Jump to content
Sign in to follow this  
gromito

Is a user in the local admins

Recommended Posts

gromito

Hi to all, as my topic describes I need to know if a user X is part of the lokal admins. I've already tested the excellent active directory UDF but this one tells me if a user is in an Active Directory group. I need to know if the user X is in the local administrators group or in a local admin subgroup (can be an AD group too...)

Is there an UDF (already searched here...) or something like that?

Thanks for your help and time to read this.

Gianluca

Share this post


Link to post
Share on other sites
UEZ

Is this helpful for you?

Global $server = "localhost"

$objWMIService = ObjGet("winmgmts:{impersonationLevel = impersonate}!\\" & $server & "\root\cimv2")

$user = "Administrator"
$accounts = Local_User_Accounts($server)
If StringInStr($accounts, $user) > 0 Then
    MsgBox(0, "Check Local Administrators Group", "Found user: " & $user & " in local Administrators group on system " & $server)
Else
    MsgBox(0, "Check Local Administrators Group", "User: " & $user & " NOT found in local Administrators group on system " & $server)
EndIf

Func Local_User_Accounts($srv)
    Local $TimeStamp, $LUA, $LUA_Name, $LUA_FullName, $LUA_Description, $LUA_Disabled, $LUA_PWDChangeable, $LUA_PWDExpires, $LUA_PWDRequired, $LUA_Status
    $colItems = $objWMIService.ExecQuery("SELECT Name, FullName, Description, Disabled, PasswordChangeable, PasswordExpires, PasswordRequired, Status From Win32_UserAccount WHERE LocalAccount=True", "WQL", 0x30)
    If IsObj($colItems) Then
        For $objItem In $colItems
            $LUA_Name = $objItem.Name
            $LUA_FullName = $objItem.FullName
            $LUA_Description = $objItem.Description
            $LUA_Disabled = Logic($objItem.Disabled)
            $LUA_PWDChangeable = Logic($objItem.PasswordChangeable)
            $LUA_PWDExpires = Logic($objItem.PasswordExpires)
            $LUA_PWDRequired = Logic($objItem.PasswordRequired)
            $LUA_Status = $objItem.Status
            $LUA &= $srv & ";" & $LUA_Name & ";" & $LUA_FullName & ";" & $LUA_Description & ";" & $LUA_Disabled & ";" & $LUA_PWDChangeable & ";" & $LUA_PWDExpires & ";" & $LUA_PWDRequired & ";" & $LUA_Status & @CRLF
        Next
        Return $LUA
    EndIf
EndFunc ;==>Local_User_Accounts


Func Logic($logic)
    If $logic = 0 Then
        Return "False"
    ElseIf $logic = -1 Then
        Return "True"
    Else
        Return "Unknown"
    EndIf
EndFunc

Extract from SIC2.

To check AD groups in local Administrators group I've written a VBS script which I didn't converted to AU3 -> http://www.autoitscript.com/forum/index.php?showtopic=94882&view=findpost&p=690199

UEZ

Edited by UEZ

Please don't send me any personal message and ask for support! I will not reply!

Selection of finest graphical examples at Codepen.io

The own fart smells best!
Her 'sikim hıyar' diyene bir avuç tuz alıp koşma!
¯\_(ツ)_/¯  ٩(●̮̮̃•̃)۶ ٩(-̮̮̃-̃)۶ૐ

Share this post


Link to post
Share on other sites
gromito

Thanks for the quick replay, it seems ok for what I need!

I'll let you know.

Gianluca

Is this helpful for you?

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
Sign in to follow this  

×