Sign up for the ITPro Today newsletter
Stay on top of the IT universe with commentary, news analysis, how-to's, and tips delivered to your inbox daily.
JSI Tip 10370. How can I remotely (or locally) add or delete local or domain users to/from a local group?
Jerold Schulman
April 6, 2006
2 Min Read
Using only standard commands, I have scripted LocalGroup.bat to add or delete users to/from a local group.
The syntax for using LocalGroup.bat is:
LocalGroup Computer LocalGroup User AorD OK
Where:
Computer is the NetBIOS computer name where the LocalGroup exists, like JSI007.LocalGroup is the local group name on Computer, like Administrators or "Power Users".User is the local or domain user, using the "ComputerNameLocalUserName" or "DomainNameDomainUser" format, like JSI007Administrator or "JSIINCJennifer".AorD is the action switch, A is Add and D is delete.OK is a call directed environment variable that will contain a Y if the maintenance was successful, or a N is the maintenance failed. A message is displayed with one of these failure reasons: The network path was not found. The specified local group does not exist. The user name could not be found. The specified account name is not a member of the local group. The specified account name is already a member of the local group.
LocalGroup.bat contains:
@echo offsetlocal ENABLEDELAYEDEXPANSIONif {%5}=={} goto err1set Comp=%1set Group=%2set User=%3set AorD=%4if /i "%AorD%" EQU "a" goto vbsif /i "%AorD%" NEQ "d" goto err2:vbsif exist "%TEMP%LocalGroup.vbs" goto [email protected] Oargs, strComputer, strGroup, strUser, AorD>"%TEMP%LocalGroup.vbs"@echo.Set WshShell = CreateObject("WScript.Shell")>>"%TEMP%LocalGroup.vbs"@echo.Set oArgs = WScript.Arguments>>"%TEMP%LocalGroup.vbs"@echo.strComputer = oArgs(0)>>"%TEMP%LocalGroup.vbs"@echo.strGroup = oArgs(1)>>"%TEMP%LocalGroup.vbs"@echo.strUser = oArgs(2)>>"%TEMP%LocalGroup.vbs"@echo.strUser = Replace(StrUser,"","/")>>"%TEMP%LocalGroup.vbs"@echo.AorD = oArgs(3)>>"%TEMP%LocalGroup.vbs"@echo.if lCase(AorD) = "a" then>>"%TEMP%LocalGroup.vbs"@echo. Set objGroup = GetObject("WinNT://" ^& strComputer ^& "/" ^& strGroup ^& ",group")>>"%TEMP%LocalGroup.vbs"@echo. Set objUser = GetObject("WinNT://" ^& strUser ^& ",user")>>"%TEMP%LocalGroup.vbs"@echo. objGroup.Add(objUser.AdsPath)>>"%TEMP%LocalGroup.vbs"@echo. Wscript.Quit>>"%TEMP%LocalGroup.vbs"@echo.End If>>"%TEMP%LocalGroup.vbs"@echo.if lCase(AorD) = "d" then>>"%TEMP%LocalGroup.vbs"@echo. Set objGroup = GetObject("WinNT://" ^& strComputer ^& "/" ^& strGroup ^& ",group")>>"%TEMP%LocalGroup.vbs"@echo. Set objUser = GetObject("WinNT://" ^& strUser ^& ",user")>>"%TEMP%LocalGroup.vbs"@echo. objGroup.Remove(objUser.AdsPath)>>"%TEMP%LocalGroup.vbs"@echo. Wscript.Quit>>"%TEMP%LocalGroup.vbs"@echo.End If>>"%TEMP%LocalGroup.vbs":doitset errlog="%TEMP%LocalGroup_%RANDOM%.TMP"if exist %errlog% del /q %errlog%call :quiet>%errlog% 2>&1set err=Yfor /f "Tokens=*" %%x in ('type %errlog%') do ( for /f "Tokens=2* Delims=:" %%a in ('@echo %%x') do ( set err=%%b @echo !err:~1! set err=N ))del /q %errlog%endlocal&set %5=%err%goto :EOF:err1@echo Syntax: LocalGroup Computer Group User AorD OKendlocalgoto :EOF:err2@echo Syntax: LocalGroup Computer Group User AorD OK - AorD %4 invalid.endlocal&set %5=Ngoto :EOF:quietcscript //nologo "%TEMP%LocalGroup.vbs" %Comp% %Group% %User% %AorD%About the Author
You May Also Like
.jpg?width=700&auto=webp&quality=80&disable=upscale)
