Grenky Posted February 1, 2005 Share Posted February 1, 2005 If .sif is arranged like this:........[Identification] JoinDomain=domainname DomainAdmin=Administrator DomainAdminPassword=xxxxxxx........then after the Windows installation we can see the following: so when entering, we have to select domain enter and use domain name & password. Let’s assume user was created – he is not an administrator of the computer so far, hence is not allowed to install software… RunOnceEx.cmd tries in vain. Question: How to add user (selected) into the group “administrators” of the computer prior to entering the system.sorry fo my Eng. Link to comment Share on other sites More sharing options...
andrewpayne Posted February 1, 2005 Share Posted February 1, 2005 Hi Grenkythe command used is net localgroup Administrators /add "DOMAIN\username"where DOMAIN is your Domain Name and username is the Domain Userthis needs to be inserted into your cmdlines or other batch file before runonceex.cmd is run and will then enable this user to be a local admin from the word go.hope this helps! Link to comment Share on other sites More sharing options...
Grenky Posted February 2, 2005 Author Share Posted February 2, 2005 It must run at T-12. But at T-12 "cmd" run as SYSTEM AUTHORITY (not Domain Administrator)So, I have'nt right to add Domain Users to localgroup Administrators.And I want select User from Domain Users List. Link to comment Share on other sites More sharing options...
andrewpayne Posted February 2, 2005 Share Posted February 2, 2005 You want to select a domain user during the installation? You will need to modify the Group Policy for your OU in AD to include a startup script to run the above command I mentioned - however insert the name of a group rather than user (eg LOCALADMIN) and add all domain users who require local administrator rights to this group.By default - Domain Users are Power Users not Local Admin - as I know you are aware.I had a similar problem with ensuring control over Local Administrators and the Startup Script appled to Computer using GP in OU was my method of overcoming this.However - Unattended Installations should be automated and require little if any interaction. So personally I would setup the installation using the default Administrator account with auto logon etc - and keep the selection of domain users to become local admins as a 'post installation' - done by Group Policy for your AD. This would be much easier and far more efficient to manage.Just my thoughts... Link to comment Share on other sites More sharing options...
Recommended Posts
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
Register a new accountSign in
Already have an account? Sign in here.
Sign In Now