Adding a user to the local Administrator group using powershell

Solution 1:

On Server 2016 and Windows 10 Version 1607 and later you can use the new PowerShell local user cmdlets:

Add-LocalGroupMember -Group Administrators -Member username

This was added in Windows Management Framework (WMF) 5.1.

The Microsoft.PowerShell.LocalAccounts module works fine on 2012 R2 if you just copy the files into a $env:PsModulePath location.

Solution 2:

Here is a simple 2 line script that performs this function

$group = [ADSI]("WinNT://"+$env:COMPUTERNAME+"/administrators,group")
$group.add("WinNT://$env:USERDOMAIN/usernameiwantoadd,user")

For more information see Hey, Scripting Guy! How Can I Use Windows PowerShell to Add a Domain User to a Local Group?

So there are a couple of notes. In the first line I used string concatenation, I didn't have to (see the next line) but I like to because it helps accentuate the variables I am using. Second, these lines will add a domain user, if you wanted to add a local user just remove $env:USERDOMAIN/

Solution 3:

This is the Advanced Function That I use to add a users to the local Administrator group using Powershell on several computers.

Usage: Get-Content C:\Computers.txt | Set-LocalAdminGroupMembership -Account 'YourAccount'

Function Global:Set-LocalAdminGroupMembership
{


    <#
    .Synopsis

    .Description

    .Parameter $ComputerName,

    .Example
     PS> Set-LocalAdminGroupMembership -ComputerName $ComputerName -Account 'YourAccount'

    .Link
     about_functions
     about_functions_advanced
     about_functions_advanced_methods
     about_functions_advanced_parameters

    .Notes
     NAME:      Set-LocalAdminGroupMembership
     AUTHOR:    Innotask.com\dmiller
     LASTEDIT:  2/4/2010 2:30:05 PM
     #Requires -Version 2.0
    #>



    [CmdletBinding()]
    param(
    [Parameter(Position=0, ValueFromPipeline=$true)]
    $ComputerName = '.',
    [Parameter(Position=1, Mandatory=$true)]
    $Account
    )


    Process
    {  

        if($ComputerName -eq '.'){$ComputerName = (get-WmiObject win32_computersystem).Name}    
        $ComputerName = $ComputerName.ToUpper()


        $Domain = $env:USERDNSDOMAIN

        if($Domain){
            $adsi = [ADSI]"WinNT://$ComputerName/administrators,group"
            $adsi.add("WinNT://$Domain/$Account,group")
            }else{
            Write-Host "Not connected to a domain." -foregroundcolor "red"
            }


    }# Process


}# Set-LocalAdminGroupMembership

Solution 4:

Simple Step to add a domain user to the Administrators group:

Add-LocalGroupMember -Group Administrators -Member $env:USERDOMAIN\<username>

Note: Make sure you run PowerShell "As Administrator".

Tags:

Windows

Powershell

Automation

Recent Posts