Jump to content

Local Admins on Workstations?

Guest Lanny Boy

By Guest Lanny Boy
in Windows 2003 Server

 Share

Recommended Posts

Guest Lanny Boy

Guest Lanny Boy

Posted
Posted

Anyone know of a way to find out who has local admin rights on workstations

in the domain, as in a regular user and not just the domain admins.

 

TIA

  • Replies 3
  • Created
  • Last Reply

Popular Days

Popular Days

Guest Meinolf Weber

Guest Meinolf Weber

Posted
Posted

Re: Local Admins on Workstations?

 

Hello Lanny,

 

From another posting:

 

You can use the script below to generate a report on local Administrators

and Power Users. Copy it into a text file and rename it with the .vbs extension.

Run it from the domain controller. For the computers you are auditing, you

must have Administrator privileges and be able to access the computer's RPC

ports. The output is tab delimited and can be opened in Excel.

 

 

'--------------------------------------------------------------------------------

 

Set oADInfo = CreateObject("ADSystemInfo")

Set oFso = WScript.CreateObject("Scripting.Filesystemobject")

Set oShell = WScript.CreateObject("Wscript.Shell")

 

LogPath = oShell.SpecialFolders("MyDocuments") + "\Privileged Local

User Audit.txt"

AdsiPath = "WinNT://" + oADInfo.DomainShortName

tab = Chr(9)

 

' Connect to Active Directory

 

Set ADComputers = GetObject(AdsiPath)

ADComputers.Filter = Array("Computer")

 

' Open the log file

 

Set oLog = oFso.CreateTextfile(LogPath, true)

oLog.WriteLine "Privileged Local Users on Computers in the " + _

oADInfo.DomainDNSName + _

" domain."

oLog.WriteLine Now

oLog.WriteLine ""

oLog.WriteLine "Computer" + tab + _

"Administrators" + tab + _

"Administrators Groups" + tab + _

"Power Users" + tab + _

"Power Users Groups"

 

' Check each computer

 

For Each oComputer in ADComputers

 

' Trap any errors in case the user is unauthorized, the computer is

inaccessible, etc.

On Error Resume Next

 

' Get the Administrators users and groups

 

AdminUsers = ""

AdminGroups = ""

Set objGroup = GetObject("WinNT://" & oComputer.Name & "/

Administrators")

If Not(Err.Number = 0) Then

AdminUsers = Err.Number

AdminGroups = Err.Number

End If

 

For Each objUser In objGroup.Members

If objUser.Class = "User" Then

AdminUsers = AdminUsers + objUser.Name + "; "

else

AdminGroups = AdminGroups + objUser.Name + "; "

end if

Next

 

' Get the Power Users users and groups

 

PowerUsers = ""

PowerGroups = ""

Set objGroup = GetObject("WinNT://" & oComputer.Name & "/Power

Users")

If Not(Err.Number = 0) Then

PowerUsers = Err.Number

PowerGroups = Err.Number

End If

 

For Each objUser In objGroup.Members

If objUser.Class = "User" Then

PowerUsers = PowerUsers + objUser.Name + "; "

else

PowerGroups = PowerGroups + objUser.Name + "; "

end if

Next

 

' Output to the log

 

oLog.WriteLine oComputer.Name + tab + _

AdminUsers + tab + _

AdminGroups + tab + _

PowerUsers + tab + _

PowerGroups

 

Next

 

' Close log file handle, open the log in Notepad

 

oLog.Close

oShell.Run "notepad.exe """ + LogPath + """"

 

' Clean up

 

Set ADComputers = Nothing

Set oADInfo = Nothing

Set oFso = Nothing

Set oLog = Nothing

Set oLog = Nothing

Set oShell = Nothing

 

'--------------------------------------------------------------------------------

 

 

Best regards

 

Meinolf Weber

Disclaimer: This posting is provided "AS IS" with no warranties, and confers

no rights.

** Please do NOT email, only reply to Newsgroups

** HELP us help YOU!!! http://www.blakjak.demon.co.uk/mul_crss.htm

> Anyone know of a way to find out who has local admin rights on

> workstations in the domain, as in a regular user and not just the

> domain admins.

>

> TIA

>

Guest Phillip Windell

Guest Phillip Windell

Posted
Posted

Re: Local Admins on Workstations?

 

Cool! I may have to check that one out myself.

Thanks, Meinolf,

 

 

--

Phillip Windell

http://www.wandtv.com

 

The views expressed, are my own and not those of my employer, or Microsoft,

or anyone else associated with me, including my cats.

-----------------------------------------------------

 

<Meinolf Weber> wrote in message

news:ff16fb669e3428ca909ea7b6b511@msnews.microsoft.com...

> Hello Lanny,

>

> From another posting:

>

> You can use the script below to generate a report on local Administrators

> and Power Users. Copy it into a text file and rename it with the .vbs

> extension. Run it from the domain controller. For the computers you are

> auditing, you must have Administrator privileges and be able to access the

> computer's RPC ports. The output is tab delimited and can be opened in

> Excel.

>

>

> '--------------------------------------------------------------------------------

>

> Set oADInfo = CreateObject("ADSystemInfo")

> Set oFso = WScript.CreateObject("Scripting.Filesystemobject")

> Set oShell = WScript.CreateObject("Wscript.Shell")

>

> LogPath = oShell.SpecialFolders("MyDocuments") + "\Privileged Local

> User Audit.txt"

> AdsiPath = "WinNT://" + oADInfo.DomainShortName

> tab = Chr(9)

>

> ' Connect to Active Directory

>

> Set ADComputers = GetObject(AdsiPath)

> ADComputers.Filter = Array("Computer")

>

> ' Open the log file

>

> Set oLog = oFso.CreateTextfile(LogPath, true)

> oLog.WriteLine "Privileged Local Users on Computers in the " + _

> oADInfo.DomainDNSName + _

> " domain."

> oLog.WriteLine Now

> oLog.WriteLine ""

> oLog.WriteLine "Computer" + tab + _

> "Administrators" + tab + _

> "Administrators Groups" + tab + _

> "Power Users" + tab + _

> "Power Users Groups"

>

> ' Check each computer

>

> For Each oComputer in ADComputers

>

> ' Trap any errors in case the user is unauthorized, the computer is

> inaccessible, etc.

> On Error Resume Next

>

> ' Get the Administrators users and groups

>

> AdminUsers = ""

> AdminGroups = ""

> Set objGroup = GetObject("WinNT://" & oComputer.Name & "/

> Administrators")

> If Not(Err.Number = 0) Then

> AdminUsers = Err.Number

> AdminGroups = Err.Number

> End If

>

> For Each objUser In objGroup.Members

> If objUser.Class = "User" Then

> AdminUsers = AdminUsers + objUser.Name + "; "

> else

> AdminGroups = AdminGroups + objUser.Name + "; "

> end if

> Next

>

> ' Get the Power Users users and groups

>

> PowerUsers = ""

> PowerGroups = ""

> Set objGroup = GetObject("WinNT://" & oComputer.Name & "/Power

> Users")

> If Not(Err.Number = 0) Then

> PowerUsers = Err.Number

> PowerGroups = Err.Number

> End If

>

> For Each objUser In objGroup.Members

> If objUser.Class = "User" Then

> PowerUsers = PowerUsers + objUser.Name + "; "

> else

> PowerGroups = PowerGroups + objUser.Name + "; "

> end if

> Next

>

> ' Output to the log

>

> oLog.WriteLine oComputer.Name + tab + _

> AdminUsers + tab + _

> AdminGroups + tab + _

> PowerUsers + tab + _

> PowerGroups

>

> Next

>

> ' Close log file handle, open the log in Notepad

>

> oLog.Close

> oShell.Run "notepad.exe """ + LogPath + """"

>

> ' Clean up

>

> Set ADComputers = Nothing

> Set oADInfo = Nothing

> Set oFso = Nothing

> Set oLog = Nothing

> Set oLog = Nothing

> Set oShell = Nothing

>

> '--------------------------------------------------------------------------------

>

>

> Best regards

>

> Meinolf Weber

> Disclaimer: This posting is provided "AS IS" with no warranties, and

> confers no rights.

> ** Please do NOT email, only reply to Newsgroups

> ** HELP us help YOU!!! http://www.blakjak.demon.co.uk/mul_crss.htm

>

>> Anyone know of a way to find out who has local admin rights on

>> workstations in the domain, as in a regular user and not just the

>> domain admins.

>>

>> TIA

>>

>

>

Guest Lanny Boy

Guest Lanny Boy

Posted
Posted

Re: Local Admins on Workstations?

 

Thank you!

 Share
Go to topic listing
×
×
  • Create New...