a

localadmin/localadmin.ps1

@@ -0,0 +1,72 @@
+param(
+    $CSV=""
+)
+
+function Add-LocalAdminUser {
+    param(
+        $ComputerName="",
+        $MemberName="admin"
+    )
+        
+    $member = $MemberName
+    if (-not $member.StartsWith("WABTEC")){
+        $member = $ComputerName+"\"+$member
+    }
+    $member | Out-Host
+
+
+    $pingtest = $null
+    $pingtest = (Test-NetConnection -ComputerName $ComputerName).PingSucceeded
+    $result = $null
+    if (($null -ne $pingtest) -and $pingtest){
+        
+        $ComputerName | Out-Host
+
+        .\psremote-remote.ps1 $ComputerName | Out-Null
+        
+        Start-Sleep 2
+
+        $ComputerName | Out-Host
+        $result = Invoke-Command -ComputerName $ComputerName -ScriptBlock { 
+            hostname | Out-Host
+
+            "Profiles" | Out-Host
+            gwmi win32_userprofile | Select-Object @{LABEL="last used";EXPRESSION={$_.ConvertToDateTime($_.lastusetime)}},LocalPath |
+                Where-Object {-not (($_.Localpath -like "*Service*") -or ($_.Localpath -like "C:\WINDOWS*")) } | Out-Host
+
+            "LocalUsers" | Out-Host
+            Get-LocalUser | Out-Host
+            "Groupmembers" | Out-Host
+            Get-LocalGroup | Where-Object {$_.Name -like "Admin*"} | ForEach-Object { 
+                $group = $_ ;
+                Get-LocalUser | Where-Object {$_.Name -like "Admin*"} | ForEach-Object {
+                    Add-LocalGroupMember -Member $_ -Group $group | Out-Null;
+                }
+                Add-LocalGroupMember -Member $member -Group $group | Out-Null ;
+                
+                Get-LocalGroupMember -Group $group | Select-Object -ExpandProperty "Name"
+
+            }
+        }
+    }
+
+    [PSCustomObject]@{
+        ComputerName=$ComputerName;
+        MemberName=$MemberName;
+        Test=$pingtest;
+        result=(ConvertTo-Json $result -Compress);
+    }
+}
+
+function Main($CSVNAME){
+    Get-Content $CSVNAME | ConvertFrom-Csv -Header PC,USER -Delimiter ";" | ForEach-Object {
+        Add-LocalAdminUser -ComputerName $_.PC -MemberName $_.USER
+    }
+}
+if ($MyInvocation.CommandOrigin -eq "Runspace"){
+    Main $CSV
+}
+
+<#
+
+#>

localadmin/psremote-remote.ps1

@@ -0,0 +1,49 @@
+param(
+    $ComputerName  = 'somehostname.full.qualified.domain',
+    [switch]
+    $GetCredential=$false,
+    [switch]
+    $ForceGetCredential=$false,
+    [System.Management.Automation.PSCredential]
+    $Credential=$null,
+    [switch]
+    $ClientTrust=$false
+)
+
+if ($ClientTrust){
+    if (!([Security.Principal.WindowsPrincipal][Security.Principal.WindowsIdentity]::GetCurrent()).IsInRole([Security.Principal.WindowsBuiltInRole] "Administrator")) { Start-Process powershell.exe "-NoProfile -ExecutionPolicy Bypass -File `"$PSCommandPath`" `"$args`"" -Verb RunAs; exit }
+    Enable-PSRemoting -Force
+    Set-Item WSMan:localhost\client\trustedhosts -value *
+    Get-Item WSMan:localhost\client\trustedhosts
+    exit
+}
+
+$SessionArgs = @{
+    ComputerName = $ComputerName
+    SessionOption = New-CimSessionOption -Protocol Dcom
+}
+if ($null -ne $Credential){
+    $SessionArgs.Credential = $Credential
+}
+if ($ForceGetCredential -or $GetCredential){
+    if ($ForceGetCredential -or ($null -eq $global:psremoteremotecred)) {
+        $global:psremoteremotecred = Get-Credential
+    }
+    $SessionArgs.Credential = $global:psremoteremotecred
+}
+$SessionArgs | Out-Host
+
+$cmd_reg = "New-Itemproperty -name LocalAccountTokenFilterPolicy -path HKLM:\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System -propertyType DWord -value 1"
+$cmd_enable = "Enable-PSRemoting -Force"
+$Session = New-CimSession @SessionArgs
+if ($null -ne $Session){
+    $MethodArgs = @{
+        ClassName     = 'Win32_Process'
+        MethodName    = 'Create'
+        CimSession    = $Session
+        Arguments     = @{
+            CommandLine = "powershell Start-Process powershell -ArgumentList '$cmd_reg;$cmd_enable;'"
+        }
+    }
+    Invoke-CimMethod @MethodArgs
+}

localadmin/runtime/.gitignore

@@ -0,0 +1 @@
+*