Question: I want to create a Powershell script to add an Active Directory Group to the the local Administrator Group on a group of servers. The login privileges to execute the script would be Administrator.
What is the Powershell command to add the group along with an example
Answer: Powershell has a group of cmdlets designed to manage membership of local groups. The first one to check is the cmdlet returning the current membership of the Local Administrators group
--Get-LocalGroupMember returns members from a local group. This example is using the Administrators group
Get-LocalGroupMember -Group"Administrators"
-- Add-LocalGroupMember will add members to a local group
Add-LocalGroupMember -Group "Administrators" -Member "MYDOMAIN\myADGroup"
If the member already exists in the Local Administrators group you will see a message similar to :
Add-LocalGroupMember : MYDOMAIN\myADGroup is already a member of group Administrators.
At line:1 char:1
+ Add-LocalGroupMember -Group "Administrators" -Member "MYDOMAIN\myADGroup ...
+ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+ CategoryInfo : ResourceExists: (Administrators:String) [Add-LocalGroupMember], MemberExistsException
+ FullyQualifiedErrorId : MemberExists,Microsoft.PowerShell.Commands.AddLocalGroupMemberCommand