Hi,
I’ve created a Task Action Script that will add a certain domain security group. However, that status shows complete but on the Endpoint side, it wasn’t added.
waithidden net localgroup Administrators “domainname\Windows Server local admins” /add
Thanks.
NET.EXE /ADD command does not support names longer than 20 characters
https://support.microsoft.com/en-us/help/324639/net-exe-add-command-does-not-support-names-longer-than-20-characters
You can do it using a different command:
// Disable wow64 redirection on x64 OSes
action uses wow64 redirection {not x64 of operating system}
delete __createfile
// CREATEFILE
createfile until END_OF_FILE
([adsi]“WinNT://./Administrators,group”).Add(“WinNT://domainname/Windows Server local admins,group”)
END_OF_FILE
delete powershell.ps1
move __createfile powershell.ps1
waithidden { pathname of file ((it as string) of value “Path” of key “HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\PowerShell\1\ShellIds\Microsoft.PowerShell” of native registry) } -ExecutionPolicy Bypass -File powershell.ps1
Hi,
I tried your suggestion but the status got stuck on ‘Waiting’ and it didn’t apply on the target endpoint.
I pasted this under the script:
// Disable wow64 redirection on x64 OSes
action uses wow64 redirection {not x64 of operating system}
_delete _createfile
// CREATEFILE
createfile until END_OF_FILE
([adsi]“WinNT://./Administrators,group”).Add(“WinNT://domainname/Windows Server local admins,group”)
END_OF_FILE
delete powershell.ps1
_move _createfile powershell.ps1
waithidden { pathname of file ((it as string) of value “Path” of key “HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\PowerShell\1\ShellIds\Microsoft.PowerShell” of native registry) } -ExecutionPolicy Bypass -File powershell.ps1