Solved

Automated Way to Remove Domain Users from Administrators Group

Posted on 2014-04-10
2
209 Views
Last Modified: 2014-04-12
I have a LAN where all the workstations (Windows 7 and XP) have Domain Users added to the Local Administrators group. Is there and automated way to remove Domain User from the local Administrators group i.e. with a Net command I can put in the login script?
0
Comment
Question by:LockDown32
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
2 Comments
 
LVL 81

Accepted Solution

by:
David Johnson, CD, MVP earned 250 total points
ID: 39993310
net localgroup administrators %username% /delete
0
 
LVL 17

Assisted Solution

by:lruiz52
lruiz52 earned 250 total points
ID: 39993350
Or you can configure "Restricted Groups" in a GPO.

When you set this policy, it will overwrite any existing local group members, you dictate who the members are.

You will find this in Computer Configuration\Security Settings\Restricted Groups.

Modify the GPO to include the groups you want to be effective You will need to include the Local Administrator Account also,  This will REPLACE any current groups that exist on the machine and without specifying an Local Administrator account in the GPO, you may lock yourself out of the computer!

For a how to check the link below;
http://windowsmatters.com/2011/09/16/how-to-use-restricted-groups

Hope this helps!
0

Featured Post

Resolve Critical IT Incidents Fast

If your data, services or processes become compromised, your organization can suffer damage in just minutes and how fast you communicate during a major IT incident is everything. Learn how to immediately identify incidents & best practices to resolve them quickly and effectively.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
Windows 10 Firewall question 5 92
Server 2012 R2 missing roles and features 2 184
Sharepoint 2010 Audit Logs 11 170
Deploying packaged application using SCCM steps ? 4 89
Problem Description: Actually I found the below issue with some customers after migration from SMS 2003 to SCCM 2007 and epically if they change site code, some clients may appear in the console with old site code, plus old sites still appearing …
Background Information Recently I have fixed file server permission issues for one of my client. The client has 1800 users and one Windows Server 2008 R2 domain joined file server with 12 TB of data, 250+ shared folders and the folder structure i…

738 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question