List local admin user
Hi all i want to get list of users who add in local admin group in domain workstation.. can any budy help me out..
January 7th, 2011 2:16am
Here is a script from the Script Center Repository.
http://gallery.technet.microsoft.com/scriptcenter/en-us/dcba1712-5b34-43e9-bb22-c30683a06a28v/r LikeToCode....Mark the best replies as answers.
Free Windows Admin Tool Kit Click here and download it now
January 7th, 2011 10:01am
Hello,
try out this .vbs, copied from another thread:
+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
'You can use the script below to generate a report on local Administrators and Power Users. Copy it into a text file and rename it with the .vbs extension. Run it from the domain controller. For the computers you are auditing, you must have Administrator
privileges and be able to access the computer's RPC ports. The output is tab delimited and can be opened in Excel.
'--------------------------------------------------------------------------------
Set oADInfo = CreateObject("ADSystemInfo")
Set oFso = WScript.CreateObject("Scripting.Filesystemobject")
Set oShell = WScript.CreateObject("Wscript.Shell")
LogPath = oShell.SpecialFolders("MyDocuments") + "\Privileged LocalUser Audit.txt"
AdsiPath = "WinNT://" + oADInfo.DomainShortName
tab = Chr(9)
' Connect to Active Directory
Set ADComputers = GetObject(AdsiPath)
ADComputers.Filter = Array("Computer")
' Open the log file
Set oLog = oFso.CreateTextfile(LogPath, true)
oLog.WriteLine "Privileged Local Users on Computers in the " + _
oADInfo.DomainDNSName + _
" domain."
oLog.WriteLine Now
oLog.WriteLine ""
oLog.WriteLine "Computer" + tab + _
"Administrators" + tab + _
"Administrators Groups" + tab + _
"Power Users" + tab + _
"Power Users Groups"
' Check each computer
For Each oComputer in ADComputers
' Trap any errors in case the user is unauthorized, the computer is inaccessible, etc.
On Error Resume Next
' Get the Administrators users and groups
AdminUsers = ""
AdminGroups = ""
Set objGroup = GetObject("WinNT://" & oComputer.Name & "/Administrators")
If Not(Err.Number = 0) Then
AdminUsers = Err.Number
AdminGroups = Err.Number
End If
For Each objUser In objGroup.Members
If objUser.Class = "User" Then
AdminUsers = AdminUsers + objUser.Name + "; "
else
AdminGroups = AdminGroups + objUser.Name + "; "
end if
Next
' Get the Power Users users and groups
PowerUsers = ""
PowerGroups = ""
Set objGroup = GetObject("WinNT://" & oComputer.Name & "/PowerUsers")
If Not(Err.Number = 0) Then
PowerUsers = Err.Number
PowerGroups = Err.Number
End If
For Each objUser In objGroup.Members
If objUser.Class = "User" Then
PowerUsers = PowerUsers + objUser.Name + "; "
else
PowerGroups = PowerGroups + objUser.Name + "; "
end if
Next
' Output to the log
oLog.WriteLine oComputer.Name + tab + _
AdminUsers + tab + _
AdminGroups + tab + _
PowerUsers + tab + _
PowerGroups
Next
' Close log file handle, open the log in Notepad
oLog.Close
oShell.Run "notepad.exe """ + LogPath + """"
' Clean up
Set ADComputers = Nothing
Set oADInfo = Nothing
Set oFso = Nothing
Set oLog = Nothing
Set oLog = Nothing
Set oShell = Nothing
'--------------------------------------------------------------------------------
+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++Best regards Meinolf Weber Disclaimer: This posting is provided "AS IS" with no warranties or guarantees , and confers no rights.
January 7th, 2011 6:28pm