMOON's suggestion should work.

You may just want to establish credentials remotely using the local accounts and not bother with the domain at all...

net use \\%remotemachine%\ipc$  /user:%remotemachine%\localadmin password

At this point you may be able to do whatever you wanted to do without needing to add your account... or after that step you would want to remotely locally run this command....

net localgroup administrators domain\myuserID /add

You would do this with wmi remote scripting or PSEXEC from sysinternals, this is the non-gui version of DARKMOON's suggestion, but as such it could be automated and you could do 20 machines quickly.
0
 

Author Comment

by:mr_e_technician
ID: 18867654

Thanks for all the comments, Ive been pretty slammed at work and haven't had a chance to "try and reply".

Since I am logged in to my Laptop with my domain account, right clicking my comp and attempting to manage another PC does not prompt me for an ID/password. But when I try to add myself to the local admin group, I get access denied.

I did try the command line 'net use' command and that seemed to work, but strangely. After running the first command it said command completed successfully. The second command said I was already in the admin group, but I know for a fact that I was not. However when I run those commands on a specific IP of a workstation AND THEN try the right click manage, manage remote pc, etc. It works without giving me the access denied message. I have to do this by IP because ping -a is not giving me any names for some reason...

Any insights as to why this is happening or ideas on how to automate this for multiple PC's? Right now the only way I can do it is one at a time...
0
 

Author Comment

by:mr_e_technician
ID: 18877944

The other questions will be posted separately
thanks -
0
 
LVL 5

Expert Comment

by:kumar_jac
ID: 24664086
Here is a best method and solution for ur request:
Download PSTools from sysinternals and use the below script and create a bat file. Its cool.
psexec  \\"remote server name"  net localgroup "Administrators" "Domainname/group name" /ADD
 Cheers
 
0

Featured Post

PeopleSoft Has Never Been Easier

PeopleSoft Adoption Made Smooth & Simple!

On-The-Job Training Is made Intuitive & Easy With WalkMe's On-Screen Guidance Tool.  Claim Your Free WalkMe Account Now

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

This article is a collection of issues that people face from time to time and possible solutions to those issues. I hope you enjoy reading it.
I was prompted to write this article after the recent World-Wide Ransomware outbreak. For years now, System Administrators around the world have used the excuse of "Waiting a Bit" before applying Security Patch Updates. This type of reasoning to me …
In this video, we discuss why the need for additional vertical screen space has become more important in recent years, namely, due to the transition in the marketplace of 4x3 computer screens to 16x9 and 16x10 screens (so-called widescreen format). …
With the advent of Windows 10, Microsoft is pushing a Get Windows 10 icon into the notification area (system tray) of qualifying computers. There are many reasons for wanting to remove this icon. This two-part Experts Exchange video Micro Tutorial s…

751 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question