Power Users Group

Archived from groups: microsoft.public.windowsxp.security_admin (More info?)

Is there a way using a GPO or security object to make all doamin & local
users who login to an XP machine be a member of the "Power Users" group by
default? w/o having to touch each machine to make the change to the local
policy.

Archived from groups: microsoft.public.windowsxp.security_admin (More info?)

Thanks Torgeir, this helps me...

"Torgeir Bakken (MVP)" wrote:

> jfgreen wrote:
>
> > Is there a way using a GPO or security object to make all doamin & local
> > users who login to an XP machine be a member of the "Power Users" group by
> > default? w/o having to touch each machine to make the change to the local
> > policy.
> Hi
>
> A couple of options, at least for the domain user accounts:
>
> 1)
> Create a GPO based computer startup script that adds e.g. the builtin
> "NT Authority\Interactive" (meaning everybody logged in interactively
> (through the console) on the computer) to the Power Users group.
>
> Computer startup script runs as part of the boot up process
> (before the user logs in) and it runs under the system context
> and has administrator rights.
>
> NET.EXE LOCALGROUP /ADD "Power Users" "NT Authority\Interactive"
>
>
> 2)
> Restricted Groups enforced with Group Policy is maybe an option:
>
> http://groups.google.com/groups?se [...] 13.phx.gbl
>
> and
>
> How to Configure a Global Group to Be a Member of the Administrators
> Group on all Workstations
> http://support.microsoft.com/defau [...] -us;320065
>
> Note that this will delete all existing members of the local group you
> apply this policy to.
>
>
>
> --
> torgeir, Microsoft MVP Scripting and WMI, Porsgrunn Norway
> Administration scripting examples and an ONLINE version of
> the 1328 page Scripting Guide:
> http://www.microsoft.com/technet/s [...] fault.mspx
>