How to assign user rights to a local user account through powershell?


I want to modify the user rights associated with a local user account.I want to add groups and users to a particular User Rights. This is done by opening the group policy and opening the following folder in the console tree: Computer Configuration\Windows Settings\Security Settings\Local Policies\User Rights Assignment. Then click on the required user Right and add the user or group to it.

Is it possible to do the same through powershell scripts?


What I would do is open SecPol.msc, make your modifications via the GUI to a baseline computer and export an .inf template for installation via powershell.

The template can be installed with secedit.exe. If you want, you can open the inf file in a text editor and scroll until you see the [Privilege Rights] section. Here is one for example.

[Privilege Rights]
SeDenyServiceLogonRight = *S-1-1-0,*S-1-5-19, KNUCKLE-DRAGGER

Run this command and reboot. Edit .inf and .db names as appropriate.

    secedit.exe /configure /cfg C:\customsettings.inf /db C:\WINDOWS\security\Database\customsettings.db /quiet

Answered By – Knuckle-Dragger

This Answer collected from stackoverflow, is licensed under cc by-sa 2.5 , cc by-sa 3.0 and cc by-sa 4.0

Leave a Reply

(*) Required, Your email will not be published