What accounts/groups in Local Admin group

O

Olivier

Dear all,

For an audit I need to know (for a large number a servers) what
accounts/groups are member of the local administrator group. Is there a
simple way to create this list (a script for example)? If so, how?

Any help would be highly appreciated.

O.
 
S

S. Pidgorny

"net localgroup [name]" lists members - that's a command line.

Local group access from scripts - standard winnt: provider:

http://www.microsoft.com/technet/scriptcenter/resources/qanda/jan08/hey0107.mspx


--
Svyatoslav Pidgorny, MS MVP - Security, MCSE
-= F1 is the key =-

* http://sl.mvps.org * http://msmvps.com/blogs/sp *

"Olivier" <Olivier@discussions.microsoft.com> wrote in message
news:409F97BD-D0F4-4C88-B525-0564E8BF83A3@microsoft.com...
> Dear all,
>
> For an audit I need to know (for a large number a servers) what
> accounts/groups are member of the local administrator group. Is there a
> simple way to create this list (a script for example)? If so, how?
>
> Any help would be highly appreciated.
>
> O.
 
M

Masterplan

Hi Olivier,

I solved this problem with a logon script. This script puts in a shared
folder named public a .txt file with the computer name and users which are in
the local administrators group and are not domain admins or administrator:

Option Explicit
Const ForAppending = 8
Dim objGroup, strComputer, objMember, WshNetwork, objRecordSet, objFSO,
objFile, strFileName

strComputer = "."
Set WshNetwork = WScript.CreateObject("WScript.Network")
WScript.Echo "Computer Name = " & WshNetwork.ComputerName
Set objGroup = GetObject("WinNT://" & strComputer & "/Administrators,group")
For Each objMember In objGroup.Members
If objMember.Name <> "Administrator" and objMember.Name <> "Domain Admins"
Then

Set objFSO = CreateObject("Scripting.FileSystemObject")
strFileName = "C:\Public\" & WshNetwork.ComputerName & ".txt"
Set objFile = objFSO.OpenTextFile(strFileName, ForAppending, True)
objFile.WriteLine (objMember.Name)
objFile.Close
End If

Next

Hope this is what you're looking for!

"Olivier" wrote:

> Dear all,
>
> For an audit I need to know (for a large number a servers) what
> accounts/groups are member of the local administrator group. Is there a
> simple way to create this list (a script for example)? If so, how?
>
> Any help would be highly appreciated.
>
> O.
 
You must log in or register to reply here.

Similar threads

T
GPO - Local Users and Groups - Item level targeting - Security Group - Removed from security group and local group but it keeps coming back
Replies
0
Views
54
TJCooperWhatever
T
C
Elevate admin rights
Replies
0
Views
60
Carlos Yanez Baez
C
P
Query on Group Policy behaviour - multile GPOs that rename local Administrator account
Replies
0
Views
20
pb3000
P
P
How to create Local Admin on Server 2022 with right privileges
Replies
0
Views
28
Princeapr9
P
Y
I'm unable to login with default Administrator account in windows server 2019
Replies
0
Views
20
Yaser vp
Y
Back
Top Bottom