Ask the Expert

Logon script to add a user to local admin group

I have a single domain with 3000+ workstations, varying from Windows 2000 to XP. Is there a logon script process to add a user to the local admin group? We manually add the domain user account to the local admin account for certain applications that require admin access. I came across the ADDUSERS.exe command, but it prompts the user for a password. Is there any command that can perform this without prompting the user for any information? Thanks in advance for your time and help.

    Requires Free Membership to View

This is a common issue. The problem is that if you could add a restricted user to the local administrators group without a password, how could you prevent users from adding themselves to the local administrators group? Thus, only a local administrator can add a user to the local administrators group. You could use Cusrmgr (Windows 2000 Resource Kit) and specify a password on the command line, but that's just not very safe. Instead, I recommend that you create a WMI script to connect to the computer and then add the user to the local administrators group. Check out Microsoft's script Web site for a number sample scripts.

This was first published in October 2003

There are Comments. Add yours.

 
TIP: Want to include a code block in your comment? Use <pre> or <code> tags around the desired text. Ex: <code>insert code</code>

REGISTER or login:

Forgot Password?
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy
Sort by: OldestNewest

Forgot Password?

No problem! Submit your e-mail address below. We'll send you an email containing your password.

Your password has been sent to: