Adding Domain Groups to Local Administrators Group with PowerShell

less than 1 minute read

A common way to add domain groups to the local administrators group on a computer is with the net command. This worked well for me until I ran into groups with names longer than 20 characters. That’s right, the NET.EXE /ADD command does not support names longer than 20 characters. If net localgroup /add is being used in a computer startup script, the groups with long names just won’t be added.

So the traditional batch file startup script was replaced with a PowerShell startup script, and this is how I now add domain groups to the local administrators group on computers.

([adsi]"WinNT://./Administrators,group").Add("WinNT://DOMAIN/My Extremely Long Group Name with Spaces,group")

You May Also Enjoy

Import-Csv and Headers in PowerShell

2 minute read

The Import-Csv cmdlet in PowerShell is awesome. It saves a lot of time and provides a great integration point since the csv format is a common option for exp...

Honorary Scripting Guy!

less than 1 minute read

This week I was selected as an Honorary Scripting Guy. The list includes some of the top authors and trainers in the PowerShell world, and it’s a real honor ...