Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

Register Log in
  • Congratulations Chris Miller on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

Adding the local SYSTEM account to a local group

Status
Not open for further replies.
scriptlin

scriptlin

MIS
Dec 20, 2007
2
GB
Hi all,

I'm tyring to limit the amount of people in my company who have access to fiddle with their Sophos AV clients. To do this, I've created a script which removes the ready-created "SophosAdministrator" group from local machines, and then recreating it with the members I deem fit.

(I'm using code as referenced in thread329-1255263).

The only problem I'm having is adding the local SYSTEM account for each machine to the group - it needs this for the on-access & scheduled scans. I'm guessing the cause is that the "NT AUTHORITY\SYSTEM" account isn't a "user", but a "built-in security principal".

Can anyone help with this?

Much appreciated...
 
Sort by date Sort by votes
Try this...

Code: 
strComputer = "."
Set objLocalGroup = GetObject("WinNT://" & strComputer & "/Administrators,group")
objLocalGroup.add("WINNT://NT-AUTHORITY/SYSTEM")

--------------------------------------------------------------------------------
dm4ever
My philosophy: K.I.S.S - Keep It Simple Stupid
 
Upvote 0 Downvote
Thanks for replying, dm4ever.

Sadly, it hasn't worked, though.

Here's the affected piece of code:

Code: 
Set objSophosLocal = GetObject("WinNT://" & strComputer & "/SophosAdministrator,group")
'If the local SYSTEM account isn't a member, make it one:
If Not objSophosLocal.isMember("WinNT://NT-AUTHORITY/SYSTEM") Then
	objSophosLocal.Add("WinNT://NT-AUTHORITY/SYSTEM")
	'If added, make a note if it in the output file:
	objTSout.WriteLine strComputer & ": Local SYSTEM account added to Sophos admin group"
	objTSout.Close
End If

I can't see any errors myself, so peer review might help!
Can anyone point me to any reference material which outlines how objects are referenced in the "WinNT://..." namespace (if that's the right term)?
 
Upvote 0 Downvote
Status
Not open for further replies.

Similar threads

bdwilcox
  • Locked
  • Question
Trying to adapt VBScript to search if machine is in an AD group 6
Replies
8
Views
1K
SoftwareRT
SoftwareRT
S
  • Locked
  • Question
Need to submit page when clicking a checkbox
Replies
0
Views
258
shbr5413
S
Alexvb6
  • Locked
  • Question
Deprecation of VBScript + Classic ASP: How to Ask Microsoft to cancel their planned craziness
Replies
0
Views
426
Alexvb6
Alexvb6
EdScripts
  • Locked
  • Question
Using a Variable in the Run Method - I would sure like to be able to do this !
Replies
0
Views
195
EdScripts
EdScripts
Brianfree
  • Locked
  • Question
Excel Rows to Column 1
Replies
2
Views
338
Brianfree
Brianfree

Part and Inventory Search

Sponsor

Back
Top