Add a user to the administrator group in group policy?

In group policy how do I add the user NT AUTHORITY\INTERACTIVE to the Administrator Group on all my systems?
Who is Participating?
KenneniahConnect With a Mentor Commented:
Best would probably be Restricted Groups.

That said, I would not suggest putting NT AUTHORITY\INTERACTIVE into Administrators. In effect, you'd be giving everyone administrative access. Any interactively logged in user  also has the permissions of NT AUTHORITY\INTERACTIVE
For example...log in as any user, go to a command prompt and type...
whoami /groups

You will always see NT AUTHORITY\INTERACTIVE as one of your group memberships when you are logged in locally.
When connecting to a computer remotely (IE accessing a network share) you do not gain this membership however.
USBMHCAuthor Commented:
I'm actualy adding this to the GPO file of a local system that I will be imaging. Its important that we have this on our systems to make sure that anyone that logs into the machine is a Administrator on it and can run software that requires Administrator access.
I just used this method but I didn't add the INTERACTIVE group... I created a more restrictive group (but more open than Domain Admins) and added that group to local administrators.

It's very helpful to have this functionality.
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.