I would like to write a script that will add a domain user to the local administrator group. I already tried
NET LOCALGROUP Administrators "domain\domainuser" /ADD
but I get the Access Denied error.
The problem is that if I want to run it as domain user, it does not have local admin rights, and if as local admin, it does not have access to the domain names. (I don't want to use domain admin)
If I manually right click the computer icon, than manage, I type in the computer name/local admin user/pass, than in Local Users and Groups -> Groups folder I want to add user to Administrators, I am prompted to log in again. If I log in than with a domain user, it works.
My question is, if it is possible to do the same (or something similar) with batch script?
I have solved it with another way, using 2 batch files So I give you my code:
This one creates a folder in c: , than it creates a text file, it copies the name of the current user in it, than the other batch file in the same folder, and finaly runs it as local admin. If you write the password correctly(password will not appear as " * " when you write it):
mkdir c:\tempfiles$
break>c:\tempfiles$\temp.txt
echo %username% >> "c:\tempfiles$\temp.txt"
copy "%~dp0\admin.bat" "c:\tempfiles$"
runas /noprofile /env /user:%computername%\<LOCAL ADMIN USER> "C:\tempfiles$\admin.bat"
pause
rmdir /s /q "c:\tempfiles$"
The admin.bat, takes the user name writen in the text file (if this wasn't, it would take the %username% as the local admin username to add it, because we run it as the local admin) The copy for the batch file is only necessary so you can run it from anywhere. For example if you would have it on a server's mapped drive it would not work.
set /p u=<c:\tempfiles$\temp.txt
net localgroup Administrators /add <DOMAIN NAME>\%u%
I have tried it on multiple computer, on most of it, it runs. On some of the computers it does not, probably because of the local policy of my company. I did not figgured that out yet.
For any questions or suggestions, feel confident to write your opinion.