Important Notice: On February 29th, this community was put into read-only mode. All existing posts will remain but customers are unable to add new posts or comment on existing. Please feel to join our Community Discord for any questions and discussions.

Add domain users to local admin on remote pc

I want to add a domain user to the local admin group to the computers in 1 of or labs.  I don't want the domain user to have admin in the whole domain just that 1 lab. I think that this can be done with Powershell but I am a noob at scripting and need some assistance.

If I can make this into a package and deploy it to the lab that would save a tremendous amount of time.

 

Thank you.

 

0

Comments

7 comments
Date Votes
  • $GroupObj = [ADSI]"WinNT://$Computer/Administrators"

    $GroupObj.Add("WinNT://$Domain/$Username")

    Where $computer = the target hostname. If you package this and deploy it to computers setting this to $env:COMPUTERNAME will do the trick.

    $Domain = the domain name you need to use for the user account to add

    $Username = the username you wish to add to the local admin group.

     

    Example usage in a Powershell step:

     

    $GroupObj = [ADSI]"WinNT://$Env:COMPUTERNAME/Administrators"

    $GroupObj.Add("WinNT://CONTOSO/jsmith")
    1
  • When I return from lunch and have a proper environment to code and test I'll fix you right up. This is simple.

    0
  • Worked like a charm. 

    Thank you.

    0
  • Excellent. Glad to help.

    0
  • Steven, I'm trying to modify this script and deploy using PDQDeploy

    I was trying to use the following syntax so that I would not have to update the user name when delpoying it to different workstations, however I can't get it to work. Is it possible to do what I'm requesting?

    $GroupObj = [ADSI]"WinNT://$Env:COMPUTERNAME/Administrators"

    $GroupObj.Add("WinNT://Domain/$Env:%USERNAME%")

    0
  • You don't need the % around username:

    0
  • So can we do this? $domain = mydomain.net $userName = jsmith $GroupObj = [ADSI]"WinNT://$Env:COMPUTERNAME/Administrators" $GroupObj.Add("WinNT://$domain/$userName")

    0