how to remotely add my domain account to local admin group

Hello,

Im trying to remotely scan computers on my network to find information such as service tag, software inventory, windows user ID's, etc..using a third party software tool.

I am logged in to my PC as ourdomain\myuserID and I am not in the local admin group on the remote PC's. I am not a domain admin nor do I have access to edit GPO's, etc. I do have the local admin password for the local admin account. My question is: Is there a way to remotely add my domain account to the local administrators group of the remote PC's?

thanks
mr_e_technicianAsked:
Who is Participating?
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

sirbountyCommented:
Nope - not unless you have domain admin priveledges, or the local admin credentials for the remote PC...sorry.
0
mr_e_technicianAuthor Commented:
When you say local admin credentials do you mean the local admin password? I do have the local admin passwords for each workstation.
0
sirbountyCommented:
Is it the same for each system?
0
Cloud Class® Course: MCSA MCSE Windows Server 2012

This course teaches how to install and configure Windows Server 2012 R2.  It is the first step on your path to becoming a Microsoft Certified Solutions Expert (MCSE).

mr_e_technicianAuthor Commented:
Mostly, there are about 3 variations throughout the WAN
0
DARKMOONCommented:
I do have the local admin password for the local admin account. My question is: Is there a way to remotely add my domain account to the local administrators group of the remote PC's?

Have you tried doing this?

1. Right click My computer | Manage
2. Right click Computer Management (Local) | Connect to another computer
3. key in the computer name of the remote PC
4. If it asks you for a username and password, key in \\localcomputername\localadminaccountname and the password
5. add your domain account in the local Administrators group
0
johnb6767Commented:
It should probably prompt for Domain Admin credentials when doing this, because it is going to query AD and the local admin probably doesnt have the rights to do so.
0
tymesCommented:
DARKMOON's suggestion should work.

You may just want to establish credentials remotely using the local accounts and not bother with the domain at all...

net use \\%remotemachine%\ipc$  /user:%remotemachine%\localadmin password

At this point you may be able to do whatever you wanted to do without needing to add your account... or after that step you would want to remotely locally run this command....

net localgroup administrators domain\myuserID /add

You would do this with wmi remote scripting or PSEXEC from sysinternals, this is the non-gui version of DARKMOON's suggestion, but as such it could be automated and you could do 20 machines quickly.
0

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
mr_e_technicianAuthor Commented:

Thanks for all the comments, Ive been pretty slammed at work and haven't had a chance to "try and reply".

Since I am logged in to my Laptop with my domain account, right clicking my comp and attempting to manage another PC does not prompt me for an ID/password. But when I try to add myself to the local admin group, I get access denied.

I did try the command line 'net use' command and that seemed to work, but strangely. After running the first command it said command completed successfully. The second command said I was already in the admin group, but I know for a fact that I was not. However when I run those commands on a specific IP of a workstation AND THEN try the right click manage, manage remote pc, etc. It works without giving me the access denied message. I have to do this by IP because ping -a is not giving me any names for some reason...

Any insights as to why this is happening or ideas on how to automate this for multiple PC's? Right now the only way I can do it is one at a time...
0
mr_e_technicianAuthor Commented:

The other questions will be posted separately
thanks -
0
kumar_jacCommented:
Here is a best method and solution for ur request:
Download PSTools from sysinternals and use the below script and create a bat file. Its cool.
psexec  \\"remote server name"  net localgroup "Administrators" "Domainname/group name" /ADD
 Cheers
 
0
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Microsoft Legacy OS

From novice to tech pro — start learning today.