Eleyland,

this is nothing I'd do in a logon script, as it seems to be a single run task !
I'd run this from an admin Workstation with a list of Workstation to loop and achieving results either by using adsi methods,
or even a temporary install of RCMD on the Clients ...
Much better than using SU ( It's a pain in the A** IMHO)

For the adsi strategy : Bryce ? Shawn ? Anybody ?

using a temp RCMD installation:

code:

;somewhere in the loop (readline a list of Clients) ...
;$share is '\\$client\admin$$'
;$client is the client ws name (assuming it has already been mapped earlier in the loop)
;$bin is the folder where Oemnsvrc.inf and rcmdsvc.exe are resident
;you should have xnet.exe and rcmd.exe in path (..\system32)

copy $bin + '\oemnsvrc.inf' $share + '\system32\'
if @error
'$client : Copy of Oemnsvrc.inf failed' ?
goto skip
else
copy $bin + '\rcmdsvc.exe.inf' $share + '\system32\'
if @error
'$client : Copy of rcmdsvc.exe failed' ?
goto skip
else
shell '%ComSpec% /c xnet install \\' + $client + '\RemoteCmd /b:Rcmdsvc.exe /d:LanmanServer /n:"Remote Command Server" /u:LocalSystem /s:auto >nul'
if @error
'$client : Installation of RCMD failed' ?
goto skip
else
shell '%ComSpec% /c xnet start \\' + $client + '\RemoteCmd >nul'
if @error
'$client : starting RCMD failed' ?
goto skip
else
shell '%ComSpec% /c rcmd \\' + $client + ' net localgroup administrators "DOMAIN\Local ADMIN GROUP" /delete >%0\..\dummy.txt'
if @error = 1 ; rcmd returns 1 on success !!!
shell '%Comspec% /c type %0\..\dummy.txt |find /C "successfully." >nul'
if @error
'$client : unable to remove global group' ?
else
'$client : done !' ?
endif
else
'$client : executing net localgroup failed' ?
goto skip
endif
endif
endif
endif
endif
:skip
shell '%ComSpec% /c xnet stop \\' + $client + '\RemoteCmd >nul'
shell '%ComSpec% /c xnet remove \\' + $client + '\RemoteCmd /y >nul'
del $share + '\system32\Oemnsvrc.inf'
del $share + '\system32\rcmdsvc.exe'
use $share /delete
loop

Hth

Jochen

[ 16 October 2001: Message edited by: jpols ]