I was organizing files this weekend and ran across a script I created for a customer recently. They we trying to determine the membership of the local Administrators group on each computer on their network. The had determined that non-admin users were being added to the local Administrator group and needed to know how widespread the problem was. Once they determine that I recommended they use Group Policy, Restricted Groups to fix the problem.
The VBScript below follows my standard script format that starts with an input file (INPUT.TXT) with a list of computers and automatically creates a tab-separated (for analysis in Excel) output file based on the name of the input file and appends RESULTS.TXT to the name. Once we open the input for to read, and the output file for writing we start the loop. The real work happens in the DO WHILE loop. First thing we do is run a Function named Get ComputerStatus. Since we are connecting to a remote computer, I use this function to determine if a computer is online by pinging it. If it is online we continue, if not we write "Computer Could Not Be Contacted" to the log and get the next computer in the list. The EnumGroup function is used to get the membership of the local Administrators group and write it to the log file. Once we finish the files are closed and the log file is opened in notepad.
To use this script, copy the contents to notepad and save the file with a VBS extension. Create an input file with computer nameon each line. You can run the script by double clicking it but I prefer to run it from a command prompt using cscript so that I only have a single command prompt instead of a command prompt for every "ping". If anyone uses this script and finds it useful leave me a comment and/or a rating.
LocalAdminGroupMembership.vbs
'**********************************************
' SCRIPT: LocalAdminGroupMembership.vbs
' AUTHOR: Muaddib :-)
' DATE: 08/21/08
' VERSION: 1.0
' PURPOSE: Used to Query remote computers and enumerate memebers of
' local admin group
' USAGE: 1. List computers to be queried in input.txt (other text file)
' 2. LocalAdminGroupMembership.vbs
' 3. Output file, results.txt will show status
'Revision:
'
'
'**********************************************
Option Explicit
'ON ERROR RESUME NEXT 'Do Not Uncomment until script is ready for production
Dim oWshShell, oFSO, oFileName1, oFilename2, objWMIService, colItems, sProtocol, sSearch, sNWStatus, sDate, iErrNumber
Dim objItem, strComputer, oExec, strPingStdOut, sStatus, bComputerOnline, aComputers, Computer, sOutPutFile, sInPutFile, sComputerStatus
Dim arrFileNAme, sOutPutFileName,objGroup, strOffset
CONST ForReading = 1
CONST ForWriting = 2
CONST ForAppending = 8
'Prompt for name of input file
sInPutFile = INPUTBOX("Enter name of input file. Input file must exist in the script folder.", "Enter Input File Name","input.txt" )
IF sInputFile = "" THEN
wscript.echo "Operation was cancelled"
wscript.quit
END IF
'Trim extension from sInputFile1
arrFileNAme = Split(sInPutFile, ".")
sOutPutFileName = UCASE(arrFIleNAme(0))
'Prompt for name of output file
sOutPutFile = INPUTBOX("Enter name of output file. Output file will be placed in script folder.", "Enter Output File Name",sOutPutFileName & "_RESULTS.TXT" )
IF sOutPutFile = "" THEN
wscript.echo "Operation was cancelled"
wscript.quit
END IF
Set oWshShell = Wscript.CreateObject("Wscript.Shell")
Set oFSO = CreateObject("Scripting.FileSystemObject")
'Open input file and read
Set oFilename1 = oFSO.OpenTextFile(".\" & sInPutFile, ForReading, False)
iErrNumber = err.number
'Check for missing file
IF iErrNumber = 53 THEN
Wscript.echo "Error - " & sInPutFile & " file was not found."
wscript.quit
END IF
Set oFilename2 = oFSO.OpenTextFile(".\" & sOutPutFile, ForWriting, True)
' OPTIONAL LOG HEADER
'Get date and write it to log
'sDate = Now()
'oFilename2.writeline "Log Started " & sDate
'oFilename2.writeblanklines 1
'Read external list of computers and check their status
DO While oFilename1.AtEndOfStream <> True
strComputer = oFileName1.ReadLine
IF GetComputerStatus(strComputer) = 1 Then
'sComputerStatus = "Online"
Set objGroup = GetObject("WinNT://" & strComputer & "/Administrators,group")
sComputerStatus = EnumGroup(objGroup, "")
Else
sComputerStatus = "Computer Could Not Be Contacted"
End IF
oFilename2.writeline strCOmputer & vbTab & sComputerStatus
Loop
'OPTIONAL LOG FOOTER
'sDate = Now()
'oFilename2.writeblanklines 2
'oFilename2.writeline "Log Completed " & sDate
'Close input file
oFilename1.close
'Close Log file
oFilename2.close
'Wscript.echo "Finished Scanning Computers" 'open log file
oWshShell.run "notepad.exe .\" & sOutPutFile, 5, FALSE
Set oWshShell = Nothing
Set oFSO = Nothing
Set oExec = Nothing
Set oFilename1 = Nothing
Set oFilename2 = Nothing
Function GetComputerStatus (strComputer)
'Function Returns a 1 if computer is available
'Used to determine if a computer is online before
'attempting WMI connection
'IP Address or computer name can be used
Dim sStatus
sStatus = 0
' wscript.echo "Echo strCOmputer - " & strcomputer
Set oWshShell = Wscript.CreateObject("Wscript.Shell")
Set oExec = oWshShell.Exec("ping -n 2 -w 1000 " & strComputer)
strPingStdOut = oExec.StdOut.ReadAll
If InStr(1,strPingStdOut, "reply from ",1) <> 0 Then
sStatus = 1
Else
sStatus = 0
End IF
GetComputerStatus = sStatus
END FUNCTION
Function EnumGroup(objGroup, strOffset)
Dim objMember, strMembers
For Each objMember In objGroup.Members
strMembers = strmembers & strOffset & objMember.Name & ", "
Next
EnumGroup = strMembers
End Function
Sample INPUT.TXT
Computer1
Computer2
Computer3
Computer4
Sample Input_RESULTS.TX
Computer1 Computer Could Not Be Contacted
Computer2 Administrator, Administrator, Domain Admins, SMS_ADMIN,
Computer3 Administrator, Domain Admins, Administrator, SMS_ADMIN,
Computer4 Administrator, Domain Admins, Administrator, SMS_ADMIN,
