Sign in
Microsoft.com
 
Microsoft
 
 
 

locked
The script is not giving any output RRS feed

 > 

  • General discussion

  • Discussion
    Sign in to vote
    0
    Sign in to vote
    Hi - I tried using Add AD user/group to Local Administrator Group  however when I am using it via computerlist.txt file, it's not working and neither giving any error after executing. Please advice.
    • Changed type Bill_Stewart Wednesday, February 14, 2018 7:12 PM
    • Moved by Bill_Stewart Wednesday, February 14, 2018 7:12 PM Abandoned
    Wednesday, December 27, 2017 7:22 AM

All replies

  • Discussion
    Sign in to vote
    0
    Sign in to vote
    Without your script your question is meaningless.

    \_(ツ)_/

    Wednesday, December 27, 2017 7:53 AM
  • Discussion
    Sign in to vote
    0
    Sign in to vote

    My Bad :-)

    here is the script content.

    #>
    param(
        [Parameter(ParameterSetName='InputFile')]
        [string]
            $InputFile,
        [Parameter(ParameterSetName='Computer')]
        [string]
            $Computer,
        [string]
            $Trustee
    )
    <#
    .SYNOPSIS
        Function that resolves SAMAccount and can exit script if resolution fails
    #>
    function Resolve-SamAccount {
    param(
        [string]
            $SamAccount,
        [boolean]
            $Exit
    )
        process {
            try
            {
                $ADResolve = ([adsisearcher]"(samaccountname=$Trustee)").findone().properties['samaccountname']
            }
            catch
            {
                $ADResolve = $null
            }

            if (!$ADResolve) {
                Write-Warning "User `'$SamAccount`' not found in AD, please input correct SAM Account"
                if ($Exit) {
                    exit
                }
            }
            $ADResolve
        }
    }

    if (!$Trustee) {
        $Trustee = Read-Host "Please input trustee"
    }

    if ($Trustee -notmatch '\\') {
        $ADResolved = (Resolve-SamAccount -SamAccount $Trustee -Exit:$true)
        $Trustee = 'WinNT://',"$env:userdomain",'/',$ADResolved -join ''
    } else {
        $ADResolved = ($Trustee -split '\\')[1]
        $DomainResolved = ($Trustee -split '\\')[0]
        $Trustee = 'WinNT://',$DomainResolved,'/',$ADResolved -join ''
    }

    if (!$InputFile) {
        if (!$Computer) {
            $Computer = Read-Host "Please input computer name"
        }
        [string[]]$Computer = $Computer.Split(',')
        $Computer | ForEach-Object {
            $_
            Write-Host "Adding `'$ADResolved`' to Administrators group on `'$_`'"
            try {
                ([ADSI]"WinNT://$_/Administrators,group").add($Trustee)
                Write-Host -ForegroundColor Green "Successfully completed command for `'$ADResolved`' on `'$_`'"
            } catch {
                Write-Warning "$_"
            }    
        }
    }

    Wednesday, December 27, 2017 8:08 AM
  • Discussion
    Sign in to vote
    0
    Sign in to vote

    The code does not make much sense.  What are you trying to do?

    \_(ツ)_/

    Wednesday, December 27, 2017 8:46 AM
  • Discussion
    Sign in to vote
    0
    Sign in to vote

    I am trying to run this script to add the AD Users/Groups in local Administrator group of a server. with the above script and syntax .\Set-ADAccountasLocalAdministrator.ps1 -InputFile C:\ListofComputers.txt -Trustee <User01>.

    I have created a list of server with the name ListofComputers.txt and kept both the script and .txt file in same location. Upon executing the command, it returns to the directory and no change happens.

    Thursday, December 28, 2017 2:00 AM
  • Discussion
    Sign in to vote
    0
    Sign in to vote

    That doesn't make much sense.  What are you trying to add to what?

    To add users/groups to a local group use "Add-LocalGroupMember".

    HELP Add-LocalGroupMember -full

    \_(ツ)_/

    Thursday, December 28, 2017 2:17 AM
  • Discussion
    Sign in to vote
    0
    Sign in to vote

    Ok. I guess I made it sound confusing. Here is my requirement.

    Need a powershell script to add the domain user or group to the local administrator group in the list of servers. the scripts  has to work on any domains ....test, build, stage domains.

    So I used the above script and test it for couple of servers however, it's not working as I neither get the the user added to local Administrators group of a server nor there is an error that  script didn't ran successfully.

    Hope I made myself clear this time.

    Thursday, December 28, 2017 2:43 AM
  • Discussion
    Sign in to vote
    0
    Sign in to vote

    Look in the Gallery for scripts that add accounts to local groups.  There are many that do this.

    \_(ツ)_/

    Thursday, December 28, 2017 2:46 AM
  • Discussion
    Sign in to vote
    0
    Sign in to vote

    To add any account to any local group this is all that is needed.

    $group = [adsi]'WinNT://alpha/Administrators,group'
$aDSPath = 'WinNT://domain/account'
$group.psbase.Invoke('Add',$aDSPath)

    \_(ツ)_/

    Thursday, December 28, 2017 2:54 AM
  • Discussion
    Sign in to vote
    0
    Sign in to vote

    Yes, that what I did. I found the below one and executed in my environment but it's not making the changes.

    https://gallery.technet.microsoft.com/scriptcenter/Add-AD-UserGroup-to-Local-fe5e9239

    used with syntax 

    .\Set-ADAccountasLocalAdministrator.ps1 -InputFile C:\ListofComputers.txt -Trustee User01

    • Edited by Sajjy Thursday, December 28, 2017 2:56 AM
    Thursday, December 28, 2017 2:55 AM
  • Discussion
    Sign in to vote
    0
    Sign in to vote
    You don't need a script. I recommend using a GPO to manage the local Administrators groups on computers.

    -- Bill Stewart [Bill_Stewart]

    Thursday, December 28, 2017 4:00 PM