Description

I recently had to add a Domain group to 100 servers as a member of the Local group Remote Desktop Users. Here is my final solution. You will need to update the DOMAIN to the NetBios name of your domain, and GROUP to the "pre-Windows 2000" name of the group. Big thanks to Richard Muller in the The Offical Scripting Guys Forum! for the help with this one.

Some other customization may be required for $LogFile and $LocalGroup, and will be required for $DomainGroup. A list of severs will be stored in a file called: Servers.txt and will generate a success/fail log to .\Logs\ServerLog.txt

Script

PowerShell
Edit|Remove
<# 
File: Add2LocalGroup.ps1 
Purpose: Example of adding a Domain group to a Local group 
Author: Paul Frankovich 
Date: 4/28/2011 
#> 
 
#Get List of Servers from Flat TXT file 
$Servers = Get-Content Servers.txt 
#Initaliaze the Domain Group Object 
$DomainGroup = [ADSI]"WinNT://DOMAIN/Citrix Desktop Users,group" 
 
#Name the LogFile and Initialize it 
$LogFile = ".\Logs\ServerLog.txt" 
New-Item $LogFile -type file -force 
 
ForEach ($Server in $Servers#Loop through each server 
{ 
    $Server 
    $Server>>$LogFile 
 
    #Get Local Group object 
    $LocalGroup = [ADSI]"WinNT://$Server/Remote Desktop Users,group" 
 
    #Assign DomainGroup to LocalGroup 
    $LocalGroup.Add($DomainGroup.Path) 
 
    #Determine if command was successful 
    If (!$?) #Add failed 
    { 
        $Server + " fail: " + $Error[0]>>$LogFile 
        "">>$LogFile 
    } 
    Else #Add succeeded 
    { 
        $Server + " success">>$LogFile 
        "">>$LogFile 
        $Server + " success" 
    } 
}