Group Policy question
I have just deployed a bunch of hardware for some of our stations to accept credit cards, and the company we got the equipment from didnt bother to tell me their utility needs to run as a local admin. I installed it as admin, but the users logging on are not.
So, without having to physically go to all these stations and add each user that could be sitting there to the local admin group...is there a way to either add an executable to run as a local administrator in the group policy, or add certain users to local admin?
So, without having to physically go to all these stations and add each user that could be sitting there to the local admin group...is there a way to either add an executable to run as a local administrator in the group policy, or add certain users to local admin?
Comments
-
NightShade03 Member Posts: 1,383 ■■■■■■■□□□I know in VBScript you can add specific users to the local admin group. After this you could get the script to "Run As" the user you just added and call the .exe of the program. Although pushing out a script like this would work I'm sure that there is a better way to do it.
-
RobertKaucher Member Posts: 4,299 ■■■■■■■■■■I have just deployed a bunch of hardware for some of our stations to accept credit cards, and the company we got the equipment from didnt bother to tell me their utility needs to run as a local admin. I installed it as admin, but the users logging on are not.
So, without having to physically go to all these stations and add each user that could be sitting there to the local admin group...is there a way to either add an executable to run as a local administrator in the group policy, or add certain users to local admin?
Use PSExec and add the interactive user to the local admin group. You can create a text file with the computer names in it and just run the net localgroup command. -
Hyper-Me Banned Posts: 2,059Use the Restricted Groups group policy and add who you want to the local admins group
-
phoeneous Member Posts: 2,333 ■■■■■■■□□□Several ways to do it.
One way is to create a startup script and apply it to the OU that contains the computers that you want to add the group to. In the startup script you can use the commandnet localgroup Administrators "domain\group" /add
Or you can do this
How to Add domain accounts to Local Administrators Group using GPO - Richard Dixon's Blog -
HeroPsycho Inactive Imported Users Posts: 1,940Doing it via GPO and locking down anyone editing the GPO is a good way to do it, because it would correct someone removing the needed accounts down the road.Good luck to all!
-
Zartanasaurus Member Posts: 2,008 ■■■■■■■■■□Use the Restricted Groups group policy and add who you want to the local admins groupCurrently reading:
IPSec VPN Design 44%
Mastering VMWare vSphere 5 42.8% -
crrussell3 Member Posts: 561Use the Restricted Groups group policy and add who you want to the local admins group
+1 for Restricted Groups.MCTS: Windows Vista, Configuration
MCTS: Windows WS08 Active Directory, Configuration