Re: Finding users in local admin groups
From: Sue Mc (sue_mcelvana@hotmail.com)
Date: 02/20/03
- Next message: Daniel Billingsley: "Re: Possible Intruder - Help urgently needed"
- Previous message: Daniel Billingsley: "Re: Network Hacking"
- In reply to: Torgeir Bakken (MVP): "Re: Finding users in local admin groups"
- Next in thread: Torgeir Bakken (MVP): "Re: Finding users in local admin groups"
- Reply: Torgeir Bakken (MVP): "Re: Finding users in local admin groups"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
From: "Sue Mc" <sue_mcelvana@hotmail.com> Date: Thu, 20 Feb 2003 10:26:56 -0800
One of my associates suggested that I marry you, but I'm sending my
wholehearted gratitude instead. Thank you so much. There had to be a good
deal of work involved in that. Thanks again. We'll try it out tonight.
Sue
"Torgeir Bakken (MVP)" <Torgeir.Bakken-spam@hydro.com> wrote in message
news:3E5300C4.C7F8C815@hydro.com...
> Sue Mc wrote:
>
> > We have someone in IT (a large IT dept) who would rather stick a user
into
> > the local administrator's group than go to the workstations to install
> > requested software. The only means I know of to locate these machines is
to
> > remotely access them one at a time, check the access, and then put the
user
> > back into the power users group where he belongs. We have well over 500
> > Win2K workstations, and this has become an overwhelming monthly task for
> > which I am responsible. I've been looking for something that would allow
me
> > to run a report, or set up a script that would automate this task for
me. I
> > have found nothing that allows me to query more than one machine at a
time.
> > I can't believe that no one else suffers from this problem! Any
suggestions
> > would be greatly appreciated.
>
> Hi
>
> Here is a vbscript that you can run against a remote computer that moves
*all*
> *local* users except 'Administrator) from the Administrators group to the
Power
> Users group. You should also add to the script logging to a file of the
users
> you moved on what computers.
>
> The version below does not connect to the remote computer with explicit
> credentials (it could be changed to do that) so the user that runs this
script
> need to be a domain user that indirectly (through a group membership where
the
> group is member of the remote Administrators group) or directly needs to
have
> administrator privileges on the remote computer.
>
> Also note that I have not fully tested the complete script at bottom, I
made
> the script now from some bits and pieces (all parts are tested separately,
but
> not as a whole).
>
>
> ' computer name or ip address
> sNode = "some computer name"
>
> ' suppress errors
> On Error Resume Next
>
> ' group name to add user to
> Set oGroupPwr = GetObject("WinNT://" & sNode & "/Power Users")
>
> ' group name to remove user from
> Set oGroupAdm = GetObject("WinNT://" & sNode & "/Administrators")
>
> ' loop through all member of the Administrators group
> For Each oAdmGrpUser In oGroupAdm.Members
>
> ' get the name and make it lowercase
> sAdmGrpUser = LCase(oAdmGrpUser.Name)
>
> ' no point in handling Administrator and Domain Admins
> ' use lowercase letters in the names in the If test!
> If (sAdmGrpUser <> "administrator") And _
> (sAdmGrpUser <> "domain admins") Then
>
> ' try to connect to user object to see if account is a local user
> Set oUser = GetObject("WinNT://" & sNode & "/" _
> & oAdmGrpUser.Name & ",user")
>
> If Err.Number = 0 Then
> ' user is local!
>
> ' add user to Power Users group
> oGroupPwr.Add oUser.ADsPath
>
> ' remove user from Administrators group
> oGroupAdm.Remove oUser.ADsPath
> End If
> Err.Clear
> End if
> Next
>
>
>
> To handle all the computers in the domain, put the script above in a loop
that
> loops through all computers. You should ping the computers as part of the
loop
> to see if the computer is connectible to reduce script running time (see
script
> "Remote Installation of WMI on NT 4" in the link below for how to do this
ping
> test + the complete script below).
>
>
> There are several methods to create this loop. You can have all the
computer
> names in an existing file, see here for a script that exemplifies this:
>
> Remote Installation of WMI on NT 4
> http://dev.remotenetworktechnology.com/wsh/tb/remoteinstallwmi.htm
>
>
> Here is a script that gets all the computers from the domain from the
domain
> itself. Note that it will list *all* computers, also domain controllers
and
> member servers:
>
>
> Run it in a command prompt (cmd.exe), like this
>
> cscript.exe "c:\some path\some file.vbs"
>
>
> sDomain = "some domain name"
> Set oDomain = GetObject("WinNT://" & sDomain )
> oDomain.Filter = Array("computer")
>
> For Each oComputer In oDomain
> sNode = oComputer.Name
> Wscript.Echo sNode
> Next
>
>
> If you want to redirect the list to a file:
>
> cscript.exe //NoLogo "c:\some path\some file.vbs" >c:\computers.txt
>
>
>
> Here is a complete script that uses the latter method to get all
computers, and
> pings the computers first as well:
>
>
> sDomain = "some domain name"
>
> Set oDomain = GetObject("WinNT://" & sDomain )
> oDomain.Filter = Array("computer")
>
> For Each oComputer In oDomain
> sNode = oComputer.Name
>
> ' check if computer is online
> If IsConnectible(sNode, 1, 750) Then
>
> ' suppress errors
> On Error Resume Next
>
> ' group name to add user to
> Set oGroupPwr = GetObject("WinNT://" & sNode & "/Power Users")
>
> ' group name to remove user from
> Set oGroupAdm = GetObject("WinNT://" & sNode & "/Administrators")
>
> ' loop through all member of the Administrators group
> For Each oAdmGrpUser In oGroupAdm.Members
>
> ' get the name and make it lowercase
> sAdmGrpUser = LCase(oAdmGrpUser.Name)
>
> ' no point in handling Administrator and Domain Admins
> ' use lowercase letters in the names in the If test!
> If (sAdmGrpUser <> "administrator") And _
> (sAdmGrpUser <> "domain admins") Then
>
> ' try to connect to user object to see if account is a local user
> Set oUser = GetObject("WinNT://" & sNode & "/" _
> & oAdmGrpUser.Name & ",user")
> If Err.Number = 0 Then
> ' user is local!
>
> ' add user to Power Users group
> oGroupPwr.Add oUser.ADsPath
>
> ' remove user from Administrators group
> oGroupAdm.Remove oUser.ADsPath
> End If
> Err.Clear
> End if
> Next
> End If
> Next
>
>
> Function IsConnectible(sHost, iPings, iTO)
> ' Returns True or False based on the output from ping.exe
> '
> ' Author: Alex Angelopoulos/Torgeir Bakken
> ' Works an "all" WSH versions
> ' sHost is a hostname or IP
>
> ' iPings is number of ping attempts
> ' iTO is timeout in milliseconds
> ' if values are set to "", then defaults below used
>
> If iPings = "" Then iPings = 2
> If iTO = "" Then iTO = 750
>
> Const OpenAsDefault = -2
> Const FailIfNotExist = 0
> Const ForReading = 1
>
> Set oShell = CreateObject("WScript.Shell")
> Set oFSO = CreateObject("Scripting.FileSystemObject")
> sTemp = oShell.ExpandEnvironmentStrings("%TEMP%")
> sTempFile = sTemp & "\runresult.tmp"
>
> oShell.Run "%comspec% /c ping -n " & iPings & " -w " & iTO _
> & " " & sHost & ">" & sTempFile, 0 , True
>
> Set fFile = oFSO.OpenTextFile(sTempFile, ForReading, _
> FailIfNotExist, OpenAsDefault)
>
> sResults = fFile.ReadAll
> fFile.Close
> oFSO.DeleteFile(sTempFile)
>
> Select Case InStr(sResults,"TTL=")
> Case 0 IsConnectible = False
> Case Else IsConnectible = True
> End Select
> End Function
>
>
> --
> torgeir
> Microsoft MVP Scripting and WMI, Porsgrunn Norway
> Administration scripting examples and a ONLINE version of the 1328 page
> Scripting Guide: http://www.microsoft.com/technet/scriptcenter
>
>
-----= Posted via Newsfeeds.Com, Uncensored Usenet News =-----
http://www.newsfeeds.com - The #1 Newsgroup Service in the World!
-----== Over 80,000 Newsgroups - 16 Different Servers! =-----
- Next message: Daniel Billingsley: "Re: Possible Intruder - Help urgently needed"
- Previous message: Daniel Billingsley: "Re: Network Hacking"
- In reply to: Torgeir Bakken (MVP): "Re: Finding users in local admin groups"
- Next in thread: Torgeir Bakken (MVP): "Re: Finding users in local admin groups"
- Reply: Torgeir Bakken (MVP): "Re: Finding users in local admin groups"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
|
