PowerShell script to add/remove a domain user to the Local Administrators group on a remote machine

Here is a by request PowerShell script to add/remove a domain user to the Local Administrators group on a remote machine and you can easily make it to work on multiple remote machines using the technique in my previous script

# if your user name is whatever\test

$domain = "whatever"
$strComputer = "XYZ"
$username = "test"

$computer = [ADSI]("WinNT://" + $strComputer + ",computer")
$computer.name

$Group = $computer.psbase.children.find("administrators")
$Group.name

# This will list what’s currently in Administrator Group so you can verify the result

function ListAdministrators

{$members= $Group.psbase.invoke("Members") | %{$_.GetType().InvokeMember("Name", ‘GetProperty’, $null, $_, $null)}
$members}
ListAdministrators

# Even though we are adding the AD account but we add it to local computer and so we will need to use WinNT: provider

$Group.Add("WinNT://" + $domain + "/" + $username)

ListAdministrators

$Group.Remove("WinNT://" + $domain + "/" + $username)

ListAdministrators

email

Written by , Posted .