Solved

Is there a way to add a user to a local group in Windows with a Group Policy?

Posted on 2011-09-12
3
257 Views
Last Modified: 2012-05-12
Or, would that require a script? Any place where I might find a sample script?
0
Comment
Question by:brownkm82
3 Comments
 
LVL 6

Accepted Solution

by:
-tjs earned 125 total points
ID: 36524676
If the group membership is something that is known and should always be the same, you could use something called "Restricted Groups".  Group Policy essentially forces a group to have the members you want (and only the members you want).
http://support.microsoft.com/kb/279301
0
 
LVL 35

Expert Comment

by:Joseph Daly
ID: 36525126
Yes this can be done by either a script using the net use command.

You could also do this by using a GPO and restricted groups mentioned above.

The way that I would reccomend doing this would be to use group policy preferences if you have a windows 7 machine that you can build the GPP on.

http://www.frickelsoft.net/blog/downloads/10%20things%20Group%20Policy%20Preferences%20does%20better.pdf

See the section for "Setting local Administrator Passwords /Administering local users and groups". This is much easier than using restricted groups in a GPO.
0
 

Author Closing Comment

by:brownkm82
ID: 36525502
That's the ticket. It even allows a policy which forces domain group within local group.

Thanks,
Ken
0

Featured Post

Enterprise Mobility and BYOD For Dummies

Like “For Dummies” books, you can read this in whatever order you choose and learn about mobility and BYOD; and how to put a competitive mobile infrastructure in place. Developed for SMBs and large enterprises alike, you will find helpful use cases, planning, and implementation.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

I guess it is not common knowledge to most Wintel engineers/administrators: If you have an SNMP-based monitoring system in your environment (and it's common to have SNMP or Syslog) it's reasonably easy to enable monitoring of the Windows Event logs,…
Restoring deleted objects in Active Directory has been a standard feature in Active Directory for many years, yet some admins may not know what is available.
Established in 1997, Technology Architects has become one of the most reputable technology solutions companies in the country. TA have been providing businesses with cost effective state-of-the-art solutions and unparalleled service that is designed…

820 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question