P
Pulathan Senyucel
I wrote a logon vbscrip for adding some domain users to
local administrator group and the logged on domain user to
local power user group as belowe. The server is w2k server
and active directory is installed. The problem is the
group policy logon script returns me "General access
denied error" if the domain user is not a power user or a
local administrator who logged on to the computer. Is
there any one that can help me...
on error resume next
Set objNet = CreateObject("WScript.NetWork")
Dim strComputer
Dim strUser
strComputer = objNet.ComputerName
strUser = objNet.UserName
' Adds Admin1 user to local administrator group
Set objGroup = GetObject("WinNT://" & strComputer
& "/Administrators,group")
Set objUser = GetObject("WinNT://Domain/Admin1,user")
objGroup.Add(objUser.ADsPath)
' Adds Admin2 user to local administrator group
Set objGroup = GetObject("WinNT://" & strComputer
& "/Administrators,group")
Set objUser = GetObject("WinNT://Domain/Admin2,user")
objGroup.Add(objUser.ADsPath)
'Adds Logged on user to local power user group
Set objGroup = GetObject("WinNT://" & strComputer
& "/Power Users,group")
Set objUser = GetObject("WinNT://Domain/"& strUser
& ",user")
objGroup.Add(objUser.ADsPath)
If Err <> 0 Then
IF err.number= "-2147023518" then ' Object already exist
err.clear
else
Wscript.Echo Err.Number & " -- " & Err.Description & "//
AdUser.vbs"
Err.Clear
end if
End If
This script works if the logged on domain user is local
admin or local power user.
Thanks in advance
local administrator group and the logged on domain user to
local power user group as belowe. The server is w2k server
and active directory is installed. The problem is the
group policy logon script returns me "General access
denied error" if the domain user is not a power user or a
local administrator who logged on to the computer. Is
there any one that can help me...
on error resume next
Set objNet = CreateObject("WScript.NetWork")
Dim strComputer
Dim strUser
strComputer = objNet.ComputerName
strUser = objNet.UserName
' Adds Admin1 user to local administrator group
Set objGroup = GetObject("WinNT://" & strComputer
& "/Administrators,group")
Set objUser = GetObject("WinNT://Domain/Admin1,user")
objGroup.Add(objUser.ADsPath)
' Adds Admin2 user to local administrator group
Set objGroup = GetObject("WinNT://" & strComputer
& "/Administrators,group")
Set objUser = GetObject("WinNT://Domain/Admin2,user")
objGroup.Add(objUser.ADsPath)
'Adds Logged on user to local power user group
Set objGroup = GetObject("WinNT://" & strComputer
& "/Power Users,group")
Set objUser = GetObject("WinNT://Domain/"& strUser
& ",user")
objGroup.Add(objUser.ADsPath)
If Err <> 0 Then
IF err.number= "-2147023518" then ' Object already exist
err.clear
else
Wscript.Echo Err.Number & " -- " & Err.Description & "//
AdUser.vbs"
Err.Clear
end if
End If
This script works if the logged on domain user is local
admin or local power user.
Thanks in advance