Category filter

Script to change admin user to non-admin user in Windows

A user belonging to the ‘Administrators’ group has complete and unrestricted access to the device. Suppose you want to revoke the administrator privileges of a user to prevent them from making system-wide changes. You can easily get it done by writing commands to remove the users from the ‘Administrators’ group and add them to the ‘Users’ group. These commands can be embedded in a script, and you can run it directly from Hexnode using the Execute Custom Scripts remote action.


The sample scripts provided below are adapted from third-party open-source sites.

Batch file script to change an admin user to a non-admin user

PowerShell script to change an admin user to a non-admin user

Replace “Username” with the actual username and “Groupname” with the desired group name.


After executing the .ps1 file from the Hexnode, if you come across as an output such as “command is not recognized” in the Action History, add this to the beginning of the file, followed by the steps 1 and 2.

This PowerShell script checks if the script is running in a 32-bit PowerShell process on a 64-bit operating system. If the condition is met, it displays a warning message “Restarting script under 64-bit PowerShell”, restarts the script under a 64-bit PowerShell process using the sysnative path, and then exits the original 32-bit PowerShell process. This is done to ensure the script runs in a 64-bit environment when necessary.


  • Executing commands that modify user groups and permissions can have significant consequences, so it’s important to use such scripts with caution, especially on systems where user roles and permissions are critical.
  • It is recommended to manually validate the script execution on a system before executing the action in bulk.
  • Hexnode will not be responsible for any damage/loss to the system on the behavior of the script.

  • Sample Script Repository