Hi everyone !
Today I will share a quick tip if you want to add a group to the locla admin group easily.
Sometime you need to use restricted group’s policy, but when the environement is already setup some time it’s easier to just do a batch.
The batch is nice as it target the OU you want, and it add the Domain Group you want to the local admin group. Please adjust the script for the Administrators groups name depending on the Windows language.
$DomainName = “CONTOSO”
$UserName = “Gestionnaire”
$User = [ADSI]”WinNT://$DomainName/$UserName,group”
$OUpath = ‘OU=Ordinateurs,DC=CONTOSO,DC=HQ,DC=qc,DC=ca’
$Computers = Get-ADComputer -Filter * -SearchBase $OUpath | Select-object
$Computers | ForEach {
$computerName = $_.Name
Write-Host $computerName
$AdminGroup = [ADSI]”WinNT://$computerName/Administrateurs,group”
$AdminGroup.Add($User.Path)
}
Thanks everyone 🙂
Phil’s Blog | IT to the core ! 