Jump to content
Sign in to follow this  
mikeyr

get local admins

Recommended Posts

mikeyr

I have been trying to write a small app to get all the administrators on a computer, this will be exectuded locally on all 70 computers (mostly because I don't know how to get the info remotely and don't mind going to all of them ONE time).

 The issue is that the previous admin allowed all users to have administrators privileges on their computers and many of them created accounts besides their own, I am in the process of removing those accounts.  I wrote a small script to get all user names on the system my plan was to delete all accounts with Administrator group privs but I can't get the admin :(

 I know about IsAdmin() but that does not seem to allow you to pass a param to it for names other than the one running the script, if I am wrong please let me know.

  I tried

$colGroups = ObjGet("WinNT:/" & $host & "/Administrators,group")
    If Not IsObj($colGroups) Then Return
    $colGroups.Filter = $filter
    For $objGroup In $colGroups
        If $objGroup.name = "Administrators" Then
            $LocalAdmins[$i][0] = $host & @CRLF
            For $objUser In $objGroup.Members
                $LocalAdmins[$i][0] = "--" & $objUser.name & @CRLF
                $i += 1
            Next
            $LocalAdmins[$i][0] = @CRLF & @CRLF
        EndIf
    Next

but that returned nothing. (yes, I know winNT above has 2 slashes, but with 2, it did not show the lines in the code window)

I searched the forms and found this >post but that did not work either, returned nothing to me.

 I am stuck at getting the user groups.  My only solution is to call runwait(net localgroup "administrators" >file) and then parse the file but there has to be a better way.

 By the way this is Win7 machines, moslty win7 anyway.  The above 2 examples might work in XP, did not try it, I need it to work on both.

Edited by mikeyr

Share this post


Link to post
Share on other sites
UEZ

I found one of my old scripts:
 

MsgBox(0, "Test", WMI_GetLocalAdminMembership())

Func WMI_GetLocalAdminMembership($sHost = @ComputerName) ;coded by UEZ 2010
    If $sHost = "Localhost" Then $sHost = @ComputerName
    Local $LM_members, $x, $LM_LocalGroup_Name, $type
    $LM_LocalGroup_Name = "Administrators"
    $objWMIService = ObjGet("winmgmts:\\" & $sHost & "\root\cimv2")
    $colItems = $objWMIService.ExecQuery("Select Name, SID from Win32_Group WHERE Domain='" & $sHost & "'", "WQL", 0x30)
    If IsObj($colItems) Then
        For $objItem In $colItems
            If $objItem.SID = "S-1-5-32-544" Then $LM_LocalGroup_Name = $objItem.Name
        Next
    Else
        Return SetError (1, 0, 0) ;No WMI objects found for class Win32_Group
    EndIf

    $colItems = $objWMIService.ExecQuery("Select * from Win32_GroupUser Where GroupComponent=""Win32_Group.Domain='" & $sHost & "',Name='" & $LM_LocalGroup_Name & "'""", "WQL", 0x30)
    If IsObj($colItems) Then
        For $objItem In $colItems
            If $objItem.PartComponent <> "" Then
                $x = StringSplit($objItem.PartComponent, """")
                $type = StringMid($x[1], StringInStr($x[1], ":Win32_") + 7, (StringInStr($x[1], ".") - (StringInStr($x[1], ":Win32_") + 7)))
                $LM_members &= $sHost & ";" & $LM_LocalGroup_Name & ";" & $type & ";" & $x[2] & "\" & $x[4] & @CRLF
            EndIf
        Next
        Return $LM_members
    EndIf
    Return SetError (2, 0, 0) ;No WMI objects found for class Win32_GroupUser
EndFunc   ;==>WMI_GetLocalAdminMembership

Br,

UEZ

Edited by UEZ
  • Like 1

Please don't send me any personal message and ask for support! I will not reply!

Selection of finest graphical examples at Codepen.io

The own fart smells best!
Her 'sikim hıyar' diyene bir avuç tuz alıp koşma!
¯\_(ツ)_/¯  ٩(●̮̮̃•̃)۶ ٩(-̮̮̃-̃)۶ૐ

Share this post


Link to post
Share on other sites
Chimp

Hi mikeyr

if you like old fashioned dos, this should work

#include <array.au3>
Local $DOS_out

; Returns members of Administrator group (remove first 6 unwanted lines)
$iPID = Run(@ComSpec & ' /c NET LOCALGROUP Administrators | MORE /E +6', "", @SW_HIDE, 2)

Do ; wait that dos has finished
    $DOS_out &= StdoutRead($iPID)
Until @error

; Parse members of administrators group from DOS output
$admins = StringSplit(StringStripWS($DOS_out, 7), @CR, 2)
_ArrayPop($admins); remove last unwanted line
_ArrayDisplay($admins) ; show administrators group members

bye


small minds discuss people average minds discuss events great minds discuss ideas.... and use AutoIt....

Share this post


Link to post
Share on other sites
mikeyr

I found one of my old scripts:

 

 PERFECT exactly what I was looking for THANK YOU !!!

Hi mikeyr

if you like old fashioned dos, this should work

 That is what I was working on but I assumed there would be a better way, UEZ's function worked perfectly.

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
Sign in to follow this  

×