I was organizing files this weekend and ran across a script I created for a customer recently. They we trying to determine the membership of the local Administrators group on each computer on their network. The had determined that non-admin users were being added to the local Administrator group and needed to know how widespread the problem was. Once they determine that I recommended they use Group Policy, Restricted Groups to fix the problem.
The VBScript below follows my standard script format that starts with an input file (INPUT.TXT) with a list of computers and automatically creates a tab-separated (for analysis in Excel) output file based on the name of the input file and appends RESULTS.TXT to the name. Once we open the input for to read, and the output file for writing we start the loop. The real work happens in the DO WHILE loop. First thing we do is run a Function named Get ComputerStatus. Since we are connecting to a remote computer, I use this function to determine if a computer is online by pinging it. If it is online we continue, if not we write "Computer Could Not Be Contacted" to the log and get the next computer in the list. The EnumGroup function is used to get the membership of the local Administrators group and write it to the log file. Once we finish the files are closed and the log file is opened in notepad.
To use this script, copy the contents to notepad and save the file with a VBS extension. Create an input file with computer nameon each line. You can run the script by double clicking it but I prefer to run it from a command prompt using cscript so that I only have a single command prompt instead of a command prompt for every "ping". If anyone uses this script and finds it useful leave me a comment and/or a rating.
LocalAdminGroupMembership.vbs
'**********************************************' SCRIPT: LocalAdminGroupMembership.vbs' AUTHOR: Muaddib :-)' DATE: 08/21/08' VERSION: 1.0' PURPOSE: Used to Query remote computers and enumerate memebers of ' local admin group' USAGE: 1. List computers to be queried in input.txt (other text file)' 2. LocalAdminGroupMembership.vbs' 3. Output file, results.txt will show status'Revision: ' ''**********************************************
Option Explicit
'ON ERROR RESUME NEXT 'Do Not Uncomment until script is ready for production
Dim oWshShell, oFSO, oFileName1, oFilename2, objWMIService, colItems, sProtocol, sSearch, sNWStatus, sDate, iErrNumberDim objItem, strComputer, oExec, strPingStdOut, sStatus, bComputerOnline, aComputers, Computer, sOutPutFile, sInPutFile, sComputerStatusDim arrFileNAme, sOutPutFileName,objGroup, strOffset
CONST ForReading = 1CONST ForWriting = 2CONST ForAppending = 8
'Prompt for name of input filesInPutFile = INPUTBOX("Enter name of input file. Input file must exist in the script folder.", "Enter Input File Name","input.txt" )IF sInputFile = "" THEN wscript.echo "Operation was cancelled" wscript.quitEND IF
'Trim extension from sInputFile1 arrFileNAme = Split(sInPutFile, ".")sOutPutFileName = UCASE(arrFIleNAme(0))'Prompt for name of output filesOutPutFile = INPUTBOX("Enter name of output file. Output file will be placed in script folder.", "Enter Output File Name",sOutPutFileName & "_RESULTS.TXT" )IF sOutPutFile = "" THEN wscript.echo "Operation was cancelled" wscript.quitEND IF
Set oWshShell = Wscript.CreateObject("Wscript.Shell")Set oFSO = CreateObject("Scripting.FileSystemObject")
'Open input file and readSet oFilename1 = oFSO.OpenTextFile(".\" & sInPutFile, ForReading, False)iErrNumber = err.number 'Check for missing file IF iErrNumber = 53 THEN Wscript.echo "Error - " & sInPutFile & " file was not found." wscript.quit END IF
Set oFilename2 = oFSO.OpenTextFile(".\" & sOutPutFile, ForWriting, True)
' OPTIONAL LOG HEADER'Get date and write it to log'sDate = Now()'oFilename2.writeline "Log Started " & sDate'oFilename2.writeblanklines 1
'Read external list of computers and check their statusDO While oFilename1.AtEndOfStream <> True strComputer = oFileName1.ReadLine IF GetComputerStatus(strComputer) = 1 Then 'sComputerStatus = "Online" Set objGroup = GetObject("WinNT://" & strComputer & "/Administrators,group") sComputerStatus = EnumGroup(objGroup, "") Else sComputerStatus = "Computer Could Not Be Contacted" End IF oFilename2.writeline strCOmputer & vbTab & sComputerStatusLoop
'OPTIONAL LOG FOOTER'sDate = Now()'oFilename2.writeblanklines 2'oFilename2.writeline "Log Completed " & sDate
'Close input fileoFilename1.close'Close Log fileoFilename2.close
'Wscript.echo "Finished Scanning Computers" 'open log fileoWshShell.run "notepad.exe .\" & sOutPutFile, 5, FALSE
Set oWshShell = NothingSet oFSO = NothingSet oExec = NothingSet oFilename1 = NothingSet oFilename2 = Nothing
Function GetComputerStatus (strComputer) 'Function Returns a 1 if computer is available 'Used to determine if a computer is online before 'attempting WMI connection 'IP Address or computer name can be used Dim sStatus sStatus = 0' wscript.echo "Echo strCOmputer - " & strcomputer Set oWshShell = Wscript.CreateObject("Wscript.Shell") Set oExec = oWshShell.Exec("ping -n 2 -w 1000 " & strComputer) strPingStdOut = oExec.StdOut.ReadAll If InStr(1,strPingStdOut, "reply from ",1) <> 0 Then sStatus = 1 Else sStatus = 0 End IF GetComputerStatus = sStatus END FUNCTION Function EnumGroup(objGroup, strOffset) Dim objMember, strMembers For Each objMember In objGroup.Members strMembers = strmembers & strOffset & objMember.Name & ", " Next EnumGroup = strMembersEnd Function
Sample INPUT.TXT
Computer1Computer2Computer3Computer4
Sample Input_RESULTS.TX
Computer1 Computer Could Not Be ContactedComputer2 Administrator, Administrator, Domain Admins, SMS_ADMIN, Computer3 Administrator, Domain Admins, Administrator, SMS_ADMIN, Computer4 Administrator, Domain Admins, Administrator, SMS_ADMIN,
PingBack from http://www.easycoded.com/whos-in-the-local-administrators-group/
Thanks for this - really helped!
Thank you so much for this. This is exactly what i was looking for!!
Works like a charm!
Thank you very much...
This is great! Thank you very much.
a really appreciated effort and work. Thnx.
I got an error on line 51 when I run the script. Error is:
Script: C\Documents and Settings\Alan\Desktop\LocalAdmin.vbs
Line: 51
Char: 1
Error: File not found
Code: 800A0035
Source: Microsoft VBScript runtime error
I copied from the comment lines down to ... EnumGroup = strMembers
End Function
to notepad and save the file as LocalAdmin.vbs. I ran the vbs file from the command line. It asked for the input and output file and return an error.
What did I do wrong?
Alan,
Make sure the INPUT.TXT file is in the same folder as script or specify the full path to file in the input box. Sometimes the script code wraps in the browser window and breaks a line when you paste it into notepad. As you can tell from the comments above a several people have been able to use the script.
Hi Muaddib,
This script is SUPER...but one little thing...
The script bombs out at line 72 { Set objGroup = GetObject("WinNT://" & strComputer & "/Administrators,group") }
when there is a windows vista or window7 workstation in the list...
Question:- is there a way that it can ignore that workstation and continue with other workstations instead of stopping altogether?
Thanks a bunch.
Worked a treat.
Amazing stuff...works like a charm...thanks for putting your hardwork in the public domain..
Marvelous. Just what I looked for. Thank you very much.
Thanks..!!
Could you mod the script for me a little, so i can run the script local on my laptop, and it discovers machines on my domain.
then as you you have, output to a txt file local admin group for each machine its discovered.
Thankyou for your time...!!
Thanks. The script works like a charm!!!!!!
Worked great! except for one thing. when it hits a computer where there aren't enough privileges it bombs the entire program. I simply removed the computer in question from the txt file and it worked great! Thanks.