Jump to content

Removing Remote User from LOCALADMIN GROUP


Recommended Posts

So far I have been able to remove remote accounts from pcs that have domain users but unable to remove LOCAL Admin USers here is the code for the domain portion .. Maybe I'm just blind and missing something...

$objGroup = ObjGet("WinNT://" & $PC & "/" & "Administrators" & ",group")

$objUser = ObjGet("WinNT://" & $domain & "/" & $USER & ",user")

If ($objGroup.IsMember ($objUser.AdsPath) = True) Then

MsgBox(0, "Administrators", "Removed " & $USER & ": " & $objGroup.ADsPath, 3)

$objGroup.Remove ($objUser.AdsPath)

If @error <> 0 Then Exit

Else

EndIf

Help..

Link to comment
Share on other sites

Try this, use PSEXEC for REMOTE Executing

_NetAPI_NetLocalGroupDelMembers("USERAccountName","Administrators","")


; ===================================================================================================
; Name...........: _NetAPI_NetLocalGroupDelMembers
; Description ...: Delete membership of one existing user or global group account to an existing local group
; Syntax.........: _NetAPI_NetLocalGroupDelMembers($sAccount, $sGroup, $sServer)
; Parameters ....: $sAccount - Account name of the Local Group member prefixed by the domain name and the "\" separator
;               : $sGroup   - Name of the Local Group to which the specified users or global groups will be deleted
;               : $sServer  - DNS or NetBIOS name of the remote Server or Null for Local use
; Return values .: Success   - True
;                 Failure   - False and @Extended set error code
; Author ........: micha1405
; Example .......: _NetAPI_NetLocalGroupDelMembers("Domain\User", "Administrators")
; ===================================================================================================
Func _NetAPI_NetLocalGroupDelMembers($sAccount, $sGroup, $sServer = '')
    Local $twUser = DllStructCreate("wchar["& StringLen($sAccount)+1 &"]")
    Local $tpUser = DllStructCreate("ptr")
    DllStructSetData($twUser, 1, $sAccount)
    DllStructSetData($tpUser, 1, DllStructGetPtr($twUser))

    Local $aRet = DllCall("netapi32.dll", "int", "NetLocalGroupDelMembers", _
        "wstr", $sServer, "wstr", $sGroup, "int", 3, "ptr", DllStructGetPtr($tpUser), "int", 1 )
    If $aRet[0] Then Return SetError(1, $aRet[0], False)
    Return True
EndFunc; ==> _NetAPI_NetLocalGroupDelMembers
Edited by Micha1405
Link to comment
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
 Share

  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...