When adding a domain user to the local administrators group I receive an access denied, this worked before and now sadly and strangely it no longer does.
$user = "mydomain/user"
$group = [ADSI]"WinNT://./Administrators,group"
$group.Add("WinNT://$user,user")
Exception calling "Add" with "1" argument(s): "Access is denied. " At C:\test\Untitled5.ps1:3 char:1 + $group.Add("WinNT://$user,user") + ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ + CategoryInfo : NotSpecified: (:) [], MethodInvocationException + FullyQualifiedErrorId : CatchFromBaseAdapterMethodInvokeTI
Logged on as a domain administrator
Same error using the PowerShell ISE or the console
Yet, I am able to add the user through the Computer Management MMC snap-in, no problem.
This is most likely User Account Control (UAC) related. Make sure you run PowerShell "As Administrator." Otherwise, if you're not running "as admin," you're running PowerShell under your user's account's standard user token, which doesn't have access to make this change.