Tek-Tips is the largest IT community on the Internet today!
Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!
-
Congratulations strongm on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!
adding domain accounts to local admin group
- Thread starter wfbtr
- Start date
Do a keyword search in this forum for 'local admin' and you should find several threads discussing this.
[blue]"Well, once again my friend, we find that science is a two headed beast. One head is nice, it gives us aspirin and other modern conveniences,...but the other head of science is BAD! Oh, beware the other head of science, Arthur; it bites!!" - The Tick[/blue]
[blue]"Well, once again my friend, we find that science is a two headed beast. One head is nice, it gives us aspirin and other modern conveniences,...but the other head of science is BAD! Oh, beware the other head of science, Arthur; it bites!!" - The Tick[/blue]
- Thread starter
- #3
thanks tomthumb-
i used a simple batch file using the net localgroup administrators "xxxxxxx" /add format. this works well with shorter named groups, but i have several that are 23 and 24 characters long and this doesn't work for them. is there a max character limit and would a .vbs not have that limitation?
i used a simple batch file using the net localgroup administrators "xxxxxxx" /add format. this works well with shorter named groups, but i have several that are 23 and 24 characters long and this doesn't work for them. is there a max character limit and would a .vbs not have that limitation?
I don't know if there is a limit or not. If there is, I suspect that it is a windows limit and it wouldn't matter whether you used bats or VBScripts.
[blue]"Well, once again my friend, we find that science is a two headed beast. One head is nice, it gives us aspirin and other modern conveniences,...but the other head of science is BAD! Oh, beware the other head of science, Arthur; it bites!!" - The Tick[/blue]
[blue]"Well, once again my friend, we find that science is a two headed beast. One head is nice, it gives us aspirin and other modern conveniences,...but the other head of science is BAD! Oh, beware the other head of science, Arthur; it bites!!" - The Tick[/blue]
- Thread starter
- #5
- Thread starter
- #6
MisterNiceGuy
MIS
This is fairly simple using a vbscript and a computer group policy object. Here is a script I wrote specifically for this purpose. I recommend controlling administrator access through the use of security group, but you could easily modify this script to use user accounts.
' AATLAG This program adds any groups that are passed to it as parameters to the local Administrators Group
' AATLAG is an acronym for Add Administrators to Local Administrators Group
' Run AATLAG.vbs /? for more information
'______________________________________________________________________________________________
'______________________________________________________________________________________________
'Initialize variables
Dim I,J
set shell = CreateObject("Wscript.Shell")
Set net=WScript.CreateObject("WScript.Network")
local = net.ComputerName
CRLF=(Chr(13) & Chr(10))
If Wscript.arguments.count=0 then
Dim Errvar
msg1="This script will not run without a command line argument!" & crlf
msg2=crlf & "Run AATLAG.vbs /? for more information." & crlf
msg= msg1 & msg2
Errvar= MsgBox (msg,48, "AATLAG Error! No command line argument!")
Wscript.quit
end if
'Get the command line arguments
Argcount=Wscript.arguments.count - 1
For i = 0 To Argcount
ReDim Preserve AdminGroup(i)
If Wscript.arguments.item(i)="/?" then
Help()
else
AdminGroup(i) = Wscript.arguments.Item(i)
End If
Next
Set group = GetObject("WinNT://" & local & "/Administrators")'Get access to the local security group
For j = 0 To Argcount
On Error Resume Next
group.Add "WinNT://" & AdminGroup(j) 'Add Domain Security Group to the local Security group
Next
'End of main code
'_________________________________________________________________________________________________________________________
'All subroutines are placed after this point!
'_________________________________________________________________________________________________________________________
'This subroutine displays a help message when /? is passed to the script
sub help
msg1="This script was written by MisterNiceGuy & crlf
msg2=crlf & "This script will not run without a command line parameter" & crlf
msg3=crlf & "Pass the Domain group that should be added to the local administrators group as a parameter." & crlf
msg4=crlf & "The syntax is AATLAG.vbs Domain/Group." & crlf
msg5=crlf & "Quotes must be added if there are any spaces" & crlf
msg6=crlf & "The following example would add the Domain Local group Workstation from the domain to the local administrators group" &crlf
msg7=crlf & "Example: AATLAG.vbs ''Domain/Workstation Admins'' " & crlf
msg=msg1 & msg2 & msg3 & msg4 & msg5 & msg6 & msg7
MsgBox msg ,vbInformation, "AATLAG Help!"
wscript.quit
end sub
' AATLAG This program adds any groups that are passed to it as parameters to the local Administrators Group
' AATLAG is an acronym for Add Administrators to Local Administrators Group
' Run AATLAG.vbs /? for more information
'______________________________________________________________________________________________
'______________________________________________________________________________________________
'Initialize variables
Dim I,J
set shell = CreateObject("Wscript.Shell")
Set net=WScript.CreateObject("WScript.Network")
local = net.ComputerName
CRLF=(Chr(13) & Chr(10))
If Wscript.arguments.count=0 then
Dim Errvar
msg1="This script will not run without a command line argument!" & crlf
msg2=crlf & "Run AATLAG.vbs /? for more information." & crlf
msg= msg1 & msg2
Errvar= MsgBox (msg,48, "AATLAG Error! No command line argument!")
Wscript.quit
end if
'Get the command line arguments
Argcount=Wscript.arguments.count - 1
For i = 0 To Argcount
ReDim Preserve AdminGroup(i)
If Wscript.arguments.item(i)="/?" then
Help()
else
AdminGroup(i) = Wscript.arguments.Item(i)
End If
Next
Set group = GetObject("WinNT://" & local & "/Administrators")'Get access to the local security group
For j = 0 To Argcount
On Error Resume Next
group.Add "WinNT://" & AdminGroup(j) 'Add Domain Security Group to the local Security group
Next
'End of main code
'_________________________________________________________________________________________________________________________
'All subroutines are placed after this point!
'_________________________________________________________________________________________________________________________
'This subroutine displays a help message when /? is passed to the script
sub help
msg1="This script was written by MisterNiceGuy & crlf
msg2=crlf & "This script will not run without a command line parameter" & crlf
msg3=crlf & "Pass the Domain group that should be added to the local administrators group as a parameter." & crlf
msg4=crlf & "The syntax is AATLAG.vbs Domain/Group." & crlf
msg5=crlf & "Quotes must be added if there are any spaces" & crlf
msg6=crlf & "The following example would add the Domain Local group Workstation from the domain to the local administrators group" &crlf
msg7=crlf & "Example: AATLAG.vbs ''Domain/Workstation Admins'' " & crlf
msg=msg1 & msg2 & msg3 & msg4 & msg5 & msg6 & msg7
MsgBox msg ,vbInformation, "AATLAG Help!"
wscript.quit
end sub
- Status
Similar threads
- Locked
- Question