Solved

Adding domain user to local administrators group via script¿

Posted on 2010-08-18
9
900 Views
Last Modified: 2013-12-24
strComputer = "."
Set objGroup = GetObject("WinNT://" & strComputer & "/Administrators")
Set objUser = GetObject("WinNT://domain/userid")
objGroup.Add(objUser.ADsPath)
strComputer = "."
Set objGroup = GetObject("WinNT://" & strComputer & "/Administrators")
Set objUser = GetObject("WinNT://domain/userid")
objGroup.Add(objUser.ADsPath)

This crashes if a user is already a member of the administrators group, any way for the script to continue regardless?
0
Comment
Question by:it_techie
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
9 Comments
 
LVL 20

Expert Comment

by:woolnoir
ID: 33466219
How about ?

Set objGroup = GetObject("WinNT://" & strComputer & "/Administrators")
Set objUser = GetObject("WinNT://domain/userid")
If Not objUser.IsMember(objGroup.AdsPath) Then
' Add the domain group to the local group.
objGroup.Add(objUser.ADsPath)
End If
0
 
LVL 20

Expert Comment

by:woolnoir
ID: 33466236
I've modified the names and target to be added to local admins from a group to a user, but it should work. Youre just checking that the member isnt already in there, and if not, adding.
0
 
LVL 2

Expert Comment

by:hydrokid
ID: 33466271
This would definitely work. created a file and rename it adduser.vbs and put in all the code below.
Replace 667CA to which every user account you want.
if the domain is companyA then the user added to the local admin is companyA/667CA




Set oWshNet = CreateObject("WScript.Network" )

sUser = "667CA"

'sNetBIOSDomain = oWshNet.UserDomain
sComputer = oWshNet.ComputerName

Set oGroup = GetObject("WinNT://" & sComputer & "/Administrators,group" )
Set oUser = GetObject("WinNT://AP/" & sUser & ",user" )
'Set oUser = GetObject("WinNT://" & sNetBIOSDomain & "/" & sUser & ",user" )

' suppress errors in case the user is already a member
On Error Resume Next
oGroup.Add(oUser.ADsPath)
On Error Goto 0
0
Are your AD admin tools letting you down?

Managing Active Directory can get complicated.  Often, the native tools for managing AD are just not up to the task.  The largest Active Directory installations in the world have relied on one tool to manage their day-to-day administration tasks: Hyena. Start your trial today.

 
LVL 1

Accepted Solution

by:
duraisamy earned 500 total points
ID: 33466577
Try this should work out.....

Dim DomainName
Dim UserAccount
Set net = WScript.CreateObject("WScript.Network")
local = net.ComputerName
DomainName = "DomainName"
UserAccount = "userAccount"

set group = GetObject("WinNT://"& local &"/Administrators")

on error resume next
group.Add "WinNT://"& DomainName &"/"& UserAccount &""
CheckError

sub CheckError
      if not err.number=0 then
      set ole = CreateObject("ole.err")
      MsgBox ole.oleError(err.Number), vbCritical
      err.clear
else
      MsgBox "Done."
end if
end sub

0
 
LVL 20

Expert Comment

by:woolnoir
ID: 33466587
And obviously the snipped i posted was designed to be augmented into your existing script.
0
 
LVL 20

Expert Comment

by:woolnoir
ID: 33466591
snippet*
0
 

Author Comment

by:it_techie
ID: 33471983
On Error Resume Next

this works

oh good morning btw
0
 
LVL 20

Expert Comment

by:woolnoir
ID: 33472173
Shouldnt points be awarded for this one, since myself and several others posted you a solution ?
0
 

Author Comment

by:it_techie
ID: 33472195
I've tried,

Set objGroup = GetObject("WinNT://" & strComputer & "/Administrators")
Set objUser = GetObject("WinNT://domain/userid")
If Not objUser.IsMember(objGroup.AdsPath) Then
' Add the domain group to the local group.
objGroup.Add(objUser.ADsPath)
End If

Doesn't work

This one is a completely new script:

Dim DomainName
Dim UserAccount
Set net = WScript.CreateObject("WScript.Network")
local = net.ComputerName
DomainName = "DomainName"
UserAccount = "userAccount"

set group = GetObject("WinNT://"& local &"/Administrators")

on error resume next
group.Add "WinNT://"& DomainName &"/"& UserAccount &""
CheckError

sub CheckError
      if not err.number=0 then
      set ole = CreateObject("ole.err")
      MsgBox ole.oleError(err.Number), vbCritical
      err.clear
else
      MsgBox "Done."
end if
end sub


Although I do see the magic words on error resume next....


Ok, i'll give him the points
0

Featured Post

Is Your AD Toolbox Looking More Like a Toybox?

Managing Active Directory can get complicated.  Often, the native tools for managing AD are just not up to the task.  The largest Active Directory installations in the world have relied on one tool to manage their day-to-day administration tasks: Hyena. Start your trial today.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Always backup Domain, SYSVOL etc.using processes according to Microsoft Best Practices. This is meant as a disaster recovery process for small environments that did not implement backup processes and did not run a secondary domain controller that ne…
Recently, Microsoft released a best-practice guide for securing Active Directory. It's a whopping 300+ pages long. Those of us tasked with securing our company’s databases and systems would, ideally, have time to devote to learning the ins and outs…
Video by: Steve
Using examples as well as descriptions, step through each of the common simple join types, explaining differences in syntax, differences in expected outputs and showing how the queries run along with the actual outputs based upon a simple set of dem…
Are you ready to implement Active Directory best practices without reading 300+ pages? You're in luck. In this webinar hosted by Skyport Systems, you gain insight into Microsoft's latest comprehensive guide, with tips on the best and easiest way…

752 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question