asked on
batch file to move local users between groups
Does anyone have a batch file that will:
take the currently logged in user, remove them from the local machine Administrators group?
Thats is, just remove the currently logged in domain user from the local administrators group
so just this
net localgroup administrators <user name> /delete
But run as a script that pulls the locally logged in user and removes them
I should add that these are all domain users
ASKER
I am thinking that the
whoami
command to a text file maybe?
ASKER
whoami > username.txt
will pass the username to a text file on the directory that the command is run from
The current user should be noted in the environment variables USERDOMAIN and USERNAME, and the local group Users should already have the Domain Users group as member, so:
net localgroup administrators %userdomain%\%username% /delete
should be sufficient.
ASKER
:: Get the current user - Loops through and pulls out the user
:: Avoids issues if the %USERNAME% is modified. Could use set CURRENT_USER=%USERNAME%
:: If that isn't an issue can use the above for simplied logic
for /f "tokens=2 delims=\\" %%i in ('whoami') do set CURRENT_USER=%%i
:: Add to local users group
net localgroup users "%CURRENT_USER%" /add 2>&1
:: Remove from local administrators group
net localgroup administrators "%CURRENT_USER%" /delete 2>&1
This is what I went with
ASKER
Open in new window
Open in new window
But I need to find a way to pass the locally logged in user to this script