[Okta Webinar] Learn how to a build a cloud-first strategyRegister Now

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 588
  • Last Modified:

Adding domain user to local administrators group via script

Hi I want to automate a little chore. I have to add a small number of domain users to the local administrators group on a regular basis. This little script does exactly what I need except I have to enter the COMPUTERNAME. Instead I would like it to run on the machine currently on, I will execute this script on the physical machine, no logon scripts or GPO's involved, just off a thumbdrive or something.

strComputer = "COMPUTERNAME"
Set objGroup = GetObject("WinNT://" & strComputer & "/Administrators")
Set objUser = GetObject("WinNT://domain/userid")
objGroup.Add(objUser.ADsPath)
strComputer = "COMPUTERNAME"
Set objGroup = GetObject("WinNT://" & strComputer & "/Administrators")
Set objUser = GetObject("WinNT://domain/userid")
objGroup.Add(objUser.ADsPath)

So I want this to run without the need to enter the COMPUTERNAME string.

oh source:

http://blogs.technet.com/b/heyscriptingguy/archive/2004/10/08/how-can-i-add-a-domain-user-to-a-local-administrators-group.aspx

0
it_techie
Asked:
it_techie
  • 2
  • 2
  • 2
  • +1
2 Solutions
 
oBdACommented:
Try this:

Set objShell = CreateObject( "WScript.Shell" )
strComputer = objShell.ExpandEnvironmentStrings("%ComputerName%")
Set objGroup = GetObject("WinNT://" & strComputer & "/Administrators")
Set objUser = GetObject("WinNT://domain/userid")
objGroup.Add(objUser.ADsPath)
strComputer = "COMPUTERNAME"
Set objGroup = GetObject("WinNT://" & strComputer & "/Administrators")
Set objUser = GetObject("WinNT://domain/userid")
objGroup.Add(objUser.ADsPath)

Open in new window

0
 
rbartczakCommented:
local computer strComputer = "."
0
 
rickardcCommented:
I do exactly the same.  This is the script I use via a logon script, but it will work equally well by just running it from the machine in question
on error resume next
'option explicit
dim hostname
dim LocalGroup
dim DomainUsername(1)
dim DomainGroupName(1)
dim Domain

LocalGroup="Administrators"									'The local group you need to add users to
DomainName="XXXXXXX ENTER YOUR DOMAIN HERE XXXXXXXXX"										'NETBIOS name of the domain where to get the domain users and groups
'*********************************************************************************************
'												Add as many domain users or groups to these arrays
DomainUsername(1)=""

DomainGroupName(1)="Domain Users"
'DomainGroupName(2)="Contractors"
'*********************************************************************************************

set ws = Wscript.Createobject ("Wscript.Shell")							'Get the hostname of the local PC
Hostname = ws.ExpandEnvironmentStrings("%COMPUTERNAME%")


set ADGroup = GetObject ("WinNT://" & hostname & "/Administrators,group")			'get the local admin group
if err.number <> 0  then
	'msgbox err.description
else
	'msgbox "Got local group"
end if

for i = 1 to ubound(DomainGroupName)								'Add the domain group(s)
	if DomainGroupName(i) <> "" then								
		adgroup.add ("winnt://" & DomainName & "/" & DomainGroupName(i) & ",group")
		'msgbox "winnt://" & DomainName & "/" & DomainGroupName(i) & ",group"
		if err.number <> 0  then
			'msgbox err.description
		else
			'msgbox "added group"
		end if
	end if
next

for i = 1 to ubound(DomainUsername)								'Add the domain user(s)
	if DomainUsername(i) <> "" then	
		adgroup.add ("winnt://" & DomainName & "/" & DomainUsername(i) & ",user")
		'msgbox "winnt://" & DomainName & "/" & DomainUsername(i) & ",user"
		if err.number <> 0  then
			'msgbox err.description
		else
			'msgbox "added user"
		end if
	end if
next

Open in new window

0
Get free NFR key for Veeam Availability Suite 9.5

Veeam is happy to provide a free NFR license (1 year, 2 sockets) to all certified IT Pros. The license allows for the non-production use of Veeam Availability Suite v9.5 in your home lab, without any feature limitations. It works for both VMware and Hyper-V environments

 
it_techieAuthor Commented:
rbartczak: that works..plain & simple

rickardc:how would that look, with for example domain fabrikam.com and users:

lda24454
nsa45675
ndd36456

Does the extra code give me any added functionality

p.s. by the looks of your script I would still need to enter a computername?
0
 
it_techieAuthor Commented:
strComputer = "."
Set objGroup = GetObject("WinNT://" & strComputer & "/Administrators")
Set objUser = GetObject("WinNT://domain/userid")
objGroup.Add(objUser.ADsPath)
strComputer = "."
Set objGroup = GetObject("WinNT://" & strComputer & "/Administrators")
Set objUser = GetObject("WinNT://domain/userid")
objGroup.Add(objUser.ADsPath)

This crashes if a user is already a member of the administrators group, any way for the script to continue regardless?
0
 
rickardcCommented:
This line gets the name of the computer you run it on.
Hostname = ws.ExpandEnvironmentStrings("%COMPUTERNAME%")

most of the "extra code" is for error checking.  This script also allows you to add more than one user to the group.  As it is, it will add domain users, and could also add contractors (which is commented out at the moment)
0
 
oBdACommented:
For the sake of completeness: I forgot to remove line 6 ("strComputer = "COMPUTERNAME"") when copying and pasting your script. And assuming you want to add two users, you actually don't need the second "Set ObjGroup=" line, either.
To continue with the script (once you've tested it) add
On Error Resume Next

On Error Resume Next
Set objShell = CreateObject("WScript.Shell")
strComputer = objShell.ExpandEnvironmentStrings("%ComputerName%")
Set objGroup = GetObject("WinNT://" & strComputer & "/Administrators")
Set objUser = GetObject("WinNT://domain/userid")
objGroup.Add(objUser.ADsPath)
Set objUser = GetObject("WinNT://domain/userid")
objGroup.Add(objUser.ADsPath)

Open in new window

0

Featured Post

Upgrade your Question Security!

Add Premium security features to your question to ensure its privacy or anonymity. Learn more about your ability to control Question Security today.

  • 2
  • 2
  • 2
  • +1
Tackle projects and never again get stuck behind a technical roadblock.
Join Now