Use the blue Nav bar above to access the main index pages!

Add Administrators to Multiple Servers Using PowerShell

How to add a user or group to the local administrators group on multiple Windows servers using a PowerShell script.  It's a common task, you build some new servers, and you have to add an Active Directory group to the local administrators group to grant administrative access to some groups.  Usually this is manually done by logging on to each server, opening Computer Management, and adding the group, one server at a time.  Brutal.

Why not do it with PowerShell?  It's not complicated.  We can use the ADSI provider for PowerShell to connect to the local security accounts manager on each server and add a member to the local Administrators group.

The script reads server names from a file, servers.txt.  For each server, it connects to the administrators group, and adds a member to it.  The script needs to be customized for your environment.  Simply replace myDomain with the name of your Active Directory domain, and replace myGroup with the name of the group you want to add.

$servers = Get-Content .\servers.txt
"Name`tStatus" | Out-File -FilePath .\results.txt
foreach ($server in $servers){
  $adminGroup = [ADSI]"WinNT://$server/Administrators"
  "$server`tSuccess" | Out-File -FilePath .\results.txt -Append
  "$server`t" + $_.Exception.Message.ToString().Split(":")[1].Replace("`n","")
  "$server`t" + $_.Exception.Message.ToString().Split(":")[1].Replace("`n","") | Out-File -FilePath .\results.txt -Append


Anonymous said...

Nice solution. the piping fails and users will need to change that into a"|". Not sure how the formatting restrictions are here. I had a similar scripts, but your "catch" convinced me.

Anonymous said...

The following exception occurred while retrieving member "add": "The network path was not found."
At line:6 char:18
+ $adminGroup.add <<<<

Brian said...

Make sure you replace "myDomain" with whatever your domain name is. It looks like it's failing to find your domain.

Anonymous said...

YOU ARE THE MAN! 583 servers i dont have to touch. worked great TY

Anonymous said...

I am getting this message:
A member could not be added to or removed from the local group because the member does not exist.

Brian said...

Make sure you're using the correct domain name and group name. There's not much else that could go wrong...

Kevin P said...

great script, worked great

Bellgates said...

Great Script!! Appreciated!!

Anonymous said...

this script works, thank you very much

bruceXedwards said...

Also, this script works great for adding users to other local groups when editing line 6:

$adminGroup = [ADSI]"WinNT://$server/Performance Log Users"

Post a Comment

Related Posts Plugin for WordPress, Blogger...