Add Users to the local machine administrator group


Add Users to the local machine administrator group

I had a client that needed to add a couple of users to the local administrators group of every machine on the domain.  After looking through the options I found this solution as the easiest and least likely to create other permission issues on the computer.

Simply adding users to the existing


  1. Create a security group called “Deskside Support” and add the appropriate users to it. 
  2. Configure “Deskside Support” as a Restricted Group.  
  3. On “This group is a member of the following groups…” add “Administrators.”  
  4. This will add “Deskside Support” to the Administrators group on any computer that this GPO applies to, without removing any other members that are already present.
If you are wanting to change the permissions and replace existing users there is a destructive way to do this but keep in mind it will replace the users already setup on the machines.
  1. Configure “Administrators” as a Restricted Group
  2. On “This group has the following members…” include the users you want.  
  3. All other users will be removed from the Administrators group on any computer that this GPO applies to
Solution was found at Experts Exchange Question ID: 22836115


More About the Author

Aaron Richardson

Director, IT Practice Delivery
Quick Q&A: Why We Like Microsoft for Cloud-Based Productivity A few months ago, we kicked off a new blog series where we ask some of our IT experts what they like about certain technologies, as ...
How InterWorks’ IT Service Model Is Different Most IT service providers have a set menu of offerings you can choose from. They define exactly how their technology will be delivered, ...

See more from this author →

Subscribe to our newsletter

  • I understand that InterWorks will use the data provided for the purpose of communication and the administration my request. InterWorks will never disclose or sell any personal data except where required to do so by law. Finally, I understand that future communications related topics and events may be sent from InterWorks, but I can opt-out at any time.
  • This field is for validation purposes and should be left unchanged.

InterWorks uses cookies to allow us to better understand how the site is used. By continuing to use this site, you consent to this policy. Review Policy OK


Interworks GmbH
Ratinger Straße 9
40213 Düsseldorf
Geschäftsführer: Mel Stephenson

Telefon: +49 (0)211 5408 5301

Amtsgericht Düsseldorf HRB 79752
UstldNr: DE 313 353 072