Action Script to to execute Net Localgroup command

Hi,

I’ve created a Task Action Script that will add a certain domain security group. However, that status shows complete but on the Endpoint side, it wasn’t added.

waithidden net localgroup Administrators “domainname\Windows Server local admins” /add

Thanks.

NET.EXE /ADD command does not support names longer than 20 characters
https://support.microsoft.com/en-us/help/324639/net-exe-add-command-does-not-support-names-longer-than-20-characters

You can do it using a different command:

// Disable wow64 redirection on x64 OSes
action uses wow64 redirection {not x64 of operating system}

delete __createfile

// CREATEFILE
createfile until END_OF_FILE
([adsi]“WinNT://./Administrators,group”).Add(“WinNT://domainname/Windows Server local admins,group”)
END_OF_FILE

delete powershell.ps1
move __createfile powershell.ps1

waithidden { pathname of file ((it as string) of value “Path” of key “HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\PowerShell\1\ShellIds\Microsoft.PowerShell” of native registry) } -ExecutionPolicy Bypass -File powershell.ps1

Hi,

I tried your suggestion but the status got stuck on ‘Waiting’ and it didn’t apply on the target endpoint.

I pasted this under the script:

// Disable wow64 redirection on x64 OSes
action uses wow64 redirection {not x64 of operating system}

_delete _createfile

// CREATEFILE
createfile until END_OF_FILE
([adsi]“WinNT://./Administrators,group”).Add(“WinNT://domainname/Windows Server local admins,group”)
END_OF_FILE

delete powershell.ps1
_move _createfile powershell.ps1

waithidden { pathname of file ((it as string) of value “Path” of key “HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\PowerShell\1\ShellIds\Microsoft.PowerShell” of native registry) } -ExecutionPolicy Bypass -File powershell.ps1