vbscript, Adding domain groups to gthe local administrator group

Adding domain groups to gthe local administrator group

Author	Message
Marc Haye #1 / 11	Adding domain groups to gthe local administrator group Is there a way to add the Domain admins to the local users machines adminstrators group??? Please help time crunch.. Thanks in advance!!! Marc Hayes
Mon, 19 Jan 2004 23:56:31 GMT

Johnny Nielse #2 / 11	Adding domain groups to gthe local administrator group Quote: > Is there a way to add the Domain admins to the local users machines > adminstrators group??? Please help time crunch.. Thanks in advance!!! That should happen automatically when you join the domain (not that it can't be done with a script). Best regards Johnny Nielsen
Tue, 20 Jan 2004 03:49:27 GMT

Marc Haye #3 / 11	Adding domain groups to gthe local administrator group I ma trying to verify that our DOMAIN\Domain admins in in the local administrators group on a users local machine. If it is not there then add it. Marc Quote: > > Is there a way to add the Domain admins to the local users machines > > adminstrators group??? Please help time crunch.. Thanks in advance!!! > That should happen automatically when you join the domain (not that it can't > be done with a script). > Best regards > Johnny Nielsen
Tue, 20 Jan 2004 04:31:22 GMT

Tony Patin #4 / 11	Adding domain groups to gthe local administrator group You can run the this command from wshell.run To add user: net localgroup administrators /add "Domain\Domain Admins" To Verify: net localgroup administrators -Tony Quote: > I ma trying to verify that our DOMAIN\Domain admins in in the local > administrators group on a users local machine. If it is not there then add > it. > Marc Quote: > > > Is there a way to add the Domain admins to the local users machines > > > adminstrators group??? Please help time crunch.. Thanks in advance!!! > > That should happen automatically when you join the domain (not that it > can't > > be done with a script). > > Best regards > > Johnny Nielsen
Tue, 20 Jan 2004 07:18:10 GMT

Tony Patin #5 / 11	Adding domain groups to gthe local administrator group Better yet.........Modify this code from another post. Hey all, I have the following login script snippit that adds the user logging in to the local admin group so he/she can install software: Following this idea from MS: Set comp = GetObject("WinNT://SEATTLE,computer") Set grp = comp.GetObject("group", "TheSmiths") grp.Add ("WinNT://INDEPENDENCE/JSmith") I'm trying: If os <> "" Then 'If os is other than 9x or Millenium putername = WshNetwork.ComputerName Set com = GetObject("WinNT://" & puterName & ",computer") Set groupuseraddedto = com.GetObject("group", "administrators") groupuseraddedto.Add ("WinNT://NPDB/" & user) End If It works for me, but then again, I'm in the domain admin group. Is this a red herring? Does the script run without the privledges necessary to add the user? Thanks, Nathan
Tue, 20 Jan 2004 07:26:58 GMT

Johnny Nielse #6 / 11	Adding domain groups to gthe local administrator group Quote: > Better yet.........Modify this code from another post. I don't think so. As he writes he was a member of the domain admins, so he was probably already a member of the local administrators group before he ran the script. Best regards Johnny Nielsen Quote: > Hey all, > I have the following login script snippit that adds the user logging in to > the local admin group so he/she can install software: > Following this idea from MS: > Set comp = GetObject("WinNT://SEATTLE,computer") > Set grp = comp.GetObject("group", "TheSmiths") > grp.Add ("WinNT://INDEPENDENCE/JSmith") > I'm trying: > If os <> "" Then 'If os is other than 9x or Millenium > putername = WshNetwork.ComputerName > Set com = GetObject("WinNT://" & puterName & ",computer") > Set groupuseraddedto = com.GetObject("group", "administrators") > groupuseraddedto.Add ("WinNT://NPDB/" & user) > End If > It works for me, but then again, I'm in the domain admin group. Is this a > red herring? Does the script run without the privledges necessary to add > the user? > Thanks, > Nathan
Tue, 20 Jan 2004 07:44:04 GMT

Tony Patin #7 / 11	Adding domain groups to gthe local administrator group Sorry I wasn't clear........ When I said "MODIFY", I meant change Nathan's adsi script to fit your needs. Meaning, use the ADSI code to fit your needs. Then deliver the script through whatever vialable methods that you have. Marc did not seem to specify anywhere in the thread which methods or which security rights would be used to verify/change this. I guess I was assuming that when Marc said...... Quote: >"our DOMAIN\Domain admins in in the local >administrators group on a users local machine. If it is not there then add >it." He would know to have sufficient rights before attempting to add the group. The adsi example shown below by nathan could be "Modified" to a nice remote utility script if the environment permits. I'll show you.......... For Example this works for me when adding group items to remote computers.........With MY environment(script Win2k machine, remote computer NT/2000) Feel free to use it, I "Modified" it so that you can add it into a much larger script. And so that you may MODIFY it to your needs with ease. Please note the add error control comments. Even though this works when all the fields are filled in correctly, it would be best to add functionality to control the event that the remote computer is in an unreachable state(not NT based, turned off, Certain Services Stopped, or plain old Typo's when filling in fields) Quote: >Option Explicit >AddToGroup >Wscript.Quit >' /////////////////////////////// >' Individual Sub Commands >' /////////////////////////////// >Function RemoteComputer >RemoteComputer = Trim(InputBox("Please Enter the Name of the Remote Computer","Remote Computer Name")) Quote: >' Add error Control! >End Function >Function RemoteGroup >RemoteGroup = Trim(InputBox("Please Enter the Name of the Remote Group","Remote Group Name")) Quote: >'Add Error Control! >End Function >Function ItemToAdd >ItemToAdd = Trim(InputBox("Please Enter the Name of the User/Group to" & vbCrlf & "add to the remote computer","Name of Item to Add")) Quote: >'Add Error Control! >End Function >Sub AddToGroup >'Add Error Control! >'Declare Variables >Dim l_sRemoteComputer, l_sRemoteGroup, l_sItemToAdd >l_sRemoteComputer = RemoteComputer >l_sRemoteGroup = RemoteGroup >l_sItemToAdd = ItemToAdd >' Do the Work >Dim oAdsiRemoteComputer, oAdsiRemoteGroup >Set oAdsiRemoteComputer = GetObject("WinNT://" & l_sRemoteComputer & ",computer") >Set oAdsiRemoteGroup = oAdsiRemoteComputer.GetObject("group", Chr(34) & l_sRemoteGroup & Chr(34) ) Quote: >oAdsiRemoteGroup.Add ("WinNT://" & l_sItemToAdd) >' Destroy Variables >Set oAdsiRemoteComputer = Nothing >Set oAdsiRemoteGroup = Nothing >Set l_sRemoteComputer = Nothing >Set l_sRemoteGroup = Nothing >Set l_sItemToAdd = Nothing >End Sub Hope this helps.......... Quote: > > Better yet.........Modify this code from another post. > I don't think so. As he writes he was a member of the domain admins, so he > was probably already a member of the local administrators group before he > ran the script. > Best regards > Johnny Nielsen > > Hey all, > > I have the following login script snippit that adds the user logging in to > > the local admin group so he/she can install software: > > Following this idea from MS: > > Set comp = GetObject("WinNT://SEATTLE,computer") > > Set grp = comp.GetObject("group", "TheSmiths") > > grp.Add ("WinNT://INDEPENDENCE/JSmith") > > I'm trying: > > If os <> "" Then 'If os is other than 9x or Millenium > > putername = WshNetwork.ComputerName > > Set com = GetObject("WinNT://" & puterName & ",computer") > > Set groupuseraddedto = com.GetObject("group", "administrators") > > groupuseraddedto.Add ("WinNT://NPDB/" & user) > > End If > > It works for me, but then again, I'm in the domain admin group. Is this a > > red herring? Does the script run without the privledges necessary to add > > the user? > > Thanks, > > Nathan
Tue, 20 Jan 2004 12:16:52 GMT

Johnny Nielse #8 / 11	Adding domain groups to gthe local administrator group Quote: > Sorry I wasn't clear........ Well, perhaps I was not to clear either :-) What I didn't like was this: Quote: > I have the following login script snippit that adds the user logging in to > the local admin group so he/she can install software: Here he mentions a login script, which runs in the security context of a user that typically is not a local administrator. What I can't see is how a script running in this security context should be able to add the domain administrators to to local administrators group? Best regards Johnny Nielsen
Tue, 20 Jan 2004 18:29:21 GMT

Marc Haye #9 / 11	Adding domain groups to gthe local administrator group Ok here is some clarification. THe user logging in is a member of the local administrators group. I just needed to be able to verify that the domain\domain admins group was a member of the local administrators group and add it if needed. I will try the codae an see what happens. Thanks for the help. I will let you know how it works out. Marc Hayes Quote: > > Sorry I wasn't clear........ > Well, perhaps I was not to clear either :-) > What I didn't like was this: > > I have the following login script snippit that adds the user logging in to > > the local admin group so he/she can install software: > Here he mentions a login script, which runs in the security context of a > user that typically is not a local administrator. > What I can't see is how a script running in this security context should be > able to add the domain administrators to to local administrators group? > Best regards > Johnny Nielsen
Tue, 20 Jan 2004 23:31:14 GMT

Johnny Nielse #10 / 11	Adding domain groups to gthe local administrator group Quote: > Ok here is some clarification. THe user logging in is a member of the local > administrators group. OK, then no problemo :-) Best regards Johnny Nielsen
Wed, 21 Jan 2004 06:24:02 GMT

Tony Patin #11 / 11	Adding domain groups to gthe local administrator group No problem....Common Mis-communication! I am a common enforcer of efficiency. So being in the VBScript newsgroup, I assumed that marc was looking for a vbscript way for completing his task. And, as always, I like to point people in the most prospectful and efficient way to solve a task. Although my first response was geared toward his immediate need for a solution, through the simplest way to make the change. My second was bland and intended to help guide him into a more robust, complete and long term solution, if possible. No pun intended. These newsgroups, for my understanding, is completely for sharing with others AND helping to keep ones self in touch with the skills that have been used to help make a task easier and less repetitive. As the saying goes, "Time is money!". And to coin my own phrase or announce my motto....... "And with wasted time on doing something the hard way, Wasting more time on a task than needed, Is wasting time learning to save more time on tasks that need to be completed." -Tony Patino An Aspiring learner of what Technology has to offer..... And teacher of what Technology has offered. Tony Patino Quote: > > Sorry I wasn't clear........ > Well, perhaps I was not to clear either :-) > What I didn't like was this: > > I have the following login script snippit that adds the user logging in to > > the local admin group so he/she can install software: > Here he mentions a login script, which runs in the security context of a > user that typically is not a local administrator. > What I can't see is how a script running in this security context should be > able to add the domain administrators to to local administrators group? > Best regards > Johnny Nielsen
Wed, 21 Jan 2004 23:51:37 GMT

Page 1 of 1

[ 11 post ]