Issue in adding a Global domain group to computer Local Grop., Please help me out

Hi,

This is rohit. I am currently trying to add domain global group (Desktopgr) to my local group (Localgr).
Let me pricise this in more details:
I had a machine 2008 server (LDAPCLIENT, ip 10.112.252.222) in a domain (GermanTool.com).
I have a AD (Active directory) server (Vcenter, ip 10.112.252.218).
GermanTool.com is the only domain in the AD server.
The domain has many global group, one of it is 'Desktopgr'.
This group cntains user who can log in to any server in the domain through RDP.

From GUI server managment tool, I can add the Domain Global group (Desktopgr) to a member of computer local group (Localgr)
I have already login to the LDAPCLIENT machine as a domain user 'GermanTool\rohit' and password 'A#007'.


I have removed that group from Localgr. Now I try to write a Powershell script to work the same thing.
I am already logedin as a domain user to the LADPCLIENT machine and both t machine can be pinged from either side and both are in same

domain.


I run the script I wrote but getting error as:

Exception calling "Add" with "1" argument(s): "Access is denied.
"
At C:\script\a.ps1:44 char:20
+     $LocalGroup.Add <<<< ($DomainGroup.Path)
+ CategoryInfo          : NotSpecified: (:) [], MethodInvocationException
+ FullyQualifiedErrorId : CatchFromBaseAdapterMethodInvokeTI


The Script is given bellow:

#######################################################################
<#
File: Add2LocalGroup.ps1
Purpose: Example of adding a Domain group to a Local group
Author: Rohit Basu
Date: 12/05/2013
#>



#Get List of Servers from Flat TXT file
$Servers = Get-Content Servers.txt


#GermanTool
#"LDAP://ldap.company.com:389/$($dn)"
#$credn = New-Object -TypeName System.DirectoryServices.DirectoryEntry("LDAP://10.112.252.218:389/GermanTool","rohit","A#007")


#Initaliaze the Domain Group Object
$DomainGroup = [ADSI]"WinNT://10.112.252.218/Desktopgr,Group"

#$DomainGroup = "$credn/Globalgroup,Group"
 
#Name the LogFile and Initialize it
$LogFile = ".\Logs\ServerLog.txt"
New-Item $LogFile -type file -force
 
ForEach ($Server in $Servers) #Loop through each server
{
    $Server
    $Server>>$LogFile
   
 
    #Get Local Group object
    $LocalGroup = [ADSI]"WinNT://$Server/Localgr,Group"
 
    "Hi This is to see Localgroup">>$LogFile
    $LocalGroup.Path>>$LogFile
    "Hi This is to see Globalgroup">>$LogFile 
    $DomainGroup.Path>>$LogFile
   
       
    #Assign DomainGroup to LocalGroup
    $LocalGroup.Add($DomainGroup.Path)
 
    #Determine if command was successful
    If (!$?) #Add failed
    {
        $Server + " fail: " + $Error[0]>>$LogFile
        "">>$LogFile
    }
    Else #Add succeeded
    {
        $Server + " success">>$LogFile
        "">>$LogFile
        $Server + " success"
    }
}
#####################################################

The Servers.txt file contains one Ip: 10.112.252.222