OK, then yes, totally possible to do with a script. There are a couple of methods to do it, but I believe the current supported way (still) is to use
dseditgroup Something like this:
/usr/sbin/dseditgroup -o edit -a username admin
In the above, you are telling
dseditgroup to do the operation (
edit to add (
-a) the user
username to the group
This makes the user named "username" an admin
To do the reverse - remove them from the admin group, you use operation delete (
-d) like so:
/usr/sbin/dseditgroup -o edit -d username admin
This simply deletes "username" from the admin group.
Hope that helps.