Issue:
Resolution:
- Click >
- Double-click the Hyper-V Administrators group > Click Add > In the Enter the object names to select field, enter the user account name to whom you want to assign permissions > OK > Apply > OK
- Double-click the Administrators group > Click Add > In the Enter the object names to select field, enter the user account name to whom you want to assign permissions > OK > Apply > OK
Alternatively, one can run a script such as:
01 02 03 04 05 06 07 08 09 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 | $remoteComputers='HyperVServer1','HyperVServer2'$newMembers='intranet\HyperV Admins'$localGroup='Hyper-V Administrators','Administrators'$domainAdminCred=$nullfunction addUserToLocalGroup{ param( $computername=$env:computername, $accountToAdd, $accountPassword=$null, $localGroup='Administrators', $domainAdminCred=$null ) try{ $session=if($domainAdminCred){ new-pssession $computername -Credential $domainAdminCred -ea Stop }else{ new-pssession $computername -ea Stop } } catch{ write-warning $_ return $false } invoke-command -session $session -scriptblock{ param($principleName,$password,$groupName) $osVersion=[System.Environment]::OSVersion.Version $psVersion=$PSVersionTable.PSVersion $computerRole=switch ((Get-WmiObject Win32_OperatingSystem -EA Silentlycontinue).ProductType){ 1 {'client'} # ClientOs 2 {'domaincontroller'} #ServerOs with DC role 3 {'memberserver'} #ServerOs machines } if($computerRole -eq 'domaincontroller'){ write-warning "$env:computername is a Domain Controller. Local Users and Groups are not applicable." return $false } $members=if($osVersion -gt [version]'6.3.9600.0' -or $psVersion -ge [version]'5.1'){ (get-localgroupmember $groupName).Name }else{ $x=net localgroup $groupName $x[6..$($x.length-3)] } $localUsers=if($osVersion -gt [version]'6.3.9600.0' -or $psVersion -ge [version]'5.1'){ (get-localuser).Name }else{ $x=net user $x[4..$($x.length-3)] -split ' '|?{$_.trim()} } if(!($members|?{$_ -eq $principleName -or $_ -eq "$env:computername\$principleName"})){ # backward compatible with legacy PowerShell try{ if(!($localUsers|?{$_ -eq $principleName}) -and $principleName -notmatch '\\'){ if($osVersion -gt [version]'6.3.9600.0' -or $psVersion -ge [version]'5.1'){ $encryptedPass = ConvertTo-SecureString $password -AsPlainText -Force New-LocalUser -name $principleName -Password $encryptedPass -FullName "$principleName" }else{ $null=net user $principleName "$password" /add /passwordreq:yes /fullname:"$principleName" } } write-host "Adding $principleName into $groupName on $env:computername" if($osVersion -gt [version]'6.3.9600.0' -or $psVersion -ge [version]'5.1'){ Add-LocalGroupMember -Group $groupName -Member $principleName -ea Stop }else{ $null=net localgroup $groupName /add $principleName } $currentMembers=if($osVersion -gt [version]'6.3.9600.0' -or $psVersion -ge [version]'5.1'){ (get-localgroupmember $groupName).Name }else{ $x=net localgroup $groupName $x[6..$($x.length-3)] } if($currentMembers|?{$principleName -eq $_}){ write-host "$principleName has been added to $groupName successfully`r`n$($currentMembers|out-string)" return $true }else{ write-host "$principleName has NOT been added into group $groupName`r`n$($currentMembers|out-string)" return $false } }catch{ write-warning "$error" return $false } }else{ write-host "$principleName is already a member of $groupName." return $true} } -args $accountToAdd,$accountPassword,$localGroup remove-pssession $session}$remoteComputers|%{ $computer=$_; write-host "Checking $computer..." $newMembers|%{addUserToLocalGroup $computer $_ $newPassword $localGroup $domainAdminCred}} |
Categories: