Jump to content

Adding network admins to the Local Admin group automatically

linkpalmer

By linkpalmer
in Windows 7

 Share

Recommended Posts

linkpalmer

linkpalmer

Posted
Posted

Hi Guys, I wonder if you can help out.

I'm trying to add a network admin security group to my local Admins group on some computers I'm prepping. Currently this means logging in with the local admin, opening computer management, adding the group, then putting in my network admin credentials.

What I'm trying to do is script it. Here is the script I have so far, which obviously doesn't work.

net localgroup Administrators /ADD domain\SG_AD_Admins
net localgroup "Power Users" /ADD "domain\domain users"

It keeps throwing me an Access is denied error when I run it as either local admin or network admin, which makes sense since I need the local account to get into computer management but then network admin to actually add the security group.

I was also messing around with the runas command, but so far I'm pretty stumped. Any help would be appreciated!

Link to comment
Share on other sites

MrJinje

MrJinje

Posted
Posted (edited)

Not sure if this is plausible in your scenario, but at work we schedule domain admin accounts to be added to the baseline image using setupcomplete.cmd. This way those accounts are inserted on first boot up.

In fact our setupcomplete.cmd actually calls a 'kicker' script from the network share so that it is easier for us to make modifications to the script (insert new groups, users, join domain all automated) without having to modify our image.

Edited by MrJinje
Link to comment
Share on other sites
linkpalmer

linkpalmer

Posted
  • Author
Posted

Not sure if this is plausible in your scenario, but at work we schedule domain admin accounts to be added to the baseline image using setupcomplete.cmd. This way those accounts are inserted on first boot up.

In fact our setupcomplete.cmd actually calls a 'kicker' script from the network share so that it is easier for us to make modifications to the script (insert new groups, users, join domain all automated) without having to modify our image.

MrJinje, I would be interested to see the kicker script that you are using so I could see how exactly the accounts are being added on that first boot. This seems like a route we could go.

Thanks for the help guys

Link to comment
Share on other sites
MrJinje

MrJinje

Posted
Posted (edited)

SetupComplete.cmd

start /wait \\Somewhere\kicker.cmd

kicker.cmd

net localgroup Administrators /ADD domain\SG_AD_Adminsnet localgroup "Power Users" /ADD "domain\domain users"

Quick dirty way to customize your install DVD from the server side. Can make one change to the kicker script, all future installations will be affected. Use it to add roles and features, newer versions of applications, or anything you forgot to put in the install disk.

Edited by MrJinje
Link to comment
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
 Share
Go to topic listing

  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...