I am trying to come up with a fully-automated script, that will remove all users from the local administrator group, except for the local administrator and domain admins accounts. What I have now works, but I have to specify the computer name. It would be nice if I could run the hostname command, then have the script input that information as the computer name (sNode in the script). The idea would then be to apply the script to users via Group Policy. Any ideas?
sNode = "Computer/Hostname"
On Error Resume Next
Set oGrpAdmin = GetObject("WinNT://" & sNode & "/Administrators")
For Each oAdminGrpUsr In oGrpAdmin.Members
If sAdminGrpUsr <> "Administrator" AND sAdminGrpUsr <> "Domain Admins" Then