How to add back "NT Authority\..." to local Users group in PCs

In an attempt to stop all domain users from login to a few critical financial processing PCs (that handles large payments amounts), I've removed "Domain Users" & the following 2 & it worked:
1. NT AUTHORITY\Authenticated Users (S-1-5-11)
2. NT AUTHORITY\INTERACTIVE (S-1-5-4)

How do I add them back? When I enter the above verbatim, it doesn't list them though
"Domain Users" are listed & I could add it back. A couple of PCs are non-payment PCs
& I accidentally removed the above 2 & Domain Users from the local "Users" group

Microsoft Server OSWindows OSActive Directory

Last Comment

Qlemo

8/22/2022 - Mon

SOLUTION

Dr. Klahn

11/26/2017

THIS SOLUTION ONLY AVAILABLE TO MEMBERS.

View this solution by signing up for a free trial.

Members can start a 7-Day free trial and enjoy unlimited access to the platform.

See Pricing Options

Start Free Trial

GET A PERSONALIZED SOLUTION

Ask your own question & get feedback from real experts

Find out why thousands trust the EE community with their toughest problems.

Peter Hutchison

11/26/2017

You can use Group Policy and use Restricted Groups feature to update membership of local groups.
http://techgenix.com/Using-Restricted-Groups/

sunhux

11/26/2017

ASKER

We don't take bare metal backups on PCs

sunhux

11/26/2017

ASKER

Will try Peter's suggestion / link.

Btw, what are the 2 NT Authority\ groups for or what's their function?
If I don't restore them back, what's the impact / implication

I started with Experts Exchange in 2004 and it's been a mainstay of my professional computing life since. It helped me launch a career as a programmer / Oracle data analyst

William Peck

Blayney

11/26/2017

Use system restore?

SOLUTION

NVIT

11/26/2017

THIS SOLUTION ONLY AVAILABLE TO MEMBERS.

View this solution by signing up for a free trial.

Members can start a 7-Day free trial and enjoy unlimited access to the platform.

See Pricing Options