|
As Les says. Part of the logon process is to obtain a Security Token from the authenticating server. This token contains (for illustrative purposes) all the keys that user currently owns.
After logon, if you add a new key to a new door, well that user doesn't see or know it until they log out and then log back in.
Another problem you could have is that even if you removed the user - if they don't log off well their token still says they have Admin rights locally until they log off and back on again.
Someone that knows you're doing this would simply wait for your script to end and then create a local account of their own with Admin rights and you wouldn't even know it.
Then they could add or do anything on the computer they wanted to.
I HIGHLY recommend you find another way to do what it is you're wanting to do.
| 
