我的學習手記 A technical geek blog: (Domain PC) How to solve the local admin account locked

Monday, November 16, 2009

(Domain PC) How to solve the local admin account locked

If your have a domain PC, the local administrator account is lockout and your domain admin account is remove from the PC local administrators group, what can you do?

This a solution may be useful to solve this problem:

Use the GPO to add a start up script to add a domain user account to this PC.

Use the GPO -> Computer policy -> add the bat and vbs to startup script and add the GPO to the Computer OU

The bat file is used to run the following script:

Script to add domain user account to local Administrators group (From Rod Trent - rtrent [at] swynk [dot] com)

Dim DomainName

Dim UserAccount

Set net = WScript.CreateObject("WScript.Network")

local = net.ComputerName

DomainName = "DomainName"

UserAccount = "userAccount"

set group = GetObject("WinNT://"& local &"/Administrators")

on error resume next

group.Add "WinNT://"& DomainName &"/"& UserAccount &""

CheckError

sub CheckError

        if not err.number=0 then

        set ole = CreateObject("ole.err")

        MsgBox ole.oleError(err.Number), vbCritical

        err.clear

else

        MsgBox "Done."

end if

end sub

http://www.enterpriseitplanet.com/resources/scripts_win/article.php/3083571

我的學習手記 A technical geek blog

Pages

Monday, November 16, 2009

(Domain PC) How to solve the local admin account locked

No comments:

Post a Comment