Powershell Script To Add A User To A Local Admin Group

Table of Contents

Toggle

• Introduction
• How to add users or groups to the local administrator group using Powershell
  • Add a domain group or user to the local administrator group using Powershell
  • Add a local user to the local administrator group using Powershell
  • Add a Microsoft account to the local administrator group using Powershell
  • Review that the user or group has been added to the local admin group
• How to remove a user or group from the local admin group using Powershell
• Conclusion
• References
• Related posts

Introduction

Adding users, or most often groups from Active Directory to the local administrator group on the server or client is a common task carried out as a system administrator.

Previously, accomplishing this required some scripting, but now it’s possible to use a simple one-liner. Of course, you can also use this one-liner in your scripts.

This blog post covers adding user accounts and groups to the local administrator group using Powershell. I also cover how to remove them.

How to add users or groups to the local administrator group using Powershell

The commands for adding or removing a user or group from a local admin group is the same.

Note that all the commands below require that you are running an elevated Powershell window.

Add a domain group or user to the local administrator group using Powershell

You can add AD security groups or users to the local admin group using the below Powershell command:

Add-LocalGroupMember -Group "Administrators" -Member "domain\user or group," "additional users or groups."

Add a local user to the local administrator group using Powershell

When adding a local user to the admin group, use this command. The same goes for when adding multiple users.

Add-LocalGroupMember -Group "Administrators" -Member "username"

Add a Microsoft account to the local administrator group using Powershell

If you want to add a Microsoft account to the local admin group, use the following command:

Add-LocalGroupMember -Group "Administrators" -Member "MicrosoftAccount\[email protected]"

Review that the user or group has been added to the local admin group

That’s it! When I look in the local administrator group from the Computer Management view, I now see my domain user:

You can also see which users or groups are part of the local admin group using Powershell:

Get-LocalGroupMember -Group "Administrators"

How to remove a user or group from the local admin group using Powershell

If you want to remove a user or group from the local admin group, enter this command:

Remove-LocalGroupMember -Group "Administrators" -Member "the same as for adding a user or group"

Conclusion

Carrying out simple tasks as adding users or groups to the local administrator group can be done via the GUI or Powershell.

I highly recommend using Powershell for tasks like these, as it’s essential to be fluent in Powershell.

If you want to improve your Powershell skills, make sure to sign up for Pluralsight. It’s my favorite way of learning new skills!

How do you add users or groups to the local administrator group? Please leave a comment below!

References

• Microsoft Docs – Powershell scripting

Related posts

• Use Powershell to copy content from one text file to another
• Copy a file to a new directory using Powershell
• Powershell script to add users from a file to a group
• How to change the Powershell version for backward compatibility
• Powershell UNC path browsing using PSDrives