|
Hello all,
Sorry if this question has been posted a thousand times…
I did a search but could not find anything relevant.
I’m trying to write and audit script to find out who has local admin rights, there what I have so far : -
IF (@PRODUCTTYPE = "Windows 2000 Professional")
or (@PRODUCTTYPE= "Windows XP Professional")
$admin=ingroup('@wksta\'+sidtoname('S-1-5-32-544'))-1+@INWIN
If $admin="1"
$output="Administrator"
endif
If not $admin="1"
$output="User"
endif
? "Creating Audit Logs"
IF Open( 3 , "\\zeus\kixlog$\LOG3_$output.TXT" , 5 ) = 0
$x = WriteLine( 3 , "____________________________________________________ " + @CRLF)
$x = WriteLine( 3 , "Logged on " + @DATE)
$x = WriteLine( 3 , " at " + @TIME + @CRLF)
$x = WriteLine( 3 , "Username - " + @USERID + @CRLF)
$x = WriteLine( 3 , "Workstation - " + @WKSTA + @CRLF)
$x = WriteLine( 3 , "Local Group Membership - " + $output + @CRLF)
$x = WriteLine( 3 , "Kix Version - " + @KIX + @CRLF)
endif
Once you’ve stopped laughing, could someone tell me why the command (I found in the FAQ & how to’s section of the forum):
$admin=ingroup('@wksta\'+sidtoname('S-1-5-32-544'))-1+@INWIN
Only returns a “1” regardless if the user is local admin or not.
Am I just being stupid? Which is likely..
| 
