Sdílet prostřednictvím


Who's in the Local Administrators Group?

I was organizing files this weekend and ran across a script I created for a customer recently.   They we trying to determine the membership of the local Administrators group on each computer on their network.  The had determined that non-admin users were being added to the local Administrator group and needed to know how widespread the problem was.  Once they determine that I recommended they use Group Policy, Restricted Groups to fix the problem.

The VBScript below follows my standard script format that starts with an input file (INPUT.TXT) with a list of computers and automatically creates a tab-separated (for analysis in Excel) output file based on the name of the input file and appends RESULTS.TXT to the name.  Once we open the input for to read,  and the output file for writing we start the loop.  The real work happens in the DO WHILE loop.  First thing we do is run a Function named Get ComputerStatus.  Since we are connecting to a remote computer, I use this function to determine if a computer is online by pinging it.  If it is online we continue, if not we write "Computer Could Not Be Contacted" to the log and get the next computer in the list.  The EnumGroup function is used to get the membership of the local Administrators group and write it to the log file.  Once we finish the files are closed and the log file is opened in notepad.

To use this script, copy the contents to notepad and save the file with a VBS extension.  Create an input file with computer nameon each line.  You can run the script by double clicking it but I prefer to run it from a command prompt using cscript so that I only have a single command prompt instead of a command prompt for every "ping".  If anyone uses this script and finds it useful leave me a comment and/or a rating.

LocalAdminGroupMembership.vbs

'**********************************************
'  SCRIPT: LocalAdminGroupMembership.vbs
'  AUTHOR: Muaddib :-)
'  DATE: 08/21/08
' VERSION: 1.0
' PURPOSE: Used to Query remote computers and enumerate memebers of
'          local admin group
'   USAGE: 1. List computers to be queried in input.txt (other text file)
'          2. LocalAdminGroupMembership.vbs
'          3. Output file, results.txt will show status
'Revision:
'         
'
'**********************************************

Option Explicit

'ON ERROR RESUME NEXT 'Do Not Uncomment until script is ready for production

Dim oWshShell, oFSO, oFileName1, oFilename2, objWMIService, colItems, sProtocol, sSearch, sNWStatus, sDate, iErrNumber
Dim objItem, strComputer, oExec, strPingStdOut, sStatus, bComputerOnline, aComputers, Computer, sOutPutFile, sInPutFile, sComputerStatus
Dim arrFileNAme, sOutPutFileName,objGroup, strOffset

CONST ForReading = 1
CONST ForWriting = 2
CONST ForAppending = 8

'Prompt for name of input file
sInPutFile = INPUTBOX("Enter name of input file.  Input file must exist in the script folder.", "Enter Input File Name","input.txt" )
IF sInputFile = "" THEN
   wscript.echo "Operation was cancelled"
   wscript.quit
END IF  

'Trim extension from sInputFile1  
arrFileNAme = Split(sInPutFile, ".")
sOutPutFileName = UCASE(arrFIleNAme(0))
'Prompt for name of output file
sOutPutFile = INPUTBOX("Enter name of output file.  Output file will be placed in script folder.", "Enter Output File Name",sOutPutFileName & "_RESULTS.TXT" )
IF sOutPutFile = "" THEN
   wscript.echo "Operation was cancelled"
   wscript.quit
END IF  

Set oWshShell = Wscript.CreateObject("Wscript.Shell")
Set oFSO = CreateObject("Scripting.FileSystemObject")

'Open input file and read
Set oFilename1 = oFSO.OpenTextFile(".\" & sInPutFile, ForReading, False)
iErrNumber = err.number
  'Check for missing file
  IF iErrNumber = 53 THEN
     Wscript.echo "Error - " & sInPutFile & " file was not found."
     wscript.quit
  END IF

Set oFilename2 = oFSO.OpenTextFile(".\" & sOutPutFile, ForWriting, True)

' OPTIONAL LOG HEADER
'Get date and write it to log
'sDate = Now()
'oFilename2.writeline "Log Started " & sDate
'oFilename2.writeblanklines 1

'Read external list of computers and check their status
DO While oFilename1.AtEndOfStream <> True
    strComputer = oFileName1.ReadLine
   
    IF GetComputerStatus(strComputer) = 1 Then
        'sComputerStatus = "Online"
        Set objGroup = GetObject("WinNT://" & strComputer & "/Administrators,group")
        sComputerStatus = EnumGroup(objGroup, "")
      Else
        sComputerStatus = "Computer Could Not Be Contacted"
    End IF
       
    oFilename2.writeline strCOmputer & vbTab & sComputerStatus
Loop

'OPTIONAL LOG FOOTER
'sDate = Now()
'oFilename2.writeblanklines 2
'oFilename2.writeline "Log Completed " & sDate

'Close input file
oFilename1.close
'Close Log file
oFilename2.close

'Wscript.echo "Finished Scanning Computers" 'open log file
oWshShell.run "notepad.exe .\" & sOutPutFile, 5, FALSE

Set oWshShell = Nothing
Set oFSO = Nothing
Set oExec = Nothing
Set oFilename1 = Nothing
Set oFilename2 = Nothing

Function GetComputerStatus (strComputer)
  'Function Returns a 1 if computer is available
  'Used to determine if a computer is online before
  'attempting WMI connection
  'IP Address or computer name can be used
  Dim sStatus
  sStatus = 0
'   wscript.echo "Echo strCOmputer - " & strcomputer
  Set oWshShell = Wscript.CreateObject("Wscript.Shell")
  Set oExec = oWshShell.Exec("ping -n 2 -w 1000  " & strComputer)
  strPingStdOut = oExec.StdOut.ReadAll
    If InStr(1,strPingStdOut, "reply from ",1) <> 0 Then
      sStatus = 1
    Else  
      sStatus = 0
    End IF
    GetComputerStatus = sStatus
 END FUNCTION      
 
Function EnumGroup(objGroup, strOffset)
   Dim objMember, strMembers
   For Each objMember In objGroup.Members
      strMembers = strmembers & strOffset & objMember.Name &  ", "
   Next
  EnumGroup = strMembers
End Function

Sample INPUT.TXT     

Computer1
Computer2
Computer3
Computer4

Sample Input_RESULTS.TX

Computer1 Computer Could Not Be Contacted
Computer2 Administrator, Administrator, Domain Admins, SMS_ADMIN,
Computer3 Administrator, Domain Admins, Administrator, SMS_ADMIN,
Computer4 Administrator, Domain Admins, Administrator, SMS_ADMIN,

Comments

  • Anonymous
    October 12, 2008
    PingBack from http://www.easycoded.com/whos-in-the-local-administrators-group/

  • Anonymous
    October 28, 2008
    Thanks for this - really helped!

  • Anonymous
    February 12, 2009
    Thank you so much for this.  This is exactly what i was looking for!!

  • Anonymous
    March 18, 2009
    Works like a charm! Thank you very much...

  • Anonymous
    April 21, 2009
    This is great! Thank you very much.

  • Anonymous
    April 22, 2009
    a really appreciated effort and work. Thnx.

  • Anonymous
    May 22, 2009
    The comment has been removed

  • Anonymous
    May 22, 2009
    The comment has been removed

  • Anonymous
    July 02, 2009
    The comment has been removed

  • Anonymous
    July 16, 2009
    Thanks a bunch. Worked a treat.

  • Anonymous
    September 10, 2009
    Amazing stuff...works like a charm...thanks for putting your hardwork in the public domain..

  • Anonymous
    September 20, 2009
    Marvelous. Just what I looked for. Thank you very much.

  • Anonymous
    November 05, 2009
    Thanks..!! Could you mod the script for me a little, so i can run the script local on my laptop, and it discovers machines on my domain. then as you you have, output to a txt file local admin group for each machine its discovered. Thankyou for your time...!!

  • Anonymous
    January 06, 2010
    Thanks.  The script works like a charm!!!!!!

  • Anonymous
    September 13, 2010
    The comment has been removed

  • Anonymous
    August 28, 2011
    The comment has been removed

  • Anonymous
    August 28, 2011
    The comment has been removed

  • Anonymous
    February 26, 2013
    Thanks, works great!

  • Anonymous
    April 09, 2013
    The comment has been removed

  • Anonymous
    April 09, 2013
    @Sam Monroe - Make sure the script lines are not wrapping when you copy/paste.  Make browser full screen just to be sure.  I just ran script on a Windows 8 system and it runs fine.  Make sure you have at least one computer (local machine works) in an input.txt file.