##################################################################################
#
#  Script name: Set-LocalGroup.ps1
#  Author:      niklas.goude@zipper.se
#  Homepage:    www.powershell.nu
#
##################################################################################

param([string]$UserName, [string]$Group = ("Administrators"), [string]$Domain, [switch]$Add, [switch]$Remove, [switch]$help)

function GetHelp() {

$HelpText = @"

DESCRIPTION:

NAME: Set-LocalGroup.ps1
Adds Adds or Removes a Domain User to a Local Group

PARAMETERS: 

-UserName    Name of the User to Add or Remove (Required)
-Group       Local Group, Default set to Administrators (Optional)
-Domain      Specify Domain if you want to add a Domain User (Optional)
-Add         Adds User to Local Admin (optional)
-Remove      Removes User from Local Admin (optional)
-help        Prints the HelpFile (Optional)

SYNTAX:

.\Set-LocalGroup.ps1 -UserName nigo -Add

Adds local User nigo to local administrators group on Client

.\Set-LocalGroup.ps1 -UserName nigo -Remove

Removes Local User nigo from local administrators group on Client

.\Set-LocalGroup.ps1 -UserName nigo -Group "Guests" -Add

Adds Local User nigo to the Local Guests Group

.\Set-LocalGroup.ps1 -UserName nigo -Group "Guests" -Domain powershell -Add

Adds Domain User powershell\nigo to the Local Guests Group

.\Set-LocalGroup.ps1 -UserName nigo -Group "Guests" -Domain powershell -Remove

Removes Domain User powershell\nigo from the Local Guests Group


.\Set-LocalGroup.ps1 -help

Displays the helptext

"@
$HelpText
}

function AddRemove-LocalAdministrator ([string]$UserName, [string]$Group, [string]$Domain, [switch]$Add, [switch]$Remove) {

	[string]$computerName = "$env:computername"
	$LocalGroup = [adsi]"WinNT://$computerName/$Group,group"

	if ($Domain) {

		if($Add) {
			$LocalGroup.Add("WinNT://$Domain/$userName") 
		}

		if($Remove) {
			$LocalGroup.Remove("WinNT://$Domain/$userName")
		}
	} else {
		if($Add) {
			$LocalGroup.Add("WinNT://$ComputerName/$userName") 
		}

		if($Remove) {
			$LocalGroup.Remove("WinNT://$ComputerName/$userName")
		}

	}
}

if($help) { GetHelp; Continue }
if($Domain) {
	if($UserName -AND $Add) { AddRemove-LocalAdministrator -UserName $UserName -Group $Group  -Domain $Domain -Add }
	if($UserName -AND $Remove) { AddRemove-LocalAdministrator -UserName $UserName -Group $Group -Domain $Domain -Remove }
} else {
	if($UserName -AND $Add) { AddRemove-LocalAdministrator -UserName $UserName -Group $Group -Add }
	if($UserName -AND $Remove) { AddRemove-LocalAdministrator -UserName $UserName -Group $Group -Remove }

}