none
Adding domain user to local administrator on remote server using powershell RRS feed

  • General discussion

  • Hi All,

    I am trying to add a domain user to local administrator group on multiple servers hosting 2012R2. I updated powershell to 5.1 but the inbuilt command add-localgroupuser does have option to add user to local administrator on remote computers. So I created a script to execute the batch commands through powershell. The script is not giving any error but is running and nothing is happening. Can someone please guide if something is wrong with the script and why is it running continuously without any error but not changing anything.

    $servers=get-content "path to the txt file storing the server name"
    foreach($object in $servers){
    & "C:\Windows\System32\cmd.exe" \\$object -u "admin username" -p "Admin password" net localgroup "Administrators" "User to be added" /add
    }

    Please advice.



    • Edited by skvadi Wednesday, July 19, 2017 11:15 AM
    • Changed type Bill_Stewart Wednesday, September 13, 2017 8:54 PM
    • Moved by Bill_Stewart Wednesday, September 13, 2017 8:54 PM This is not "teach me basics of system management" forum
    Wednesday, July 19, 2017 9:01 AM

All replies

  • Use Group Policy to manage the membership of the local Administrators group.

    -- Bill Stewart [Bill_Stewart]

    Wednesday, July 19, 2017 12:20 PM
  • Hi Bill,

    Thanks for the response. However, we are not supposed to use GPO and I do not want to use any other scripting language for the same.

    Hence wanted to know if there is any mistake in the script due to which it is running continuously without any error and without any action.

    Regards,

    Adi


    Wednesday, July 19, 2017 2:54 PM
  • The command you posted doesn't do anything useful.

    If you must use a script, there are probably examples in the repository for managing local users and groups. I believe there are also cmdlets in later Windows versions.


    -- Bill Stewart [Bill_Stewart]

    Wednesday, July 19, 2017 4:16 PM
  • You can use Invoke-Command to add a remote user to a group assuming the remote system supports the CmdLet which is only available for PowerShell v5 and later.


    \_(ツ)_/

    Wednesday, July 19, 2017 5:20 PM
  • The commands available in powershell v5.1 do not have option to perform the activity on multiple PCs at once.

    It can be applied only on 1 PC, else have to run the script locally on all the PCs but then we need to update powershell 5.1 on all the PCs for them to recognize the cmdlet eg. - add-localgroupuser etc.

    The command mentioned above works fine on cmd - C:\Windows\System32\cmd.exe" \\$object -u "admin username" -p "Admin password" net localgroup "Administrators" "User to be added" /add

    The problem is happening when I run it through powershell and I am unable to determine why it is not executing as it does not give any error as well.

    Thursday, July 20, 2017 7:28 AM
  • I think you need to go back and learn how to use remoting in PowerShell. Using CMD cannot create a remote connection.

    help about_remote

    read all carefully.


    \_(ツ)_/

    Thursday, July 20, 2017 7:55 AM