Add domain users to local admin on remote pc

I want to add a domain user to the local admin group to the computers in 1 of or labs.  I don't want the domain user to have admin in the whole domain just that 1 lab. I think that this can be done with Powershell but I am a noob at scripting and need some assistance.

If I can make this into a package and deploy it to the lab that would save a tremendous amount of time.

 

Thank you.

 

0

Comments

7 comments
Date Votes
  • $GroupObj = [ADSI]"WinNT://$Computer/Administrators"

    $GroupObj.Add("WinNT://$Domain/$Username")

    Where $computer = the target hostname. If you package this and deploy it to computers setting this to $env:COMPUTERNAME will do the trick.

    $Domain = the domain name you need to use for the user account to add

    $Username = the username you wish to add to the local admin group.

     

    Example usage in a Powershell step:

     

    $GroupObj = [ADSI]"WinNT://$Env:COMPUTERNAME/Administrators"

    $GroupObj.Add("WinNT://CONTOSO/jsmith")
    1
  • When I return from lunch and have a proper environment to code and test I'll fix you right up. This is simple.

    0
  • Worked like a charm. 

    Thank you.

    0
  • Excellent. Glad to help.

    0
  • Steven, I'm trying to modify this script and deploy using PDQDeploy

    I was trying to use the following syntax so that I would not have to update the user name when delpoying it to different workstations, however I can't get it to work. Is it possible to do what I'm requesting?

    $GroupObj = [ADSI]"WinNT://$Env:COMPUTERNAME/Administrators"

    $GroupObj.Add("WinNT://Domain/$Env:%USERNAME%")

    0
  • You don't need the % around username:

    0
  • So can we do this? $domain = mydomain.net $userName = jsmith $GroupObj = [ADSI]"WinNT://$Env:COMPUTERNAME/Administrators" $GroupObj.Add("WinNT://$domain/$userName")

    0

Please sign in to leave a comment.

Didn't find what you were looking for?

New post