Want to protect your cyber security and still get fast solutions? Ask a secure question today.Go Premium

x
?
Solved

Script to make a specific user Local Admin

Posted on 2011-05-06
8
Medium Priority
?
415 Views
Last Modified: 2012-05-11
Hi

We have a desktop setup, where all pc's are named [username]-[inventorynumber] (ie. jefr-73766) and where all users are local admins on their own pc. So jefr are local admin on jefr-73766 but not on any other machine.

We are using both Win XP and 7 agains windows servers (Active Directory).

I know it is possible to use GPO to do this, so that a user are local admin on any pc he uses, but what about our scenario, can it be done?

I am thinking maybe the solution is a script, but then again, I'm not a scripting guy :-s

Any ideas? Any help is appreaciated.

Regards
Kasper
0
Comment
Question by:Kasper Katzmann
  • 5
  • 2
8 Comments
 
LVL 2

Expert Comment

by:tyol
ID: 35704613
so you want to make local admins rights to [user] by mask from computer name like [user]-[computer].
right?
0
 

Author Comment

by:Kasper Katzmann
ID: 35704758
Yes, thats right.
0
 
LVL 2

Expert Comment

by:tyol
ID: 35704773
domain contriollers on Win Server 2k8?
0
What does it mean to be "Always On"?

Is your cloud always on? With an Always On cloud you won't have to worry about downtime for maintenance or software application code updates, ensuring that your bottom line isn't affected.

 

Author Comment

by:Kasper Katzmann
ID: 35704959
Yep :-)
0
 
LVL 65

Accepted Solution

by:
RobSampson earned 1000 total points
ID: 35705199
A startup script with the following should do the job.

Regards,

Rob.
Set objNetwork = CreateObject("WScript.Network")
strComputer = objNetwork.ComputerName
strGroup = "Administrators"
strDomain = "YourDomainName"
strUserName = Left(strComputer, InStr(strComputer, "-") - 1)
Set objGroup = GetObject("WinNT://" & strComputer & "/" & strGroup & ",group")
Set objUser = GetObject("WinNT://" & strDomainName & "/" & strUserName)
objGroup.Add(objUser.ADsPath)
Set objGroup = Nothing

Open in new window

0
 
LVL 2

Expert Comment

by:tyol
ID: 35705272
ok i'l try to help you.
script in attachment
change extension to .ps1

run with domain admin priv on Domain Contrioller or Win 7 machine

local-group-add.jpg
0
 
LVL 2

Expert Comment

by:tyol
ID: 35705314
oh! change script befor running :) Need to enter domain name and local admin group name

Script takes comp names from AD and add user in left side of Comp name to local admin gruop on that comp
0
 
LVL 2

Assisted Solution

by:tyol
tyol earned 1000 total points
ID: 35705545
little shorter version not need to enter domain name and Admin group if it named Administrators

 
# Add a domain user to a local group on the remote computer  
$localGroupName = "Administrators" #Group Name of Admins here
[string]$FulldomainName = ([ADSI]'').distinguishedName
[string]$domainName = ([ADSI]'').Name
$strFilter = "(&(objectCategory=Computer)(!userAccountControl:1.2.840.113556.1.4.803:=2))"
$objDomain = New-Object System.DirectoryServices.DirectoryEntry("LDAP://$FulldomainName")
$objSearcher = New-Object System.DirectoryServices.DirectorySearcher
$objSearcher.SearchRoot = $objDomain
$objSearcher.PageSize = 1000
$objSearcher.Filter = $strFilter
$colResults = $objSearcher.FindAll();

foreach ($objResult in $colResults)
{
$objItem = $objResult.Properties;
$computerName=$objItem.name
$user_name=[regex]::Split($objItem.name,"-")[0]
([ADSI]"WinNT://$computerName/$localGroupName,group").Add("WinNT://$domainName/$user_name")  
}

Open in new window

0

Featured Post

Free Tool: Path Explorer

An intuitive utility to help find the CSS path to UI elements on a webpage. These paths are used frequently in a variety of front-end development and QA automation tasks.

One of a set of tools we're offering as a way of saying thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

If you need to start windows update installation remotely or as a scheduled task you will find this very helpful.
On some Windows 7 (SP1) computers, Windows Update becomes super slow even the computer is reasonably fast.  There's one solution that seemed to have worked well for me (after trying a few other suggested solutions).
In this Micro Tutorial viewers will learn how to use Boot Corrector from Paragon Rescue Kit Free to identify and fix the boot problems of Windows 7/8/2012R2 etc. As an example is used Windows 2012R2 which lost its active partition flag (often happen…
This Micro Tutorial will go in depth within Systems and Security in Windows 7 and will go into detail regarding Action Center, Windows Firewall, System, etc. This will be demonstrated using Windows 7 operating system.
Suggested Courses
Course of the Month15 days, 11 hours left to enroll

580 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question