Re: Membership...

Hi, Torgeir,

It works great. Thank you so much for the help.

Fan

"Torgeir Bakken (MVP)" <Torgeir.Bakken-spam@xxxxxxxxx> wrote in message
news:%23UOH9GvjFHA.576@xxxxxxxxxxxxxxxxxxxxxxx
> Fan Fan wrote:
>
>> Please help.
>> I would like to remove DOMAIN account from a LOCAL administrators group
>> REMOTELY using vb script. Can anybody either point me the way for more
>> reading material for the subject or present me with the vb script? The
>> following script can remove the member of the Administrators group if the
>> account is a LOCAL account to that computer. If the account is a DOMAIN
>> account, I got the error with message: 'A member could not be added or
>> removed from the local group because the member does not exist'.
>>
>> Dim oDomain,oGroup,sDomain,sGroup,sUser
>> sDomain = "TheRemotePC" 'local host; member of the Active Directory
>> domain
>> sGroup = "Administrators"
>> sUser = "JDow" 'a domain account; not an account to the local pc
>> Set oDomain = GetObject("WinNT://" & sDomain)
>> Set oGroup = oDomain.GetObject("Group", sGroup)
>> oGroup.Remove("WinNT://" & sDomain & "/" & sUser)
>>
> Hi,
>
> You need to include the domain the user is member of in the ADsPath
> you feed to the Remove method.
>
> This works for me:
>
> '--------------------8<----------------------
> Option Explicit
>
> Dim sComputer, sUserDomain, sGroup, sUser, oGroup
>
> sComputer = "TheRemotePC" ' local host; member of the Active Directory
> domain
> sUserDomain = "mydomain" ' the domain the user is member of
> sGroup = "Administrators"
> sUser = "JDow" ' a domain account; not an account to the local
> pc
>
> Set oGroup = GetObject("WinNT://" & sComputer & "/" & sGroup & ",group")
> oGroup.Remove("WinNT://" & sUserDomain & "/" & sUser)
>
> '--------------------8<----------------------
>
>
>
> --
> torgeir, Microsoft MVP Scripting and WMI, Porsgrunn Norway
> Administration scripting examples and an ONLINE version of
> the 1328 page Scripting Guide:
> http://www.microsoft.com/technet/scriptcenter/default.mspx


.

Relevant Pages

  • Re: Membership...
    ... Administrators group in some computers contrain members with deleted domain ... account such as this: ... >> REMOTELY using vb script. ... >> following script can remove the member of the Administrators group if the ...
    (microsoft.public.scripting.vbscript)
  • Re: NT AUTHORITY/INTERACTIVE auto populating the admin group
    ... I think you’re on to something with the local script, ... If I remove the account and then reboot, ... >> it auto populates the admin group at next boot. ... > How to Configure a Global Group to Be a Member of the Administrators ...
    (microsoft.public.windowsxp.configuration_manage)
  • Re: Membership...
    ... I would like to remove DOMAIN account from a LOCAL administrators group REMOTELY using vb script. ... The following script can remove the member of the Administrators group if the account is a LOCAL account to that computer. ... If the account is a DOMAIN account, I got the error with message: 'A member could not be added or removed from the local group because the member does not exist'. ...
    (microsoft.public.scripting.vbscript)
  • Re: User type
    ... Do I put the script, using gpedit.msc, on the domain or workstations. ... > If the computer is member of domain then you should use domain user ... Add this computer account to new domain group called e.g. ... > administrator and make your users local administrators. ...
    (microsoft.public.windows.server.setup)
  • Re: Rename...
    ... Sean's idea of using domain policy to rename the administrator's account is ... there is a way to do that by using vb script and I like to learn that. ... Fan ...
    (microsoft.public.scripting.vbscript)
Loading