antmar904 Posted July 18, 2017 Posted July 18, 2017 Hi Is there an easy way to delete all users that are members of the local admin group on a Windows 7 computer except for User-A, User-b or User-c?
antmar904 Posted July 18, 2017 Author Posted July 18, 2017 (edited) I started a script that will write all users and group that are members of the local admin group to a file "RemAdmin.txt". I want to clean the output file of all junk (circled in red in my screenshot). After I clean the output file up, I would like to delete all users and groups that are members of the local admin group BUT leave a list of users a groups that I specify. Exp: Delete all users/groups except: User-A User-b NA-GroupB PXAdmin Domain\NAIG Distributions, etc... Any help is much appreciated. #RequireAdmin #include <Array.au3> RunWait(@ComSpec & " /c net localgroup administrators>C:\Windows\Updates\RemAdmin.txt") $aFile = FileReadToArray("C:\Windows\Updates\RemAdmin.txt") _ArrayDisplay($aFile, "", "", "", "", "", "", "", "") Edited July 18, 2017 by antmar904
Moderators JLogan3o13 Posted July 18, 2017 Moderators Posted July 18, 2017 I usually use something like this. You can then cycle through the array and delete: #include <Array.au3> Local $oGroup, $aUsers[1] = [""] $oGroup = ObjGet("WinNT://" & @ComputerName & "/Administrators,group") If IsObj($oGroup) Then For $member In $oGroup.Members _ArrayAdd($aUsers, StringRight($member.adsPath, (StringLen($member.adsPath) - 8))) Next EndIf $aUsers[0] = UBound($aUsers) - 1 _ArrayDisplay($aUsers) "Profanity is the last vestige of the feeble mind. For the man who cannot express himself forcibly through intellect must do so through shock and awe" - Spencer W. Kimball How to get your question answered on this forum!
antmar904 Posted July 18, 2017 Author Posted July 18, 2017 @JLogan3o13 Thank you for your help. How would I go about cycling through all the members and deleting the ones that I want deleted or keep the ones the I want?
Moderators JLogan3o13 Posted July 18, 2017 Moderators Posted July 18, 2017 Do a normal for loop: For $a = 1 To $aUsers[0] ... Next It has been a long time, but IIRC the syntax is either .Remove or .Delete, so try something like: For $a = 1 To $aUsers[0] If StringInStr($aUsers[$a], "<name you're searching for>") Then $aUsers[$a].Remove EndIf Next "Profanity is the last vestige of the feeble mind. For the man who cannot express himself forcibly through intellect must do so through shock and awe" - Spencer W. Kimball How to get your question answered on this forum!
ViciousXUSMC Posted July 18, 2017 Posted July 18, 2017 Brute Force w/ CMD #RequireAdmin #include <Array.au3> $sKeepNames = "(AdminJohn|AdminPete|Administrator)" Local $oGroup, $aUsers[1] = [""] $oGroup = ObjGet("WinNT://" & @ComputerName & "/Administrators,group") If IsObj($oGroup) Then For $member In $oGroup.Members _ArrayAdd($aUsers, StringRight($member.adsPath, (StringLen($member.adsPath) - 8))) Next EndIf $aUsers[0] = UBound($aUsers) - 1 _ArrayDisplay($aUsers) For $i = 1 To $aUsers[0] If Not StringRegExp($aUsers[$i], $sKeepNames) Then $sUser = StringTrimLeft($aUsers[$i], StringInStr($aUsers[$i], "/", 0, -1)) RunWait(@ComSpec & ' /c' & ' "' & 'net localgroup Administrators ' & $sUser & ' /delete' & '"', "", @SW_HIDE) EndIf Next
Moderators JLogan3o13 Posted July 18, 2017 Moderators Posted July 18, 2017 Here is a cleaned up version of my post above. Easy enough to cycle through a list of users you would like to remove (this is where the "teach a man to fish" part comes in ). And no need to mix objects and command line. #RequireAdmin ;Assume we want to delete Bob... Local $oGroup = ObjGet("WinNT://./Administrators") For $sUser In $oGroup.Members If StringInStr($sUser.ADsPath, "/Bob") Then $oGroup.Remove($sUser.AdsPath) Next iamtheky 1 "Profanity is the last vestige of the feeble mind. For the man who cannot express himself forcibly through intellect must do so through shock and awe" - Spencer W. Kimball How to get your question answered on this forum!
jguinch Posted July 18, 2017 Posted July 18, 2017 Here is a UDF to manage local accounts : Spoiler Network configuration UDF, _DirGetSizeByExtension, _UninstallList Firefox ConfigurationArray multi-dimensions, Printer Management UDF
Moderators JLogan3o13 Posted July 18, 2017 Moderators Posted July 18, 2017 That is one that needs some updating, it is a straight port of a very old vbscript written back in the 2003 days. "Profanity is the last vestige of the feeble mind. For the man who cannot express himself forcibly through intellect must do so through shock and awe" - Spencer W. Kimball How to get your question answered on this forum!
antmar904 Posted July 19, 2017 Author Posted July 19, 2017 @ViciousXUSMC Some of my domain groups have spaces or "_" in the names. This seems that it's not working: #RequireAdmin #include <Array.au3> $sKeepNames = "(pxadmin|domain admins|desktop admin|ihisdskadm|matlab_desktopadmin|admindesktokingman|pdidesktop admin|pds_plantdesign_desktop_admin)" RunWait(@ComSpec & " /c net localgroup administrators>C:\Windows\Updates\LocaAdminGroupMembers.txt", "", @SW_HIDE) Local $oGroup, $aUsers[1] = [""] $oGroup = ObjGet("WinNT://" & @ComputerName & "/Administrators,group") If IsObj($oGroup) Then For $member In $oGroup.Members _ArrayAdd($aUsers, StringRight($member.adsPath, (StringLen($member.adsPath) - 8))) Next EndIf $aUsers[0] = UBound($aUsers) - 1 _ArrayDisplay($aUsers) For $i = 1 To $aUsers[0] If Not StringRegExp($aUsers[$i], $sKeepNames) Then $sUser = StringTrimLeft($aUsers[$i], StringInStr($aUsers[$i], "/", 0, -1)) RunWait(@ComSpec & ' /c' & ' "' & 'net localgroup Administrators ' & $sUser & ' /delete' & '"', "", @SW_HIDE) EndIf Next
antmar904 Posted July 19, 2017 Author Posted July 19, 2017 19 hours ago, JLogan3o13 said: Here is a cleaned up version of my post above. Easy enough to cycle through a list of users you would like to remove (this is where the "teach a man to fish" part comes in ). And no need to mix objects and command line. #RequireAdmin ;Assume we want to delete Bob... Local $oGroup = ObjGet("WinNT://./Administrators") For $sUser In $oGroup.Members If StringInStr($sUser.ADsPath, "/Bob") Then $oGroup.Remove($sUser.AdsPath) Next Hi @JLogan3o13 Thank you for your help. I am looking at your recommendation now.
ViciousXUSMC Posted July 19, 2017 Posted July 19, 2017 38 minutes ago, antmar904 said: @ViciousXUSMC Some of my domain groups have spaces or "_" in the names. This seems that it's not working: #RequireAdmin #include <Array.au3> $sKeepNames = "(pxadmin|domain admins|desktop admin|ihisdskadm|matlab_desktopadmin|admindesktokingman|pdidesktop admin|pds_plantdesign_desktop_admin)" RunWait(@ComSpec & " /c net localgroup administrators>C:\Windows\Updates\LocaAdminGroupMembers.txt", "", @SW_HIDE) Local $oGroup, $aUsers[1] = [""] $oGroup = ObjGet("WinNT://" & @ComputerName & "/Administrators,group") If IsObj($oGroup) Then For $member In $oGroup.Members _ArrayAdd($aUsers, StringRight($member.adsPath, (StringLen($member.adsPath) - 8))) Next EndIf $aUsers[0] = UBound($aUsers) - 1 _ArrayDisplay($aUsers) For $i = 1 To $aUsers[0] If Not StringRegExp($aUsers[$i], $sKeepNames) Then $sUser = StringTrimLeft($aUsers[$i], StringInStr($aUsers[$i], "/", 0, -1)) RunWait(@ComSpec & ' /c' & ' "' & 'net localgroup Administrators ' & $sUser & ' /delete' & '"', "", @SW_HIDE) EndIf Next That is the names to keep, spaces should not break anything. It uses RegEx and as you can see spaces are supported. https://regex101.com/r/ty4oVN/1
antmar904 Posted July 19, 2017 Author Posted July 19, 2017 (edited) 6 minutes ago, ViciousXUSMC said: That is the names to keep, spaces should not break anything. It uses RegEx and as you can see spaces are supported. https://regex101.com/r/ty4oVN/1 Thank you however it does not look like it's showing all the groups that I want to keep. Exp: matlab_desktopadmin, pdidesktop admin, pds_plantdesign_desktop_admin Also, are the names of the groups that I want to keep case sensitive? Edited July 19, 2017 by antmar904
ViciousXUSMC Posted July 19, 2017 Posted July 19, 2017 Yes, it would be unless you add the case insensitive modifier.
antmar904 Posted July 19, 2017 Author Posted July 19, 2017 (edited) I added the case-insensitive modifier and it still does not work. For testing, I am only excluding 1 user and 2 groups. As you can see in my screenshot two groups that are not wanted are still members "naig distributions" and "pdidesktop admin". #RequireAdmin #include <Array.au3> #include <StringConstants.au3> $sKeepNames = "(pxadmin|domain admins|desktop admin)" RunWait(@ComSpec & " /c net localgroup administrators>C:\Windows\Updates\LocaAdminGroupMembers.txt", "", @SW_HIDE) Local $oGroup, $aUsers[1] = [""] $oGroup = ObjGet("WinNT://" & @ComputerName & "/Administrators,group") If IsObj($oGroup) Then For $member In $oGroup.Members _ArrayAdd($aUsers, StringRight($member.adsPath, (StringLen($member.adsPath) - 8))) Next EndIf $aUsers[0] = UBound($aUsers) - 1 _ArrayDisplay($aUsers) For $i = 1 To $aUsers[0] If Not StringRegExp($aUsers[$i], "(?i)" & $sKeepNames) Then ;<-- Added case-insensitive "(?i)" $sUser = StringTrimLeft($aUsers[$i], StringInStr($aUsers[$i], "/", 0, -1)) RunWait(@ComSpec & ' /c' & ' "' & 'net localgroup Administrators ' & $sUser & ' /delete' & '"', "", @SW_HIDE) EndIf Next Edited July 20, 2017 by antmar904
antmar904 Posted July 24, 2017 Author Posted July 24, 2017 Hi All, I'm still unable to get this working.
Developers Jos Posted July 24, 2017 Developers Posted July 24, 2017 Shouldn't this line be this to allow for spaces in names? : RunWait(@ComSpec & ' /c net localgroup Administrators "' & $sUser & '" /delete', "", @SW_HIDE) Jos SciTE4AutoIt3 Full installer Download page - Beta files Read before posting How to post scriptsource Forum etiquette Forum Rules Live for the present, Dream of the future, Learn from the past.
antmar904 Posted July 25, 2017 Author Posted July 25, 2017 Hi @Jos That worked but it's still leaving one group that we don't want "PDIDesktop Admin". #RequireAdmin #include <Array.au3> #include <StringConstants.au3> $sKeepNames = "(pxadmin|domain admins|desktop admin)" RunWait(@ComSpec & " /c net localgroup administrators>C:\Windows\Updates\LocaAdminGroupMembers.txt", "", @SW_HIDE) Local $oGroup, $aUsers[1] = [""] $oGroup = ObjGet("WinNT://" & @ComputerName & "/Administrators,group") If IsObj($oGroup) Then For $member In $oGroup.Members _ArrayAdd($aUsers, StringRight($member.adsPath, (StringLen($member.adsPath) - 8))) Next EndIf $aUsers[0] = UBound($aUsers) - 1 ;_ArrayDisplay($aUsers) For $i = 1 To $aUsers[0] If Not StringRegExp($aUsers[$i], "(?i)" & $sKeepNames) Then ;<-- Added case-insensitive "(?i)" $sUser = StringTrimLeft($aUsers[$i], StringInStr($aUsers[$i], "/", 0, -1)) ;RunWait(@ComSpec & ' /c' & ' "' & 'net localgroup Administrators ' & $sUser & ' /delete' & '"', "", @SW_HIDE) RunWait(@ComSpec & ' /c net localgroup Administrators "' & $sUser & '" /delete', "", @SW_HIDE) EndIf Next
Developers Jos Posted July 25, 2017 Developers Posted July 25, 2017 So, for debugging: what does this show in the SciTE outputpane when ran from SciTE?: #RequireAdmin #include <Array.au3> #include <StringConstants.au3> $sKeepNames = "(pxadmin|domain admins|desktop admin)" RunWait(@ComSpec & " /c net localgroup administrators>C:\Windows\Updates\LocaAdminGroupMembers.txt", "", @SW_HIDE) Local $oGroup, $aUsers[1] = [""] $oGroup = ObjGet("WinNT://" & @ComputerName & "/Administrators,group") If IsObj($oGroup) Then For $member In $oGroup.Members _ArrayAdd($aUsers, StringRight($member.adsPath, (StringLen($member.adsPath) - 8))) Next EndIf $aUsers[0] = UBound($aUsers) - 1 ;_ArrayDisplay($aUsers) For $i = 1 To $aUsers[0] If Not StringRegExp($aUsers[$i], "(?i)" & $sKeepNames) Then ;<-- Added case-insensitive "(?i)" $sUser = StringTrimLeft($aUsers[$i], StringInStr($aUsers[$i], "/", 0, -1)) RunWait(@ComSpec & ' /k net localgroup Administrators "' & $sUser & '" /delete') ConsoleWrite('@@ Debug(' & @ScriptLineNumber & ') : cmd = ' & @ComSpec & ' /k net localgroup Administrators "' & $sUser & '" /delete' & @CRLF & '>Error code: ' & @error & @CRLF) ;### Debug Console EndIf Next It should show all performed commands and leave the cmd prompt open for you to close each time so you can see any errors that might be in the CMD console. Jos SciTE4AutoIt3 Full installer Download page - Beta files Read before posting How to post scriptsource Forum etiquette Forum Rules Live for the present, Dream of the future, Learn from the past.
antmar904 Posted July 25, 2017 Author Posted July 25, 2017 I get no errors written to the console or cmd prompt windows. Here is the output from SciTE: >"C:\Program Files (x86)\AutoIt3\SciTE\..\AutoIt3.exe" "C:\Program Files (x86)\AutoIt3\SciTE\AutoIt3Wrapper\AutoIt3Wrapper.au3" /run /prod /ErrorStdOut /in "C:\Stuff\Scripts\AutoIT\RemoveAdmin\RemAdmin.au3" /UserParams +>08:31:55 Starting AutoIt3Wrapper v.17.224.935.0 SciTE v.3.7.3.0 Keyboard:00000409 OS:WIN_10/ CPU:X64 OS:X64 Environment(Language:0409) CodePage:0 utf8.auto.check:4 +> SciTEDir => C:\Program Files (x86)\AutoIt3\SciTE UserDir => C:\Users\usaaxf18\AppData\Local\AutoIt v3\SciTE\AutoIt3Wrapper SCITE_USERHOME => C:\Users\usaaxf18\AppData\Local\AutoIt v3\SciTE ! Your script requires Admin rights while SciTE is running at normal level. ! This means no Console output from the script will be displayed and SciTE will show the script as ended right away. >Running AU3Check (3.3.14.2) from:C:\Program Files (x86)\AutoIt3 input:C:\Stuff\Scripts\AutoIT\RemoveAdmin\RemAdmin.au3 +>08:31:55 AU3Check ended.rc:0 >Running:(3.3.14.2):C:\Program Files (x86)\AutoIt3\autoit3.exe "C:\Stuff\Scripts\AutoIT\RemoveAdmin\RemAdmin.au3" --> Press Ctrl+Alt+Break to Restart or Ctrl+Break to Stop +>08:31:57 AutoIt3.exe ended.rc:0 +>08:31:57 AutoIt3Wrapper Finished. >Exit code: 0 Time: 2.173
Recommended Posts
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
Register a new accountSign in
Already have an account? Sign in here.
Sign In Now