Grant Users Log On as a Service Right via PowerShell
Update: I made some edits to fix the comparison function, newest version should be reflected in Gist. I also created two more functions and put them all in one file on Github here.
Another day, another challenge that PowerShell is ready to tackle. This time I needed to programmatically grant some local users the right to log on as a service. Unsurprisingly, these accounts are service accounts. I based the script off this excellent little ditty from the msdn code samples. Check below the break for the script and some notes.
Essentially the script uses the scedit utility to export the current config and update it with additional SIDs. This script could be easily adapted to update any right in the list. I also changed the users parameter to a string array. A basic example of this function would be: Grant-LogOnAsService -users TestUser,TestUser2
Here is the full script:
Director, Cloud Solutions and Microsoft MVP: Cloud (Azure/Azure Stack) & DC Mgmt
Ned Bellavance is an IT professional with over 15 years of experience in the industry. Starting as a humble helpdesk operator, Ned has worked up through the ranks of systems administration and infrastructure architecture, and in the process developed an expansive understanding of IT infrastructure and the applications it supports. Currently, Ned works as the Director of Cloud Solutions for Anexinet in the Philadelphia metropolitan area, specializing in Enterprise Architecture both on-premise and in the cloud. Ned holds a number of industry certifications from Microsoft, VMware, Citrix, and Cisco. He also has a B.S. in Computer Science and an MBA with an Information Technology concentration.