Add / remove current computer system to/from an Active Directory security group

This command line application helps in adding or removing the current computer system to a Active Directory group.

Syntax:

The following command will add the computer to the AD group “My-AD-Group”

Or

The following command will remove the computer from the AD group “My-AD-Group”

Or

Usage:

This application can be used with login scripts to add/remove the system from Active Directory groups.

It can be used in SCCM Tasksequences and Applications to add/remove the system from Active Directory groups based on conditions.

It can be run on a command line in an interactive prompt.

If running as SYSTEM – The group should have permission set for ‘SELF’ to add remove itself to the group.

If running as User – The user should have permissions to add remove computer objects to the group.

Set permissions for “Domain Computers” for the AD group to “Read” and “Add remove self as member”.

Download Here

Related Articles

1 Comment
Oldest
Newest Most Voted
Inline Feedbacks
View all comments
Luna Stella
2 months ago

Thanks for the share Trent. We now use this to add machines to Active Directory groups during the SCCM Task Sequence runtime.

1
0
Would love your thoughts, please comment.x
()
x