I have programmed a Server-Client Version for the Problem you are writing about.

First we have to get a List of Netbios-Names which have been logged on the Domain. Add following script into the netlogon :

quote:
If @inwin="1"

If Open(3,"\\srv0017\logs$\needlocal.log",5)=0
$x=WriteLine( 3,@WKSTA+Chr(13)+Chr(10) )
Close(3)

Else

Beep

? "konnte Log-Datei auf SRV0017 nicht öffnen"
EndIf

EndIf
SRV0017 is my "logging"-Server ....

Then choose a Workstation which is doing a Batch-Job analysing the Log-File and doing a psexec on each remote Station :

quote:
BREAK ON

;? "Checking Log-File"

IF Open(3, "\\srv0017\logs$\NEEDlocal.log")=0

$X= ReadLine(3)

While @ERROR=0
? "WS-Nummer gelesen : "+$x



$go="psexec \\"+$x+" -u domain01\administrator -p password NET LOCALGROUP administratoren locadmin /ADD"

run $go

sleep 5

$go="psexec \\"+$x+" -u domain01\administrator -p password NET LOCALGROUP hauptbenutzer domänen-benutzer /ADD"

run $go
sleep 5

$X= ReadLine(3)
LOOP

WHILE CLOSE (3)><0

BEEP
? "ERROR CLOSING FILE"
Sleep 3
LOOP

del "\\srv0017\logs$\needlocal.log"
? "Liste wird in 5 Minuten erneut bearbeitet ..."

ELSE

;? "Kann Log-Datei nicht öffnen - Keine Einträge vorhanden"
? "Liste wird in 5 Minuten erneut bearbeitet ..."

ENDIF

sleep 100

Goto starte

I created a global Group "locadmin" with all Persons who are allowed to have local admin rights (e.g. HelpDesk-Users). Then the Batch-File adds this global group to the local admin group, second "benutzer" from Domain are added to local hauptbenutzer (must be something like Mainuser and user in english ...8) )...

Script works perfekt in a 2000 Client Domain.

PSEXEC can be found with google.

Hope this is usefull ....

Greetings

J.Schröder

[ 26. November 2002, 12:08: Message edited by: JSchroeder ]