Obscurum per Obscurius

Explaining the obscure by means of the more obscure

Who's in the Local Administrators Group?

Who's in the Local Administrators Group?

  • Comments 20

I was organizing files this weekend and ran across a script I created for a customer recently.   They we trying to determine the membership of the local Administrators group on each computer on their network.  The had determined that non-admin users were being added to the local Administrator group and needed to know how widespread the problem was.  Once they determine that I recommended they use Group Policy, Restricted Groups to fix the problem.

The VBScript below follows my standard script format that starts with an input file (INPUT.TXT) with a list of computers and automatically creates a tab-separated (for analysis in Excel) output file based on the name of the input file and appends RESULTS.TXT to the name.  Once we open the input for to read,  and the output file for writing we start the loop.  The real work happens in the DO WHILE loop.  First thing we do is run a Function named Get ComputerStatus.  Since we are connecting to a remote computer, I use this function to determine if a computer is online by pinging it.  If it is online we continue, if not we write "Computer Could Not Be Contacted" to the log and get the next computer in the list.  The EnumGroup function is used to get the membership of the local Administrators group and write it to the log file.  Once we finish the files are closed and the log file is opened in notepad.

To use this script, copy the contents to notepad and save the file with a VBS extension.  Create an input file with computer nameon each line.  You can run the script by double clicking it but I prefer to run it from a command prompt using cscript so that I only have a single command prompt instead of a command prompt for every "ping".  If anyone uses this script and finds it useful leave me a comment and/or a rating.
 

LocalAdminGroupMembership.vbs

'**********************************************
'  SCRIPT: LocalAdminGroupMembership.vbs
'  AUTHOR: Muaddib :-)
'  DATE: 08/21/08
' VERSION: 1.0
' PURPOSE: Used to Query remote computers and enumerate memebers of
'          local admin group
'   USAGE: 1. List computers to be queried in input.txt (other text file)
'          2. LocalAdminGroupMembership.vbs
'          3. Output file, results.txt will show status
'Revision:
'         
'
'**********************************************

Option Explicit

'ON ERROR RESUME NEXT 'Do Not Uncomment until script is ready for production

Dim oWshShell, oFSO, oFileName1, oFilename2, objWMIService, colItems, sProtocol, sSearch, sNWStatus, sDate, iErrNumber
Dim objItem, strComputer, oExec, strPingStdOut, sStatus, bComputerOnline, aComputers, Computer, sOutPutFile, sInPutFile, sComputerStatus
Dim arrFileNAme, sOutPutFileName,objGroup, strOffset

CONST ForReading = 1
CONST ForWriting = 2
CONST ForAppending = 8


'Prompt for name of input file
sInPutFile = INPUTBOX("Enter name of input file.  Input file must exist in the script folder.", "Enter Input File Name","input.txt" )
IF sInputFile = "" THEN
   wscript.echo "Operation was cancelled"
   wscript.quit
END IF  

'Trim extension from sInputFile1  
arrFileNAme = Split(sInPutFile, ".")
sOutPutFileName = UCASE(arrFIleNAme(0))
'Prompt for name of output file
sOutPutFile = INPUTBOX("Enter name of output file.  Output file will be placed in script folder.", "Enter Output File Name",sOutPutFileName & "_RESULTS.TXT" )
IF sOutPutFile = "" THEN
   wscript.echo "Operation was cancelled"
   wscript.quit
END IF  

Set oWshShell = Wscript.CreateObject("Wscript.Shell")
Set oFSO = CreateObject("Scripting.FileSystemObject")

'Open input file and read
Set oFilename1 = oFSO.OpenTextFile(".\" & sInPutFile, ForReading, False)
iErrNumber = err.number
  'Check for missing file
  IF iErrNumber = 53 THEN
     Wscript.echo "Error - " & sInPutFile & " file was not found."
     wscript.quit
  END IF

Set oFilename2 = oFSO.OpenTextFile(".\" & sOutPutFile, ForWriting, True)

' OPTIONAL LOG HEADER
'Get date and write it to log
'sDate = Now()
'oFilename2.writeline "Log Started " & sDate
'oFilename2.writeblanklines 1

'Read external list of computers and check their status
DO While oFilename1.AtEndOfStream <> True
    strComputer = oFileName1.ReadLine
   
    IF GetComputerStatus(strComputer) = 1 Then
        'sComputerStatus = "Online"
        Set objGroup = GetObject("WinNT://" & strComputer & "/Administrators,group")
        sComputerStatus = EnumGroup(objGroup, "")
      Else
        sComputerStatus = "Computer Could Not Be Contacted"
    End IF
       
    oFilename2.writeline strCOmputer & vbTab & sComputerStatus
Loop

'OPTIONAL LOG FOOTER
'sDate = Now()
'oFilename2.writeblanklines 2
'oFilename2.writeline "Log Completed " & sDate

'Close input file
oFilename1.close
'Close Log file
oFilename2.close

'Wscript.echo "Finished Scanning Computers" 'open log file
oWshShell.run "notepad.exe .\" & sOutPutFile, 5, FALSE

Set oWshShell = Nothing
Set oFSO = Nothing
Set oExec = Nothing
Set oFilename1 = Nothing
Set oFilename2 = Nothing

Function GetComputerStatus (strComputer)
  'Function Returns a 1 if computer is available
  'Used to determine if a computer is online before
  'attempting WMI connection
  'IP Address or computer name can be used
  Dim sStatus
  sStatus = 0
'   wscript.echo "Echo strCOmputer - " & strcomputer
  Set oWshShell = Wscript.CreateObject("Wscript.Shell")
  Set oExec = oWshShell.Exec("ping -n 2 -w 1000  " & strComputer)
  strPingStdOut = oExec.StdOut.ReadAll
    If InStr(1,strPingStdOut, "reply from ",1) <> 0 Then
      sStatus = 1
    Else  
      sStatus = 0
    End IF
    GetComputerStatus = sStatus
 END FUNCTION      
 
Function EnumGroup(objGroup, strOffset)
   Dim objMember, strMembers
   For Each objMember In objGroup.Members
      strMembers = strmembers & strOffset & objMember.Name &  ", "
   Next
  EnumGroup = strMembers
End Function

Sample INPUT.TXT     

Computer1
Computer2
Computer3
Computer4

Sample Input_RESULTS.TX

Computer1 Computer Could Not Be Contacted
Computer2 Administrator, Administrator, Domain Admins, SMS_ADMIN,
Computer3 Administrator, Domain Admins, Administrator, SMS_ADMIN,
Computer4 Administrator, Domain Admins, Administrator, SMS_ADMIN,

Leave a Comment
  • Please add 6 and 5 and type the answer here:
  • Post
  • PingBack from http://www.easycoded.com/whos-in-the-local-administrators-group/

  • Thanks for this - really helped!

  • Thank you so much for this.  This is exactly what i was looking for!!

  • Works like a charm!

    Thank you very much...

  • This is great! Thank you very much.

  • a really appreciated effort and work. Thnx.

  • I got an error on line 51 when I run the script.  Error is:

    Script:  C\Documents and Settings\Alan\Desktop\LocalAdmin.vbs

    Line:  51

    Char: 1

    Error:  File not found

    Code: 800A0035

    Source:  Microsoft VBScript runtime error

    I copied from the comment lines down to ...   EnumGroup = strMembers

    End Function

    to notepad and save the file as LocalAdmin.vbs.  I ran the vbs file from the command line.  It asked for the input and output file and return an error.

    What did I do wrong?

  • Alan,

    Make sure the INPUT.TXT file is in the same folder as script or specify the full path to file in the input box.  Sometimes the script code wraps in the browser window and breaks a line when you paste it into notepad.  As you can tell from the comments above a several people have been able to use the script.

  • Hi Muaddib,

    This script is SUPER...but one little thing...

    The script bombs out at line 72 {  Set objGroup = GetObject("WinNT://" & strComputer & "/Administrators,group") }

    when there is a windows vista or window7 workstation in the list...

    Question:- is there a way that it can ignore that workstation and continue with other workstations instead of stopping altogether?

  • Thanks a bunch.

    Worked a treat.

  • Amazing stuff...works like a charm...thanks for putting your hardwork in the public domain..

  • Marvelous. Just what I looked for. Thank you very much.

  • Thanks..!!

    Could you mod the script for me a little, so i can run the script local on my laptop, and it discovers machines on my domain.

    then as you you have, output to a txt file local admin group for each machine its discovered.

    Thankyou for your time...!!

  • Thanks.  The script works like a charm!!!!!!

  • Worked great! except for one thing. when it hits a computer where there aren't enough privileges it bombs the entire program. I simply removed the computer in question from the txt file and it worked great! Thanks.

Page 1 of 2 (20 items) 12