Category filter
Script to change admin user to non-admin user in Windows
A user belonging to the ‘Administrators’ group has complete and unrestricted access to the device. Suppose you want to revoke the administrator privileges of a user to prevent them from making system-wide changes. You can easily get it done by writing commands to remove the users from the ‘Administrators’ group and add them to the ‘Users’ group. These commands can be embedded in a script, and you can run it directly from Hexnode using the Execute Custom Scripts remote action.
The sample scripts provided below are adapted from third-party open-source sites.
Batch file script to change an admin user to a non-admin user
|
1 2 3 4 5 6 7 8 9 10 11 |
Rem Step 1: Add the user to the Users group. NET LOCALGROUP Users Username /ADD Rem Step 2: Remove the user from the Administrators group NET LOCALGROUP Administrators Username /DELETE Rem Step 3 (Optional): List the users belonging to Administrators or Users group NET LOCALGROUP Groupname |
PowerShell script to change an admin user to a non-admin user
|
1 2 3 4 5 6 7 8 9 10 11 |
#Step 1: Add the user to the Users group Add-LocalGroupMember -Group “Users” -Member “Username” #Step 2: Remove the user from the Administrators group: Remove-LocalGroupMember -Group “Administrators” -Member “Username” #Step 3: (Optional): List the users belonging to Administrators or Users group Get-LocalGroupMember -Group “Groupname” |
Replace “Username” with the actual username and “Groupname” with the desired group name.
After executing the .ps1 file from the Hexnode, if you come across as an output such as “command is not recognized” in the Action History, add this to the beginning of the file, followed by the steps 1 and 2.
|
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 |
if (($pshome -like “*syswow64*” - and ((Get-WmiObject Win32_OperatingSystem).OSArchitecture -like “64*”)) { write-warning “Restarting script under 64 bit powershell” #relaunch this script under 64 bit shell & (join-path ($pshome -replace “syswow64”, “sysnative”)\powershell.exe) -file $myinvocation.mycommand.Definition @args #This will exit the original PowerShell process. This will only be done in case of an x86 process on a x64 OS. exit } |
This PowerShell script checks if the script is running in a 32-bit PowerShell process on a 64-bit operating system. If the condition is met, it displays a warning message “Restarting script under 64-bit PowerShell”, restarts the script under a 64-bit PowerShell process using the sysnative path, and then exits the original 32-bit PowerShell process. This is done to ensure the script runs in a 64-bit environment when necessary.
- Executing commands that modify user groups and permissions can have significant consequences, so it’s important to use such scripts with caution, especially on systems where user roles and permissions are critical.
- It is recommended to manually validate the script execution on a system before executing the action in bulk.
- Hexnode will not be responsible for any damage/loss to the system on the behavior of the script.
