Change Groups in Local Admin group

G

Guest

I'm looking for a command line that will delete all entries from the local
admin group with exceptions.

For instance, I can add a group to local admin by using
"NET LOCALGROUP Administrators /add groupname"

Anyone know of a way to delete all groups in there?
 
S

Steven L Umbach

I don't know of a command line way offhand but for domain computers you can
use Group Policy "restricted groups" at the OU level to define exactly what
groups can be in the local administrators group of computers in that OU. If
you remove restricted groups from the GPO, the membership in the local
administrators groups would stay the way restricted groups enforced them
and then you could use net localgroup if you want to. --- Steve
 
R

Roger Abell

You would likely need to write a small script for this,
and then keep it up-to-date on the allowed exceptions.
 

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments. After that, you can post your question and our members will help you out.

Ask a Question

Similar Threads

Domain Admin vs Local Admin 7
local admin group change, how? 2
script to list users and groups in domain admin and local admin gr 6
change local admin psw in AD 2
how to create local group from command line 1
adding domain groups to local admin group 1
domain admin rights keep changing on workstations 3
Share admin 1

Top