PowerShell - Add AD User/Group to Local Administrator Group

<#
.SYNOPSIS  
Script to add an AD User or group to the Local Administrator group
    
.DESCRIPTION
The script can use either a plaintext file or a computer name as input and will add the trustee (user or group) as an administrator to the computer
    
.PARAMETER InputFile
A path that contains a plaintext file with computer names
.PARAMETER Computer
This parameter can be used instead of the InputFile parameter to specify a single computer or a series of
computers using a comma-separated format
    
.PARAMETER Trustee
The SamAccount name of an AD User or AD Group that is to be added to the Local Administrators group
.NOTES  
Name: Set-ADAccountasLocalAdministrator.ps1
.EXAMPLE  
.\Set-ADAccountasLocalAdministrator.ps1.ps1 -Computer Server01 -Trustee MananChoksi
Description:
Will set the the JaapBrasser account as a Local Administrator on Server01
.EXAMPLE  
.\Set-ADAccountasLocalAdministrator.ps1.ps1 -Computer 'Server01,Server02' -Trustee Contoso\HRManagers
Description:
Will set the HRManagers group in the contoso domain as Local Administrators on Server01 and Server02
.EXAMPLE  
.\Set-ADAccountasLocalAdministrator.ps1 -InputFile C:\ListofComputers.txt -Trustee User01
Description:
Will set the User01 account as a Local Administrator on all servers and computernames listed in the ListofComputers file
#>
param(
     [Parameter(ParameterSetName='InputFile')]
     [string]
         $InputFile,
     [Parameter(ParameterSetName='Computer')]
     [string]
         $Computer,
     [string]
         $Trustee
)
<#
.SYNOPSIS
     Function that resolves SAMAccount and can exit script if resolution fails
#>
function Resolve-SamAccount {
param(
     [string]
         $SamAccount,
     [boolean]
         $Exit
)
     process {
         try
         {
             $ADResolve = ([adsisearcher]"(samaccountname=$Trustee)").findone().properties['samaccountname']
         }
         catch
         {
             $ADResolve = $null
         }
        if (!$ADResolve) {
             Write-Warning "User `'$SamAccount`' not found in AD, please input correct SAM Account"
             if ($Exit) {
                 exit
             }
         }
         $ADResolve
     }
}
if (!$Trustee) {
     $Trustee = Read-Host "Please input trustee"
}
if ($Trustee -notmatch '\\') {
     $ADResolved = (Resolve-SamAccount -SamAccount $Trustee -Exit:$true)
     $Trustee = 'WinNT://',"$env:userdomain",'/',$ADResolved -join ''
} else {
     $ADResolved = ($Trustee -split '\\')[1]
     $DomainResolved = ($Trustee -split '\\')[0]
     $Trustee = 'WinNT://',$DomainResolved,'/',$ADResolved -join ''
}
if (!$InputFile) {
     if (!$Computer) {
         $Computer = Read-Host "Please input computer name"
     }
     [string[]]$Computer = $Computer.Split(',')
     $Computer | ForEach-Object {
         $_
         Write-Host "Adding `'$ADResolved`' to Administrators group on `'$_`'"
         try {
             ([ADSI]"WinNT://$_/Administrators,group").add($Trustee)
             Write-Host -ForegroundColor Green "Successfully completed command for `'$ADResolved`' on `'$_`'"
         } catch {
             Write-Warning "$_"
         }   
     }
}
else {
     if (!(Test-Path -Path $InputFile)) {
         Write-Warning "Input file not found, please enter correct path"
         exit
     }
     Get-Content -Path $InputFile | ForEach-Object {
         Write-Host "Adding `'$ADResolved`' to Administrators group on `'$_`'"
         try {
             ([ADSI]"WinNT://$_/Administrators,group").add($Trustee)
             Write-Host -ForegroundColor Green "Successfully completed command"
         } catch {
             Write-Warning "$_"
         }       
     }
}

Comments
Save above powershell in to Set-ADAccountasLocalAdministrator.ps1
Run this powershell command with pass parameters
.\Set-ADAccountasLocalAdministrator.ps1 –Computer computerName –Trustee domaine\userID

PowerShell – Get the Sharepoint Manange Meta Data site colum default value and set that value in all list under that site.

Add-PSSnapin Microsoft.SharePoint.Powershell

$site  = 'Site URL’
$fieldName = 'Countries'
$web = Get-SPWeb $site
$mmsServiceName = "Managed Metadata Service"
$taxonomySite = Get-SPSite $site
$web=  $taxonomySite.OpenWeb()
$taxSession = New-Object Microsoft.SharePoint.Taxonomy.TaxonomySession($taxonomySite)
$termStore = $taxSession.TermStores[$mmsServiceName]
$field = $web.Fields.GetFieldByInternalName('Countries')
$defaultValue=$field.DefaultValue

foreach($list in $web.Lists)
     {
      if( $list.Fields.ContainsField("Countries") -eq $true)
           {                                      
               write-host $item["Title"]
               $spItem = [Microsoft.SharePoint.SPListItem]$item;
               $taxField = [Microsoft.SharePoint.Taxonomy.TaxonomyField]$spItem.Fields["Countries"]
               $item["Countries"] = $defaultValue;
               $item.Update();
               break;
           }
     }

Task Scheduler Error “A specified logon session does not exist”

Solution

I found that the above error will only occur if the following Security Policy is enabled and you select the “Run whether user is logged on or not” Security option on the General tab, when creating a new task:

SECPOL.MSC | Security Settings | Local Policies | Security Options

Network access: Do not allow storage of passwords and credentials for network authentication

To resolve this issue, simply Set this policy to Disabled:

The new version of Task Scheduler (Windows Vista onwards) uses Windows Credential Manager to store the credentials of the account that is specified to perform a task.  If the Network access: Do not allow storage of passwords and credentials for network authentication policy is enabled and applied, Credential Manager cannot store the credentials locally, thus this error message appears.

NOTE you will not receive this error if the “Run only when user is logged on” Security option on the General tab is selected (we do not store passwords in this scenario).