Add a user to the administrator group in group policy?

Posted on 2007-10-19
Medium Priority
Last Modified: 2010-06-25
In group policy how do I add the user NT AUTHORITY\INTERACTIVE to the Administrator Group on all my systems?
Question by:USBMHC
  • 2
LVL 24

Accepted Solution

Kenneniah earned 1500 total points
ID: 20112335
Best would probably be Restricted Groups.

That said, I would not suggest putting NT AUTHORITY\INTERACTIVE into Administrators. In effect, you'd be giving everyone administrative access. Any interactively logged in user  also has the permissions of NT AUTHORITY\INTERACTIVE
LVL 24

Expert Comment

ID: 20112418
For example...log in as any user, go to a command prompt and type...
whoami /groups

You will always see NT AUTHORITY\INTERACTIVE as one of your group memberships when you are logged in locally.
When connecting to a computer remotely (IE accessing a network share) you do not gain this membership however.

Author Comment

ID: 20112618
I'm actualy adding this to the GPO file of a local system that I will be imaging. Its important that we have this on our systems to make sure that anyone that logs into the machine is a Administrator on it and can run software that requires Administrator access.

Expert Comment

ID: 33076531
I just used this method but I didn't add the INTERACTIVE group... I created a more restrictive group (but more open than Domain Admins) and added that group to local administrators.

It's very helpful to have this functionality.

Featured Post


Modern healthcare requires a modern cloud. View this brief video to understand how the Concerto Cloud for Healthcare can help your organization.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Sometimes clients can lose connectivity with the Lotus Notes Domino Server, but there's not always an obvious answer as to why it happens.   Read this article to follow one of the first experiences I had with Lotus Notes on a client's machine, my…
Compliance and data security require steps be taken to prevent unauthorized users from copying data.  Here's one method to prevent data theft via USB drives (and writable optical media).
With the advent of Windows 10, Microsoft is pushing a Get Windows 10 icon into the notification area (system tray) of qualifying computers. There are many reasons for wanting to remove this icon. This two-part Experts Exchange video Micro Tutorial s…
Windows 10 is mostly good. However the one thing that annoys me is how many clicks you have to do to dial a VPN connection. You have to go to settings from the start menu, (2 clicks), Network and Internet (1 click), Click VPN (another click) then fi…
Suggested Courses

850 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question