Re: need to modify local group membership via VBscript

From: "Richard Mueller" <rlmueller-NOSPAM@xxxxxxxxxxxxxxxxxxxx>
Date: Wed, 8 Feb 2006 09:16:14 -0600

SixHouse wrote:

i have a bunch of remote workstations (some xp, some NT). i need to make
sure that the domain admins group is a member of the local admins group on
the workstation. can i do this if i have a text file that contains
workstation names?

Hi,

The following example VBScript program should help:

Option Explicit

Dim strDomain, strFile, objFSO, objFile
Dim strComputer, objLocalGroup, objDomainGroup

' Specify the NetBIOS name of the domain.
strDomain = "MyDomain"

' Specify the text file of NetBIOS computer names.
strFile = "c:\Scripts\computers.txt"

' Bind to Domain Admins group with WinNT provider.
Set objDomainGroup = GetObject("WinNT://" & strDomain _
& "/Domain Users,group")

' Open the text file for read access.
Set objFSO = CreateObject("Wscript.FileSystemObject")
Set objFile = objFSO.OpenTextFile(strFile, 1)

' Read each line of the file
Do Until objFile.AtEndOfStream
strComputer = Trim(objFile.ReadLine)
' Skip any blank lines.
If (strComputer <> "") Then
' Bind to local Administrators group with WinNT provider.
' Trap the error if the computer is not available.
On Error Resume Next
Set objLocalGroup = GetObject("WinNT://" & strComputer _
& "/Administrators,group")
If (Err.Number = 0) Then
On Error GoTo 0
' Check if the domain group is already
' a member of the local group.
If Not objLocalGroup.IsMember(objDomainGroup.AdsPath) Then
' Add the domain group to the local group.
objLocalGroup.Add(objDomainGroup.AdsPath)
Wscript.Echo strComputer & " - Domain Admins added"
Else
Wscript.Echo strComputer & " - Already done"
End If
Else
On Error GoTo 0
' Computer not found.
Wscript.Echo strComputer & " - Not found"
End If
End If
Loop

' Close the file
objFile.Close

' Clean up.
Set objFile = Nothing
Set objFSO = Nothing
Set objLocalGroup = Nothing
Set objDomainGroup = Nothing

--
Richard
Microsoft MVP Scripting and ADSI
Hilltop Lab - http://www.rlmueller.net

.

Follow-Ups:
- Re: need to modify local group membership via VBscript
  - From: SixHouse
- Re: need to modify local group membership via VBscript
  - From: SixHouse

References:
- need to modify local group membership via VBscript
  - From: SixHouse

Prev by Date: Re: Login Script - ASP over ODBC
Next by Date: Re: Stupid question
Previous by thread: need to modify local group membership via VBscript
Next by thread: Re: need to modify local group membership via VBscript
Index(es):
- Date
- Thread

Relevant Pages

Re: need to modify local group membership via VBscript
... sure that the domain admins group is a member of the local admins group on ... the workstation. ... ' Bind to Domain Admins group with WinNT provider. ... On Error GoTo 0 ...
(microsoft.public.windows.server.scripting)
Re: W2K Pro Local Admins
... > having Domain Admins group in the Local Administrators ... If you can't trust the people that are placed in the Domain Admins group, ... Administration scripting examples and an ONLINE version of the 1328 page ...
(microsoft.public.win2000.security)
Re: enterprise admins and domain admins
... BLOG --> http://blogs.dirteam.com/blogs/jorge/default.aspx ... How can I put myself into the domain admins group in the sub-domains? ...
(microsoft.public.windows.server.active_directory)
Question for WinInstall customers
... Apparently the WinInstall documentation recommends using an account with ... Domain Admins group membership for software distribution. ... specific AD user account or global group. ...
(microsoft.public.win2000.security)
Re: domain admins
... Sometimes I would temporarily add a user to the Domain Admins group ... If this is on a workstation, the correct place to add permissions is in the ... users should not be installing hardware or software, ...
(microsoft.public.windows.server.general)