mr_e_technician
asked on
how to remotely add my domain account to local admin group
Hello,
Im trying to remotely scan computers on my network to find information such as service tag, software inventory, windows user ID's, etc..using a third party software tool.
I am logged in to my PC as ourdomain\myuserID and I am not in the local admin group on the remote PC's. I am not a domain admin nor do I have access to edit GPO's, etc. I do have the local admin password for the local admin account. My question is: Is there a way to remotely add my domain account to the local administrators group of the remote PC's?
thanks
Im trying to remotely scan computers on my network to find information such as service tag, software inventory, windows user ID's, etc..using a third party software tool.
I am logged in to my PC as ourdomain\myuserID and I am not in the local admin group on the remote PC's. I am not a domain admin nor do I have access to edit GPO's, etc. I do have the local admin password for the local admin account. My question is: Is there a way to remotely add my domain account to the local administrators group of the remote PC's?
thanks
Nope - not unless you have domain admin priveledges, or the local admin credentials for the remote PC...sorry.
ASKER
When you say local admin credentials do you mean the local admin password? I do have the local admin passwords for each workstation.
Is it the same for each system?
ASKER
Mostly, there are about 3 variations throughout the WAN
I do have the local admin password for the local admin account. My question is: Is there a way to remotely add my domain account to the local administrators group of the remote PC's?
Have you tried doing this?
1. Right click My computer | Manage
2. Right click Computer Management (Local) | Connect to another computer
3. key in the computer name of the remote PC
4. If it asks you for a username and password, key in \\localcomputername\locala dminaccoun tname and the password
5. add your domain account in the local Administrators group
Have you tried doing this?
1. Right click My computer | Manage
2. Right click Computer Management (Local) | Connect to another computer
3. key in the computer name of the remote PC
4. If it asks you for a username and password, key in \\localcomputername\locala
5. add your domain account in the local Administrators group
It should probably prompt for Domain Admin credentials when doing this, because it is going to query AD and the local admin probably doesnt have the rights to do so.
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
Thanks for all the comments, Ive been pretty slammed at work and haven't had a chance to "try and reply".
Since I am logged in to my Laptop with my domain account, right clicking my comp and attempting to manage another PC does not prompt me for an ID/password. But when I try to add myself to the local admin group, I get access denied.
I did try the command line 'net use' command and that seemed to work, but strangely. After running the first command it said command completed successfully. The second command said I was already in the admin group, but I know for a fact that I was not. However when I run those commands on a specific IP of a workstation AND THEN try the right click manage, manage remote pc, etc. It works without giving me the access denied message. I have to do this by IP because ping -a is not giving me any names for some reason...
Any insights as to why this is happening or ideas on how to automate this for multiple PC's? Right now the only way I can do it is one at a time...
ASKER
The other questions will be posted separately
thanks -
Here is a best method and solution for ur request:
Download PSTools from sysinternals and use the below script and create a bat file. Its cool.
psexec \\"remote server name" net localgroup "Administrators" "Domainname/group name" /ADD
Cheers
Download PSTools from sysinternals and use the below script and create a bat file. Its cool.
psexec \\"remote server name" net localgroup "Administrators" "Domainname/group name" /ADD
Cheers