Adding domain groups to local administrators group on remote computers(servers/workstations) is most common activity any system administrator do. I got similar task today and realized that I don’t have a PowerShell function to do. We know it is simple and can build command on fly, but having a function is much more useful. So, I have written below function and added to my techibee module(will publish this soon).
This script takes three arguments. 1) ComputerName — on which you want to do this operation. 2)GroupName — that you want to add to the local administrators group of remote computer 3) DomainName — an optional parameter using which you can pass the domain name if the group you are adding belongs to different domain that of your computer is currently in.
function Add-DomainGroupToLocalAdministrator { param ( [parameter(Mandatory = $true)] $ComputerName, [parameter(Mandatory = $true)] $GroupName, $DomainName ) if(!($DomainName)) { Import-Module ActiveDirectory $DomainName = (Get-AdDomain).DNSRoot.ToString() } try { $AdminGroup = [ADSI]("WinNT://$ComputerName/Administrators,Group") $AdminGroup.Add("WinNT://$DomainName/$GroupName,Group") Write-host "Successfully Added $GroupName to local administrators group of $computerName" } catch { Write-Error $_ } }
Hope this helps…