Powershell script issue for add the domain user to the local admin group

PerserPolis-1732 1,326 Reputation points
2022-05-11T09:48:16.587+00:00

Hi

the following Power Shell Script add the AD domain user to the local admin group on the client machine.

Here my script

>

[CmdletBinding()]
Param(
[Parameter(Mandatory=$true,Position=1)]
[ValidateSet("User","Group")]
[String]
$ObjectType,

[Parameter(Mandatory=$true,Position=2)]
[ValidateScript({($_.split("\").count -eq 2)})]
[string]$ObjectName,

[Parameter(Position=3)]
[String[]]$ComputerName=$env:COMPUTERNAME

)

$ResultsFile = "c:\temp\result.csv"
$ObjDomain = $ObjectName.Split("\")[0]
$ObjName = $ObjectName.Split("\")[1]
$ComputerCount = $ComputerName.Count
$count = 0
Add-Content -Path $ResultsFile -Value "ComputerName,Status,Comments"
foreach($Computer in $ComputerName) {
$count++
$Status=$null
$Comment = $null
Write-Host ("{0}. Working on {1}" -f $Count, $Computer)
if(Test-Connection -ComputerName $Computer -Count 1 -Quiet) {
Write-Verbose "$Computer : Online"
try {
$GroupObj = [ADSI]"WinNT://$Computer/Administrators"
$GroupObj.Add("WinNT://$ObjDomain/$ObjName")
$Status = "Success"
$Comment = "Added $ObjectName $ObjectType to Local administrators group"
Write-Verbose "Successfully added $ObjectName $ObjectType to $Computer"
} catch {
$Status = "Failed"
$Comment = $_.toString().replace("n","").replace("r","")
Write-Verbose "Failed to add $ObjectName $ObjectType to $Computer"
}

    Add-Content -Path $ResultsFile -Value ("{0},{1},{2}" -f $Computer,$Status,$Comment )    

} else {
    Write-Warning "$Computer : Offline"
    Add-Content -Path $ResultsFile -Value ("{0},{1}" -f $Computer,"Offline")
}

}

I run that script with following command

AddocalAdminGroupMembers.ps1 -ObjectType User -ObjectName "domain\User" -ComputerName "test"

domain\user , I put here my domain and username and -ComputerName put here my client computer name

I have 100 different domain users and 100 different computers I have to add these to the local admin group, it means I have to run that script 100 times

My question is:

Is there anyway to add all username and computername in one step? for example with CSR file

Regards

Windows Server PowerShell
Windows Server PowerShell
Windows Server: A family of Microsoft server operating systems that support enterprise-level management, data storage, applications, and communications.PowerShell: A family of Microsoft task automation and configuration management frameworks consisting of a command-line shell and associated scripting language.
5,362 questions
0 comments

5 answers

Sort by: Most helpful
Most helpful Newest Oldest
  1. Rich Matheisen 44,776 Reputation points
    2022-05-11T19:14:04.033+00:00

    You could turn your script into a function and add a bit of "driver" code to take a CSV with the data and turn it into function calls. 

    Function AddOne{
    [CmdletBinding()]
    Param(
        [Parameter(Mandatory = $true, Position = 1)]
        [ValidateSet("User", "Group")]
        [String]
        $ObjectType,

        [Parameter(Mandatory = $true, Position = 2)]
        [ValidateScript({ ($_.split("\").count -eq 2) })]
        [string]$ObjectName,
        [Parameter(Position = 3)]
        [String[]]$ComputerName = $env:COMPUTERNAME
    )

    $ResultsFile = "c:\temp\result.csv"
    $ObjDomain = $ObjectName.Split("\")[0]
    $ObjName = $ObjectName.Split("\")[1]
    $ComputerCount = $ComputerName.Count
    $count = 0
    Add-Content -Path $ResultsFile -Value "ComputerName,Status,Comments"
    foreach ($Computer in $ComputerName) {
        $count++
        $Status = $null
        $Comment = $null
        Write-Host ("{0}. Working on {1}" -f $Count, $Computer)
        if (Test-Connection -ComputerName $Computer -Count 1 -Quiet) {
            Write-Verbose "$Computer : Online"
            try {
                $GroupObj = [ADSI]"WinNT://$Computer/Administrators"
                $GroupObj.Add("WinNT://$ObjDomain/$ObjName")
                $Status = "Success"
                $Comment = "Added $ObjectName $ObjectType to Local administrators group"
                Write-Verbose "Successfully added $ObjectName $ObjectType to $Computer"
            }
            catch {
                $Status = "Failed"
                $Comment = $_.toString().replace("`n", "").replace("`r", "")
                Write-Verbose "Failed to add $ObjectName $ObjectType to $Computer"
            }

            Add-Content -Path $ResultsFile -Value ("{0},{1},{2}" -f $Computer, $Status, $Comment )    
        }
        else {
            Write-Warning "$Computer : Offline"
            Add-Content -Path $ResultsFile -Value ("{0},{1}" -f $Computer, "Offline")
        }

    }
}

# Use the function

# CSV looks like this:
#Computer,Account,Type
#WS01,Domain\Account,User
#WS01,Domain\Account,Group
Import-CSV c:\Junk\MyCsv.csv |
    ForEach-Object{
        AddOne -ComputerName $_.Computer -ObjectName $_.Account -ObjectType $_.Type
    }
    0 comments
  2. PerserPolis-1732 1,326 Reputation points
    2022-05-12T06:45:01.563+00:00

    Hi,

    It works.

    Thank you for help

    Regards

  3. PerserPolis-1732 1,326 Reputation points
    2022-05-13T12:43:26.887+00:00

    Hi Rich,

    Is there a way to use that script to remove the AD User from local Admin group with CSV file?

    Regards

  4. PerserPolis-1732 1,326 Reputation points
    2022-05-16T06:38:58.843+00:00

    I changed the Object ADD , but it does not work

  5. PerserPolis-1732 1,326 Reputation points
    2022-05-16T16:21:11.827+00:00

    I have changed only the add function in the script

    0 comments