Jump to content

[RESOLVED] Get Local Group Members for computers


Recommended Posts

Hi everybody and sorry for my bad english

I need to check in a list of computers, who is member of localgroup "Administrators"

I find this script where :

$file is the log file i want

ComputerList.txt is my file with my computers :

.....
computername01\Administrators
computername02\Administrators
computername03\Administrators
...

but i need log in one file with :

#############
computername01 - Check on '&@YEAR&'-'&@MON&'-'&@MDAY&' at '&@HOUR&':'&@MIN&':'&@SEC
account01
account02
account03
etc...
#############
computername02 - Check on '&@YEAR&'-'&@MON&'-'&@MDAY&' at '&@HOUR&':'&@MIN&':'&@SEC
account01
account02
account03
etc...
#############
computername03 - Check on '&@YEAR&'-'&@MON&'-'&@MDAY&' at '&@HOUR&':'&@MIN&':'&@SEC
account01
account02
account03
etc...

Not like this without the computername (this the log with this script) :

account01
account02
account03
account01
account02
account03
account01
account02
account03

Is it possible ?

Thanks for help

The script :

#include <File.au3>
$oMyError = ObjEvent("AutoIt.Error","MyErrFunc")
$file = "F:\Pro\AutoIt Development\Check_Rights\Log_Rights.txt"
$GroupPath = FileReadLine("ComputerList.txt")

$avUsers = _GroupGetMembers($GroupPath)
If Not @error Then
    _FileWriteFromArray($file, $avUsers,1)
Else
    MsgBox(16, "Error", "Error returned:  @error = " & @error)
EndIf

Func _GroupGetMembers($sPath)
    Local $oUser, $sRET = "", $avRET
  
    ; Check path to group
    $sPath = StringReplace($sPath, "\", "/") ; Don't use backslash with WMI path
    If Not StringInStr($sPath, "/") Then $sPath = "./" & $sPath ; Use local if no domain given
  
    ; Get group object
    Local $oGroup = ObjGet("WinNT://" & $sPath)
    If IsObj($oGroup) Then
        For $oUser In $oGroup.Members
           $sRET &= $oUser.Name & @LF
        Next
      
        $avRET = StringSplit(StringStripWS($sRET, 2), @LF)
        If $avRET[1] = "" Then Local $avRET[1] = [0]
        Return $avRET
    Else
        Return SetError(1, 0, 0)
    EndIf
EndFunc
Func MyErrFunc()
$HexNumber=hex($oMyError.number,8)
Msgbox(0,"COM Error Test","We intercepted a COM Error !"       & @CRLF  & @CRLF & _
            "err.description is: "  & @TAB & $oMyError.description  & @CRLF & _
            "err.windescription:"    & @TAB & $oMyError.windescription & @CRLF & _
            "err.number is: "        & @TAB & $HexNumber              & @CRLF & _
            "err.lastdllerror is: "   & @TAB & $oMyError.lastdllerror   & @CRLF & _
            "err.scriptline is: "    & @TAB & $oMyError.scriptline   & @CRLF & _
            "err.source is: "        & @TAB & $oMyError.source       & @CRLF & _
             "err.helpfile is: "       & @TAB & $oMyError.helpfile     & @CRLF & _
             "err.helpcontext is: " & @TAB & $oMyError.helpcontext _
            )
  SetError(1)  ; to check for after this function returns
Endfunc
Edited by lafafmentvotre
Link to post
Share on other sites
  • Moderators

Hi, lafafmentvotre. Please do not bump threads without waiting at least 24 hours. This gives us plenty of time to assist with your problem :)

Regarding your issue, I have used something like this in the past. It may at least nudge you in the direction you want to go.

#include <file.au3>
$file_name = "C:admins.txt"
$net = RunWait(@ComSpec & ' /c net localgroup "administrators" >C:admins.txt', @SystemDir, @SW_HIDE)
$file_count_lines = _FileCountLines($file_name)
_FileWriteToLine($file_name, $file_count_lines, "", 1)
For $i = 1 To 4
_FileWriteToLine($file_name, 1, "", 1)
Next
_FileWriteToLine($file_name, 1, @ComputerName, 1)

"Profanity is the last vestige of the feeble mind. For the man who cannot express himself forcibly through intellect must do so through shock and awe" - Spencer W. Kimball

How to get your question answered on this forum!

Link to post
Share on other sites

Hello JLogan3o13, hello forum

Thanks for your response.

It works but i don't know how to compile this to run for a lot of computers and have a log file with all computers like this :

COMPUTERNAME01
-------------------------------------------------------------------------------
LoclAdmin
DomainName\Domain Admins
DomainName\user.name

COMPUTERNAME02
-------------------------------------------------------------------------------
LoclAdmin
DomainName\user.name

COMPUTERNAME03
-------------------------------------------------------------------------------
LoclAdmin
DomainName\Domain Admins

Thanks for help

Link to post
Share on other sites

Try this here:

;~ #AutoIt3Wrapper_AU3Check_Parameters=-d -w 1 -w 2 -w 3 -w 4 -w 5 -w 6

$oMyError = ObjEvent("AutoIt.Error","MyErrFunc")

ConsoleWrite(Membership_Administrators_Local("localhost") & @LF)

Func Membership_Administrators_Local($srv)
    If $srv = "Localhost" Then $srv = @ComputerName
    Local $function_name = "Members"
    Local $LM_members, $x, $LM_LocalGroup_Name, $type, $objWMIService, $colItems, $LM_local_user
    $LM_LocalGroup_Name = "Administrators"
    $objWMIService = ObjGet("winmgmts:{impersonationLevel=impersonate}!" & $srv & "rootcimv2")
    $colItems = $objWMIService.ExecQuery("Select Name, SID from Win32_Group WHERE Domain='" & $srv & "'", "WQL", 0x30)
    If IsObj($colItems) Then
        For $objItem In $colItems
            If $objItem.SID = StringUpper("S-1-5-32-544") Then $LM_LocalGroup_Name = $objItem.Name
        Next
    EndIf
    $type = ""
    $LM_local_user = ""
    $colItems = $objWMIService.ExecQuery("Select * from Win32_GroupUser Where GroupComponent=""Win32_Group.Domain='" & $srv & "',Name='" & $LM_LocalGroup_Name & "'""", "WQL", 0x30)
    If IsObj($colItems) Then
        For $objItem In $colItems
            If $objItem.PartComponent <> "" Then
                $x = StringSplit($objItem.PartComponent, """")
                $type = StringMid($x[1], StringInStr($x[1], ":Win32_") + 7, (StringInStr($x[1], ".") - (StringInStr($x[1], ":Win32_") + 7)))
                $LM_members &= $x[4] & ";" &  $type& @LF
            EndIf
        Next
    Else
        Return SetError(1, 0, 0)
    EndIf
    Return $srv & " - Checked on " & @YEAR & '-' & @MON & '-' & @MDAY & ' at ' & @HOUR & ':' & @MIN & ':' & @SEC  & @LF & $LM_members
EndFunc   ;==>Membership_Administrators_Local

Func MyErrFunc()
$HexNumber=hex($oMyError.number,8)
Msgbox(0,"COM Error Test","We intercepted a COM Error !"       & @CRLF  & @CRLF & _
            "err.description is: "  & @TAB & $oMyError.description  & @CRLF & _
            "err.windescription:"    & @TAB & $oMyError.windescription & @CRLF & _
            "err.number is: "        & @TAB & $HexNumber              & @CRLF & _
            "err.lastdllerror is: "   & @TAB & $oMyError.lastdllerror   & @CRLF & _
            "err.scriptline is: "    & @TAB & $oMyError.scriptline   & @CRLF & _
            "err.source is: "        & @TAB & $oMyError.source       & @CRLF & _
             "err.helpfile is: "       & @TAB & $oMyError.helpfile     & @CRLF & _
             "err.helpcontext is: " & @TAB & $oMyError.helpcontext _
            )
  SetError(1)  ; to check for after this function returns
Endfunc

Br,

UEZ

Please don't send me any personal message and ask for support! I will not reply!

Selection of finest graphical examples at Codepen.io

The own fart smells best!
Her 'sikim hıyar' diyene bir avuç tuz alıp koşma!
¯\_(ツ)_/¯  ٩(●̮̮̃•̃)۶ ٩(-̮̮̃-̃)۶ૐ

Link to post
Share on other sites

Then try this here:

;~ #AutoIt3Wrapper_AU3Check_Parameters=-d -w 1 -w 2 -w 3 -w 4 -w 5 -w 6
#include <Array.au3>

$oMyError = ObjEvent("AutoIt.Error","MyErrFunc")

$sInput = @ScriptDir & "ComputerList.txt"
$sLog = @ScriptDir & "Log_Rights.txt"


$sComputerList = FileRead($sInput)
$aComputerList = StringSplit(StringStripCR($sComputerList), @LF, 2)

$hFile = FileOpen($sLog, 2)
For $i = 0 To UBound($aComputerList) - 1
    If StringStripWS($aComputerList[$i], 8) <> "" Then FileWrite($hFile, Membership_Administrators_Local($aComputerList[$i]))
Next
FileClose($hFile)
ShellExecute($sLog)

Func Membership_Administrators_Local($srv)
    If $srv = "Localhost" Or $srv = "127.0.0.1" Then $srv = @ComputerName
    If Not Ping($srv, 250) Then Return SetError(1, 0, $srv & " - Checked on " & @YEAR & '-' & @MON & '-' & @MDAY & ' at ' & @HOUR & ':' & @MIN & ':' & @SEC  & @CRLF & "Unable to connect to system" & @CRLF)
    Local $function_name = "Members"
    Local $LM_members, $x, $LM_LocalGroup_Name, $type, $objWMIService, $colItems, $LM_local_user
    $LM_LocalGroup_Name = "Administrators"
    $objWMIService = ObjGet("winmgmts:{impersonationLevel=impersonate}!" & $srv & "rootcimv2")
    If @error Then Return  SetError(2, 0, $srv & " - Checked on " & @YEAR & '-' & @MON & '-' & @MDAY & ' at ' & @HOUR & ':' & @MIN & ':' & @SEC  & @CRLF & "Unable to connect to cimv2" & @CRLF)
    $colItems = $objWMIService.ExecQuery("Select Name, SID from Win32_Group WHERE Domain='" & $srv & "'", "WQL", 0x30)
    If IsObj($colItems) Then
        For $objItem In $colItems
            If $objItem.SID = "S-1-5-32-544" Then $LM_LocalGroup_Name = $objItem.Name
        Next
    EndIf
    $type = ""
    $LM_local_user = ""
    $colItems = $objWMIService.ExecQuery("Select * from Win32_GroupUser Where GroupComponent=""Win32_Group.Domain='" & $srv & "',Name='" & $LM_LocalGroup_Name & "'""", "WQL", 0x30)
    If IsObj($colItems) Then
        For $objItem In $colItems
            If $objItem.PartComponent <> "" Then
                $x = StringSplit($objItem.PartComponent, """")
                $type = StringMid($x[1], StringInStr($x[1], ":Win32_") + 7, (StringInStr($x[1], ".") - (StringInStr($x[1], ":Win32_") + 7)))
                $LM_members &= $x[4] & ";" &  $type& @CRLF
            EndIf
        Next
    Else
        Return SetError(3, 0, $srv & " - Checked on " & @YEAR & '-' & @MON & '-' & @MDAY & ' at ' & @HOUR & ':' & @MIN & ':' & @SEC  & @CRLF & "Unable to connect to Win32_GroupUser" & @CRLF)
    EndIf
    Return $srv & " - Checked on " & @YEAR & '-' & @MON & '-' & @MDAY & ' at ' & @HOUR & ':' & @MIN & ':' & @SEC  & @CRLF & $LM_members & @CRLF
EndFunc   ;==>Membership_Administrators_Local

Func MyErrFunc()
    $HexNumber = Hex($oMyError.number, 8)
    Msgbox(0,"COM Error Test","We intercepted a COM Error !"       & @CRLF  & @CRLF & _
                "err.description is: "  & @TAB & $oMyError.description  & @CRLF & _
                "err.windescription:"    & @TAB & $oMyError.windescription & @CRLF & _
                "err.number is: "        & @TAB & $HexNumber              & @CRLF & _
                "err.lastdllerror is: "   & @TAB & $oMyError.lastdllerror   & @CRLF & _
                "err.scriptline is: "    & @TAB & $oMyError.scriptline   & @CRLF & _
                "err.source is: "        & @TAB & $oMyError.source       & @CRLF & _
                 "err.helpfile is: "       & @TAB & $oMyError.helpfile     & @CRLF & _
                 "err.helpcontext is: " & @TAB & $oMyError.helpcontext _
                , 10)
Endfunc

ComputerList.txt is the file with the system names.

Br,

UEZ

Please don't send me any personal message and ask for support! I will not reply!

Selection of finest graphical examples at Codepen.io

The own fart smells best!
Her 'sikim hıyar' diyene bir avuç tuz alıp koşma!
¯\_(ツ)_/¯  ٩(●̮̮̃•̃)۶ ٩(-̮̮̃-̃)۶ૐ

Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
  • Recently Browsing   0 members

    No registered users viewing this page.

×
×
  • Create New...