New script: Set AD User/Group on as Local Administrator

I was recently asked to add a certain Active Directory group to a few dozen computers. Using Group Policy and Restricted Groups was not an option here, since there were already other users and groups in the Administrators group. That triggered me to write up a script in PowerShell which could do this for me.

The script is available here: Technet Gallery: Set-ADAccountasLocalAdministrator.ps1

To set an AD Group as a Local Administrator the script can be executed as follows:

.\Set-ADAccountasLocalAdministrator.ps1 -Computer 'Server01,Server02' -Trustee HRManagers

It is also possible to run this script with a plain text file containing a list of computer names:

.\Set-ADAccountasLocalAdministrator.ps1 -InputFile C:\ListofComputers.txt -Trustee User01

5 thoughts on “New script: Set AD User/Group on as Local Administrator

  1. Art Schramm

    I\’m attempting to run the script as follows set-adaccountaslocaladministrator.ps1 -Computer ACCSSCP01 -Trustee krause\KG_SRV_ADMINAnd it keeps telling me that the ps1 file is not recognized as the name of a cmdlet, function, script file, or operable program. Thoughts?

    1. Jaap Brasser Post author

      In PowerShell it is necessary to either use the full path or the .\ notation when executing a script. Can you give the exact input you used then I can verify what is going wrong.

  2. Saul

    worked very well in Windows 10
    … how do I can remove Administrator permissions and return AD User to User Standar?

  3. ganesh

    PS C:\Windows\System32> .\Set-ADAccountasLocalAdministrator.ps1 -Computer IN-Z0P1FROZZ – Trustee HRManagers
    Missing closing ‘)’ in expression.
    At C:\Windows\System32\Set-ADAccountasLocalAdministrator.ps1:48 char:5
    + [ <<<


Leave a Reply