Add AD User/Group to Local Administrator Group

The script can use either a plain text file containing a list of computername or a computer name as input and will add the trustee (AD user or group) as an administrator to the specified computer(s). The script will report back errors if the account is already a member.

 
 
 
 
 
4.2 Star
(62)
63,028 times
Add to favorites
11/12/2015
E-mail Twitter del.icio.us Digg Facebook
Sign in to ask a question


  • How do I read from a text file of servers, and then use that servername in a variable for user
    1 Posts | Last post July 23, 2018
    • How would you read in a file of multiple server names, and then make the trustee for each server be admin_servername_user?
  • how to add users from list
    1 Posts | Last post January 11, 2018
    • I need to modify this script to add a list of users to local Administrators.
      
      Like so:
      .\Set-ADAccountasLocalAdministrator.ps1 -Computer Server1 -trustee c:\UserList.txt
      
      
      How would I replace $Trustee with a text file of usernames, or add a variable to substitute -Trustee with -UserList c:\Users.txt  ?
      
      Thanks for educating me!
  • not able to add user
    2 Posts | Last post November 29, 2017
    • Hello Jaap,
      
      Getting below error.
      
      WARNING: The following exception occurred while retrieving member "add": "The network path was not found. I ran below command only i see different is .ps1 two times on your script.
       
      .\Set-ADAccountasLocalAdministrator.ps1 -InputFile C:\server\server.txt -Trustee phon\sql
      
    • You need to enable file and print sharing. I did it via a GPO.
      
      Computer Configuration > Administrative Templates > Network > Network Connections > Windows Firewall > Domain Profile.
  • Simplify the script for AD account adds ?
    1 Posts | Last post June 23, 2017
    • I am trying to simplify the script if possible but hitting a road block. What i am trying to do is basically have the file on a USB pen drive.  Plug into a Win10 system, run file and have it add a list of predetermined (editable) employee numbers (that are associated with a global domain name) to the local machine as admins. this will give the employees ability to log on, let the machine create the local profile associated with their global accounts.  Thougths or insight is apprciated. 
  • Trying to utilize the script to add a group on multiple serversbut prompting an error please help
    1 Posts | Last post June 08, 2017
    • It is trying to add  the group but after sometime it throws below error, Please help 
      
      WARNING: Exception calling "add" with "1" argument(s): "A member could not be added to or removed from the local group
      because the member does not exist.
  • Looking to add users to Performance Log Users
    2 Posts | Last post May 19, 2017
    • Thank you for the great help Mr. Brasser
      could you please help to add users on windows performance log users? 
    • Please ignore this one...I can modify AetAccountAsRDPusers.ps1 for performance log users. Thanks!
  • Invalid argument -- Set-ADAccountasLocalAdministrator cmdlet missing
    4 Posts | Last post March 15, 2017
    • .\Set-ADAccountasLocalAdministrator.ps1 : Parameter set cannot be resolved using the specified named parameters.
          + CategoryInfo          : InvalidArgument: (:) [Set-ADAccountasLocalAdministrator.ps1], ParentContainsErrorRecordException
          + FullyQualifiedErrorId : AmbiguousParameterSet,Set-ADAccountasLocalAdministrator.ps1
      
      What i'm i doing wrong. Similar to Bill77's issue
      
    • Hi Step2skimo, 
      
      Can you show which parameters you are using to execute the command? Based on the error message I think you might be using a wrong set of parameters.
      
      
      Regards,
      
      Jaap Brasser
    • Hello Balu, 
      
      you are receiving that error because you are trying to run the selection without the specified parameters. You need to specify both parameters, Computer and Trustee, or Inputfile and Trustee. If you copy and paste the PS1 data and just run the selection you will get the error you are receiving, since the function isn't defined and there are parameters missing. Here's a working example below, Inputfile being a csv of all servers I want to add the trustee account to.
      
      .\Set-ADAccountasLocalAdministrator.ps1 -InputFile C:\Users\darivera\Documents\allservers.csv -Trustee Sp_Task_Scheduler
    • hello Jaap,
      many thanks for your response . 
      I was able to successfully use this now.
      This worked for me.
  • Looking for remove profile from multiple servers except user from Administrator group
    1 Posts | Last post December 17, 2016
    • Hi Jaap,
      
      I am looking for remove profile script which delete all profile except users who belongs to administrators of that server.
      I have one script but does not exclude administrators group from remote server.
      Could you please help me in this case?
      
      Thank You.
  • Generating Output File
    1 Posts | Last post November 15, 2016
    • Dear Japp, 
      
      First off, thanks for the script. Works great and is making management so much better.  I was trying to pipe the output to a text file. The file gets created, but the results are not recorded.  Here is my synxtax:
      .\Set-ADAccountasLocalAdministrator.ps1 -InputFile D:\BDOC\SQLServers.txt -Trustee chop.edu\svccmvsqlb > D:\BDOC\Results.txt
      
      Can the results be outputted this way, or does that need to be defined in the .ps1 file itself? 
      
      Thank You
  • Single line command to remove AD group from local admin
    1 Posts | Last post November 07, 2016
    • Dear Japp,
      
      I would required your help.. I need to remove one AD group from the local administrator of a server. I need a power shell command for that. I tried the below. But didn't worked :-( 
      
      " .\Set-ADAccountasLocalAdministrator.ps1 -Computer 10.75.138.83 -Trustee E3027081 "
      
      Can you please help me on this regards.
      
      Thanks in advance.
      
      Regards,
      
      Naveen M
1 - 10 of 49 Items