We help IT Professionals succeed at work.

How to add a domain group to the local Administrators group via GPO (AD 2003 Native)

Last Modified: 2012-08-14
I need to add a domain group to the Local Administrators group via Group Policy without restricting (deleting) existing accounts and groups which are already part of Local Administrators group.  Also, I need to reset a local admin password through GPO to a particular one as well.
Watch Question

Jeremy WeisingerSenior Network Consultant / Engineer

use the MemberOf instead of Member in Restricted Groups

I know of no way to change the password through Group Policy. You can rename the local Administrator account using Group Policy.

For changing the password you can use cusrmgr.exe
Unlock this solution and get a sample of our free trial.
(No credit card required)


I am trying to avoid enabling this through scripts.  I still would like to do it through GPO. thanks.
I'm pretty sure there is no way to change passwords directly using Group Policy.

The NET USER ADMINISTRATOR command suggested by krawz187 is the best bet. You do not need to encode the password in the script however...

Create a 'parameterised' startup script as follows;

@echo off
@NET USER Administrator %1

When you assign the script, you can set the required password in the command line parameters box.

I have not heard of any standard GPO templates that would allow you to change a password. It might be possible to create your own (I did a small amount of research into this) but it is not a simple task and would have to be really critical for me to warrent the time investment.

Using a script or making a small compiled program is going to be the simplest solution. If you don't have a programming tool like Visual Studio or C++ you can use a program like AutoIt. AutoIt is not quite as secure as a true compiled program but does afford some security.


BTW AutoIt is freeware. There is also a simillar tool called RunAs Pro (not freeware) that has a better compiler and provides a more secure app.

Gain unlimited access to on-demand training courses with an Experts Exchange subscription.

Get Access
Why Experts Exchange?

Experts Exchange always has the answer, or at the least points me in the correct direction! It is like having another employee that is extremely experienced.

Jim Murphy
Programmer at Smart IT Solutions

When asked, what has been your best career decision?

Deciding to stick with EE.

Mohamed Asif
Technical Department Head

Being involved with EE helped me to grow personally and professionally.

Carl Webster
CTP, Sr Infrastructure Consultant
Empower Your Career
Did You Know?

We've partnered with two important charities to provide clean water and computer science education to those who need it most. READ MORE

Ask ANY Question

Connect with Certified Experts to gain insight and support on specific technology challenges including:

  • Troubleshooting
  • Research
  • Professional Opinions
Unlock the solution to this question.
Thanks for using Experts Exchange.

Please provide your email to receive a sample view!

*This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.


Please enter a first name

Please enter a last name

8+ characters (letters, numbers, and a symbol)

By clicking, you agree to the Terms of Use and Privacy Policy.