Thanks to Tedd Kidd for the following article, on automatically managing administrative privileges based on Active Directory groups! This is a quick and easy way to assign any user to the local admin group in OS X based on their group membership in your Active Directory. This should also work with Open Directory or eDirectory groups if your workstations are bound to those directory services. You’ll need to include this code in the workstation login script so that it runs as root but uses the $@ variable to determine the user that is logging in. #!/bin/bash # Set group name to check against groupname=”domain admins” if [ “`/usr/bin/dsmemberutil checkmembership -U…