#126886 - 2004-09-21 01:57 AM
enumerate all accounts in local admin group on W2K
|
braunsky
Fresh Scripter
Registered: 2002-11-09
Posts: 6
Loc: San Diego
|
Hello,
I would like to write a script that can report on ALL user accounts listed in the local admins group on 50+ W2K PC's. I have a script that can tell me if the currently logged on user is a local admin, but I would like to modify it to see the rest of the names in the group, too. I have Domain Admin rights here, and therefore, I have complete access to all networked PC's that I am interested in. Anyone have some hints for me?
--Thaddeus
_________________________
---Thaddeus
|
|
Top
|
|
|
|
|
#126888 - 2004-09-21 03:11 AM
Re: enumerate all accounts in local admin group on W2K
|
Chris S.
MM club member
Registered: 2002-03-18
Posts: 2368
Loc: Earth
|
Here is a script shamelessly ripped off of TechNet's ScriptCenter (and ported to KiX)...
Code:
$strComputer = @WKSTA
$colGroups = GetObject("WinNT://" + $strComputer)
$colGroups.Filter = "group",""
For Each $objGroup In $colGroups
$objGroup.Name ?
For Each $objUser in $objGroup.Members
CHR(9) + $objUser.Name ?
Next
Next
|
|
Top
|
|
|
|
|
#126889 - 2004-09-21 03:13 AM
Re: enumerate all accounts in local admin group on W2K
|
NTDOC
Administrator
Registered: 2000-07-28
Posts: 11629
Loc: CA
|
Quote:
Here is a script shamelessly ripped off of TechNet's ScriptCenter (and ported to KiX)...
Which most ADSI/WMI scripts are anyways, why re-invent the wheel. 
|
|
Top
|
|
|
|
|
#126890 - 2004-09-21 03:18 AM
Re: enumerate all accounts in local admin group on W2K
|
braunsky
Fresh Scripter
Registered: 2002-11-09
Posts: 6
Loc: San Diego
|
Thanks everyone, what a great resource!!
_________________________
---Thaddeus
|
|
Top
|
|
|
|
|
#126892 - 2004-09-21 10:52 AM
Re: enumerate all accounts in local admin group on
|
Richard H.
Administrator
Registered: 2000-01-24
Posts: 4946
Loc: Leatherhead, Surrey, UK
|
Here's a script with a GUI interface I created for our help desk staff to export group membership from our NT4 domain based systems.
Should be easily convertible to support local computer info.
Select CSV or list format, then click on the "open in..." button.
Or cut'n'paste.
It used IE for the GUI interface, so you don't need to have KiXforms or similar loaded.
There is a dropdown for NT domain names, as I support quite a few...
Code:
Break ON
; vim600: ts=3 sw=3 ai fdm=marker fdc=3 fmr=;{{{,;}}}
; Set "syn sync fromstart"
$=SetOption("Explicit","ON")
$=SetOption("ASCII","ON")
Global $Q,$WINHEIGHT,$WINWIDTH
Dim $oIE,$oDoc,$oDomainList,$oDomain
Dim $oGroupSection
Dim $oGroupList
Dim $oStatus
Dim $frmMain,$rdoFormat
Dim $sHTML,$sActions,$sAction
Dim $iFormat,$bHaveGroups
$Q='"'
$WINHEIGHT=390
$WINWIDTH=720
$sHTML="<HTML>
<HEAD>
<TITLE>Group List Exporter</TITLE>
<SCRIPT Language=JavaScript>
function funDispatcher(s){
frmMain.sStatus.value+=s+'|';
}
function funGetScreenSize(){
frmMain.iScreenHeight.value=screen.availHeight;
frmMain.iScreenWidth.value=screen.availWidth;
}
</SCRIPT>
</HEAD>
<BODY onLoad='funGetScreenSize();' BGCOLOR=BEIGE>
<TABLE>
<FORM Name=frmMain Id=frmMain>
<INPUT Type=Hidden Name=iScreenHeight Value='unset'>
<INPUT Type=Hidden Name=iScreenWidth Value='unset'>
<INPUT Type=Hidden Name=sStatus Value=''>
<TR>
<TD>Domain:</TD>
<TD>
<SELECT Name=selDomain ID=selDomain onChange='funDispatcher("+$Q+"ChangeDomain"+$Q+");'>"
$oDomainList=GetObject("WinNT:")
For Each $oDomain In $oDomainList
$sHTML=$sHTML+"<OPTION Value='"+$oDomain.Name+"'"+IIF($oDomain.Name=@DOMAIN," SELECTED","")+">"+$oDomain.Name+"</OPTION>"
Next
$sHTML=$sHTML+" </SELECT>
</TD>
</TR>
<TR>
<TD>Group:</TD>
<TD>
<FONT Name=phGroupList ID=phGroupList></FONT>
</TD>
</TR>
<TR>
<TD>Format:</TD>
<TD>
<INPUT Name=rdoFormat Id=rdoFormat Type=Radio Value=0 Checked onClick='funDispatcher("+$Q+"ClickFormat"+$Q+");'>List
<INPUT Name=rdoFormat Id=rdoFormat Type=Radio Value=1 onClick='funDispatcher("+$Q+"ClickFormat"+$Q+");'>CSV
</TD>
</TR>
<TR>
<TD COLSPAN=2>
Users in group:<BR>
<TEXTAREA Name=taUsers ROWS=10 COLS=80 WRAP=OFF onChange='funDispatcher("+$Q+"ChangeUsers"+$Q+");'>
</TEXTAREA>
</TD>
</TR>
<TR>
<TD COLSPAN=2 ALIGN=CENTRE>
<INPUT Name=btnOpen Type=Button Value='No Data' onClick='funDispatcher("+$Q+"ClickOpen"+$Q+");'>
</TD>
</TR>
</FORM>
</TABLE>
</BODY>
</HTML>"
$oIE = CreateObject("InternetExplorer.Application")
If Not $oIE
"Cannot create IE instance."+@CRLF
Exit 1
EndIf
; The following lines tidy up the screen a bit, giving a semi-kiosk mode.
$oIE.toolbar=0
$oIE.addressbar=0
$oIE.statusbar=0
$oIE.Navigate("about:blank")
While $oIE.busy AND $oIE.readystate <> 4 AND @ERROR = 0 Loop
$oDoc=$oIE.document
; Now, add the starting form...
$oDoc.Write($sHTML)
$oIE.refresh()
While $oIE.busy AND $oIE.readystate <> 4 AND @ERROR = 0 Loop
$oIE.height=$WINHEIGHT
$oIE.width=$WINWIDTH
$frmMain=$oDoc.frmMain
If CInt($frmMain.iScreenWidth.value)
$oIE.left=(Cint($frmMain.iScreenWidth.value)-$WINWIDTH)/2
$oIE.Top=(Cint($frmMain.iScreenHeight.value)-$WINHEIGHT)/2
Else
"Warning! Cannot get screen size, w="+$frmMain.iScreenWidth.value+" h="+$frmMain.iScreenHeight.value+@CRLF
EndIf
$oIE.Visible=1
$oGroupSection=$oDoc.getElementById("phGroupList")
$frmMain.btnOpen.disabled=1
$rdoFormat=$frmMain.rdoFormat
$bHaveGroups=funLoadGroupList($frmMain.selDomain,$oGroupSection)
$iFormat=funRadioValue($rdoFormat)
$sActions=funDispatcher($frmMain)
While @ERROR=0
; "ACTION!: "+$sActions ?
For Each $sAction in Split($sActions,"|")
Select
Case $sAction="ChangeDomain"
$frmMain.btnOpen.disabled=1
$frmMain.btnOpen.value="No Data"
$frmMain.selDomain.disabled=1
$frmMain.taUsers.value=""
funDisableCollection($frmMain.rdoFormat,1)
$bHaveGroups=funLoadGroupList($frmMain.selDomain,$oGroupSection)
funDisableCollection($frmMain.rdoFormat,0)
$frmMain.selDomain.disabled=0
Case $sAction="ChangeGroup" OR ($sAction="ClickFormat" AND $iFormat<> funRadioValue($rdoFormat))
$iFormat=funRadioValue($rdoFormat)
If $bHaveGroups
$frmMain.btnOpen.value="No Data"
$frmMain.btnOpen.disabled=1
$frmMain.selDomain.disabled=1
$frmMain.selGroup.disabled=1
funLoadUserList($frmMain.selDomain,$frmMain.selGroup,$frmMain.taUsers,$iFormat)
If $frmMain.selGroup.selectedIndex>0
$frmMain.btnOpen.value="Open in "+IIF(CInt($iFormat),"Excel","Notepad")
$frmMain.btnOpen.disabled=0
EndIf
$frmMain.selDomain.disabled=0
$frmMain.selGroup.disabled=0
EndIf
Case $sAction="ClickOpen"
Dim $sFile,$fdFile,$sLine,$iSeq
$frmMain.btnOpen.disabled=1
$frmMain.selDomain.disabled=1
$frmMain.selGroup.disabled=1
funDisableCollection($frmMain.rdoFormat,1)
$frmMain.taUsers.disabled=1
$sFile=%TEMP%+"\grouplist"+$iSeq+"."+IIF(Cint($iFormat),"CSV","TXT")
While Exist($sFile)
$iSeq=$iSeq+1
$sFile=%TEMP%+"\grouplist"+$iSeq+"."+IIF(Cint($iFormat),"CSV","TXT")
Loop
$fdFile=FreeFileHandle()
If Open($fdFile,$sFile,1+4)
$=MessageBox("Cannot create temporary file "+$sFile,"File Creation Error",0+48+4096)
Else
$=WriteLine($fdFile,$frmMain.taUsers.value)
$=Close($fdFile)
Shell '%COMSPEC% /C "'+$sFile+'"'
If Exist($sFile)
If MessageBox("Delete temporary file '"+$sFile+"' ?","Delete file",4+32+4096)=6 Del $sFile EndIf
EndIf
EndIf
$frmMain.btnOpen.disabled=0
$frmMain.selDomain.disabled=0
$frmMain.selGroup.disabled=0
funDisableCollection($frmMain.rdoFormat,0)
$frmMain.taUsers.disabled=0
EndSelect
Next
$sActions=funDispatcher($frmMain)
Loop
If $oIE $oIE.quit() $oIE=0 EndIf
Exit 0
Function funDispatcher($frmMain) ;{{{
Dim $oMonitor
; Force reset error flag
$oMonitor=Execute("Exit 0")
$oMonitor=$frmMain.sStatus
While @ERROR=0
$funDispatcher=$oMonitor.value
$oMonitor.value=""
If $funDispatcher Exit 0 EndIf
Sleep 0.1
$oMonitor=$frmMain.sStatus
Loop
Exit 1
EndFunction ;}}}
Function funLoadGroupList($oDomainSelection,$oGroupSection) ;{{{
Dim $iIndex
Dim $oGroups,$oGroup
Dim $sDomain,$sHTML
$iIndex=$oDomainSelection.selectedIndex
If $iIndex>=0
$sDomain=$oDomainSelection.options($iIndex).value
$oGroupSection.innerHTML="Please wait - retrieving group list for domain "+$sDomain
$oGroups=GetObject("WinNT://"+$sDomain)
If @ERROR
$oGroupSection.innerHTML="Error retrieving groups for "+$sDomain+"<BR>"+"Error: "+@ERROR+" / "+@SERROR
Else
$oGroups.filter="group",""
If @ERROR
$oGroupSection.innerHTML="Error retrieving groups for "+$sDomain+"<BR>"+"Error: "+@ERROR+" / "+@SERROR
Else
For Each $oGroup in $oGroups
$sHTML=$sHTML+"<OPTION Value='"+$oGroup.name+"'>"+$oGroup.name+"</OPTION>"
Next
If $sHTML
$oGroupSection.innerHTML="<SELECT Name=selGroup onChange='funDispatcher("+$Q+"ChangeGroup"
+$Q+")'><OPTION Value=''>Please select a group to query...</OPTION>"+$sHTML+"</SELECT>"
Else
$oGroupSection.innerHTML="No groups available for "+$sDomain
EndIf
EndIf
EndIf
Else
EndIf
$funLoadGroupList=$sHTML
Exit 0
EndFunction ;}}}
Function funLoadUserList($selDomain,$selGroup,$taUsers,$iFormat) ;{{{
Dim $sDomain,$sGroup,$sHTML
Dim $iIndex
Dim $oUsers,$oUser
$taUsers.value=""
$iIndex=$selDomain.selectedIndex
$sDomain=$selDomain.options($iIndex).value
If Not $sDomain Exit 1 EndIf
$iIndex=$selGroup.selectedIndex
If $iIndex < 1 Exit 0 EndIf
$sGroup=$selGroup.options($iIndex).value
$taUsers.value="Getting users for "+$sGroup
$oUsers=GetObject("WinNT://"+$sDomain+"/"+$sGroup)
For Each $oUser in $oUsers.members
If Cint($iFormat)
$sHTML=$sHTML+$Q+funStrip($oUser.Name,$Q)
+$Q+","+$Q+funStrip($oUser.fullName,$Q)
+$Q+","+$Q+funStrip($oUser.Description,$Q)+$Q+@CRLF
Else
$sHTML=$sHTML+funJustify($oUser.Name,20)+" "+$oUser.fullName+@CRLF
EndIf
Next
$taUsers.value=$sHTML
Exit 0
EndFunction ;}}}
Function funJustify($s,$i,Optional $f) ;{{{
If $f="" $f=" " EndIf
If $i<0
$i=0-$i
While Len($s)<$i $s=CStr($f)+CStr($s) Loop
$funJustify=Right($s,$i)
Else
While Len($s)<$i $s=CStr($s)+CStr($f) Loop
$funJustify=Left($s,$i)
EndIf
Exit 0
EndFunction ;}}}
Function funStrip($s,$c) ;{{{
$funStrip=Join(Split($s,$c),"")
Exit 0
EndFunction ;}}}
Function funRadioValue($rdo) ;{{{
Dim $o
For Each $o In $rdo
If $o.checked
$funRadioValue=$o.value
Exit 0
EndIf
Next
Exit 1
EndFunction ;}}}
Function funDisableCollection($coll,$iState) ;{{{
Dim $o
For Each $o In $coll $o.disabled=$iState Next
Exit 0
EndFunction ;}}}
|
|
Top
|
|
|
|
Moderator: Jochen, Allen, Radimus, Glenn Barnas, ShaneEP, Ruud van Velsen, Arend_, Mart
|
0 registered
and 565 anonymous users online.
|
|
|
