local admin group membership - remove

  • Thread starter Thread starter Andrew Story
  • Start date Start date
A

Andrew Story

Hello all,

Is there anyway to remove a user/group en mass from the local admin group on
a machine(s). I'm aware of doing it by logon/startup scripts, but wondered
of it is possible to do this automatically (via a script possibley) whilst
users are logged onto the network and working.

Thanks.
 
Andrew said:
Is there anyway to remove a user/group en mass from the local admin group
on
a machine(s). I'm aware of doing it by logon/startup scripts, but
wondered
of it is possible to do this automatically (via a script possibley) whilst
users are logged onto the network and working.

Thanks.
Click to expand...

Hi,

You can add and remove members from local groups remotely, as long as you
have sufficient permissions. You must use the WinNT provider for local
groups, so you must bind to the member to be removed with WinNT also. For
example:
===================
' Specify NetBIOS name of computer.
strComputer = "WST208"

' Bind to local admin group on remote computer.
Set objLocalGroup = GetObject("WinNT://" & strComputer &
"/Administrators,group")

' Bind to user or group to be removed.
' This can be a local user/group or domain user/group.
Set objMember = GetObject("WinNT://MyDomain/jsmith,user")

' Check membership.
If (objLocalGroup.IsMember(objMember.AdsPath) = True) Then
' Remove the member.
objLocalGroup.Remove(objMember.AdsPath)
End If
 
Thanks Richard.

Richard Mueller said:
Hi,

You can add and remove members from local groups remotely, as long as you
have sufficient permissions. You must use the WinNT provider for local
groups, so you must bind to the member to be removed with WinNT also. For
example:
===================
' Specify NetBIOS name of computer.
strComputer = "WST208"

' Bind to local admin group on remote computer.
Set objLocalGroup = GetObject("WinNT://" & strComputer &
"/Administrators,group")

' Bind to user or group to be removed.
' This can be a local user/group or domain user/group.
Set objMember = GetObject("WinNT://MyDomain/jsmith,user")

' Check membership.
If (objLocalGroup.IsMember(objMember.AdsPath) = True) Then
' Remove the member.
objLocalGroup.Remove(objMember.AdsPath)
End If
Click to expand...
 
Back
Top