mikeyr Posted September 12, 2013 Share Posted September 12, 2013 (edited) I have been trying to write a small app to get all the administrators on a computer, this will be exectuded locally on all 70 computers (mostly because I don't know how to get the info remotely and don't mind going to all of them ONE time). The issue is that the previous admin allowed all users to have administrators privileges on their computers and many of them created accounts besides their own, I am in the process of removing those accounts. I wrote a small script to get all user names on the system my plan was to delete all accounts with Administrator group privs but I can't get the admin I know about IsAdmin() but that does not seem to allow you to pass a param to it for names other than the one running the script, if I am wrong please let me know. I tried $colGroups = ObjGet("WinNT:/" & $host & "/Administrators,group") If Not IsObj($colGroups) Then Return $colGroups.Filter = $filter For $objGroup In $colGroups If $objGroup.name = "Administrators" Then $LocalAdmins[$i][0] = $host & @CRLF For $objUser In $objGroup.Members $LocalAdmins[$i][0] = "--" & $objUser.name & @CRLF $i += 1 Next $LocalAdmins[$i][0] = @CRLF & @CRLF EndIf Next but that returned nothing. (yes, I know winNT above has 2 slashes, but with 2, it did not show the lines in the code window) I searched the forms and found this >post but that did not work either, returned nothing to me. I am stuck at getting the user groups. My only solution is to call runwait(net localgroup "administrators" >file) and then parse the file but there has to be a better way. By the way this is Win7 machines, moslty win7 anyway. The above 2 examples might work in XP, did not try it, I need it to work on both. Edited September 12, 2013 by mikeyr Link to comment Share on other sites More sharing options...
Solution UEZ Posted September 12, 2013 Solution Share Posted September 12, 2013 (edited) I found one of my old scripts: MsgBox(0, "Test", WMI_GetLocalAdminMembership()) Func WMI_GetLocalAdminMembership($sHost = @ComputerName) ;coded by UEZ 2010 If $sHost = "Localhost" Then $sHost = @ComputerName Local $LM_members, $x, $LM_LocalGroup_Name, $type $LM_LocalGroup_Name = "Administrators" $objWMIService = ObjGet("winmgmts:\\" & $sHost & "\root\cimv2") $colItems = $objWMIService.ExecQuery("Select Name, SID from Win32_Group WHERE Domain='" & $sHost & "'", "WQL", 0x30) If IsObj($colItems) Then For $objItem In $colItems If $objItem.SID = "S-1-5-32-544" Then $LM_LocalGroup_Name = $objItem.Name Next Else Return SetError (1, 0, 0) ;No WMI objects found for class Win32_Group EndIf $colItems = $objWMIService.ExecQuery("Select * from Win32_GroupUser Where GroupComponent=""Win32_Group.Domain='" & $sHost & "',Name='" & $LM_LocalGroup_Name & "'""", "WQL", 0x30) If IsObj($colItems) Then For $objItem In $colItems If $objItem.PartComponent <> "" Then $x = StringSplit($objItem.PartComponent, """") $type = StringMid($x[1], StringInStr($x[1], ":Win32_") + 7, (StringInStr($x[1], ".") - (StringInStr($x[1], ":Win32_") + 7))) $LM_members &= $sHost & ";" & $LM_LocalGroup_Name & ";" & $type & ";" & $x[2] & "\" & $x[4] & @CRLF EndIf Next Return $LM_members EndIf Return SetError (2, 0, 0) ;No WMI objects found for class Win32_GroupUser EndFunc ;==>WMI_GetLocalAdminMembership Br, UEZ Edited September 12, 2013 by UEZ JCEF 1 Please don't send me any personal message and ask for support! I will not reply! Selection of finest graphical examples at Codepen.io The own fart smells best! ✌Her 'sikim hıyar' diyene bir avuç tuz alıp koşma!¯\_(ツ)_/¯ ٩(●̮̮̃•̃)۶ ٩(-̮̮̃-̃)۶ૐ Link to comment Share on other sites More sharing options...
Gianni Posted September 12, 2013 Share Posted September 12, 2013 Hi mikeyr if you like old fashioned dos, this should work #include <array.au3> Local $DOS_out ; Returns members of Administrator group (remove first 6 unwanted lines) $iPID = Run(@ComSpec & ' /c NET LOCALGROUP Administrators | MORE /E +6', "", @SW_HIDE, 2) Do ; wait that dos has finished $DOS_out &= StdoutRead($iPID) Until @error ; Parse members of administrators group from DOS output $admins = StringSplit(StringStripWS($DOS_out, 7), @CR, 2) _ArrayPop($admins); remove last unwanted line _ArrayDisplay($admins) ; show administrators group members bye Chimp small minds discuss people average minds discuss events great minds discuss ideas.... and use AutoIt.... Link to comment Share on other sites More sharing options...
mikeyr Posted September 12, 2013 Author Share Posted September 12, 2013 I found one of my old scripts: PERFECT exactly what I was looking for THANK YOU !!! Hi mikeyr if you like old fashioned dos, this should work That is what I was working on but I assumed there would be a better way, UEZ's function worked perfectly. Link to comment Share on other sites More sharing options...
Recommended Posts
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
Register a new accountSign in
Already have an account? Sign in here.
Sign In Now