Helpful script - Find users who are local admins

[telemorgan]

I have written this script to report all users that are local administrators on there machines. It tremendously helped us here at work and wanted to pass it on for others to try. I am by no means a scripting genious here so if you find something wrong or that could be improved, please let me know. I am always willing to learn.

We use Script Logic as the vechile to run this script on all machines on the network. It is set to only run once per machine.

************* BEGIN SCRIPT *********************
'*********** GET USERNAME ***************
const HKEY_LOCAL_MACHINE = &H80000002
strComputer = "."

Set oReg=GetObject("winmgmts:{impersonationLevel=impersonate}!\\" &_
strComputer & "\root\default:StdRegProv")

strKeyPath = "SOFTWARE\Microsoft\Windows NT\CurrentVersion\WinLogon"
strUserValueKey = "DefaultUserName"

oReg.GetExpandedStringValue HKEY_LOCAL_MACHINE,strKeyPath,_
strUserValueKey,UserID

'*********** GET LOCAL ADMIN MEMBERS ***************
Set oFSO = CreateObject("Scripting.FileSystemObject")

Set oWshNet = CreateObject("WScript.Network")
sComputer = oWshNet.ComputerName

Set oAdminGroup = GetObject("WinNT://" & sComputer & "/Administrators")

'*********** COMPARE OUTPUTS ***************
For Each oAdminUser in oAdminGroup.Members
AdminID = oAdminUser.Name

'CONVERT vars to lowercase
L_AdminID = LCase(AdminID)
L_UserID = LCase(UserID)
IF L_AdminID = L_UserID Then
Set fs = CreateObject("Scripting.FileSystemObject")
Set file = fs.OpenTextFile("\\<server>\<share>\localadmins.csv", 8, True)
file.Write L_UserID & "," & L_AdminID & vbCrLf
file.close
End If

Next
*********** END SCRIPT ****************

 

[markdmac]

You have a lot of unneeded code. Give this a try instead:

'==========================================================================
'
' NAME: EnumLocalAdmins.vbs
'
' AUTHOR: Mark D. MacLachlan , The Spider's Parlor
' URL: [URL unfurl="true"]http://www.TheSpidersParlor.com[/URL]
' COPYWRITE (c) 2006 All Rights Reserved
' DATE  : 4/5/2006
'
' COMMENT: Enumerates local admin IDs and writes to file.
'==========================================================================

Set oFSO = CreateObject("Scripting.FileSystemObject")
Set WSHNetwork = CreateObject("WScript.Network")
strComputer = WSHNetwork.ComputerName

Set oAdminGroup = GetObject("WinNT://" & strComputer & "/Administrators")

Report = strComputer & " Local Adminstrators" & vbCrLf

   For Each oAdminUser in oAdminGroup.Members
    Report = Report & vbTab & Lcase(oAdminUser.Name) & vbCrLf
   Next

Set file = fs.OpenTextFile("\\<server>\<share>\localadmins.csv", 8, True)
file.Write Report
file.close
WScript.Echo "Done"

I hope you find this post helpful.

Regards,

Mark

 

[ummyeah]

I get an error: Object Required: 'fs'

Line 25 Char 1

forgive me cuz I am a scripting idiot, however this script would be a great help.


Thanks,

Mo

 

[PHV]

Simply repleca fs. with oFSO.

Hope This Helps, PH.
Want to get great answers to your Tek-Tips questions? Have a look at FAQ219-2884 or FAQ181-2886

 

[markdmac]

Yup, thanks PHV, sorry about the typo ummyeah.

I hope you find this post helpful.

Regards,

Mark

 

[telemorgan]

Thanks Mark. Yea I figured there was some unneeded code stuck in there somewhere. That is the problem, I just know enough about scripting to be dangerous. Not enough to be efficent.

Your script worked fine after making the oFSO adjustement but there was no comparison. It just output the list of the local admin members to a .csv file. It didn't do a compare to see if the logged in user had local admin rights.

 

[markdmac]

I have written this script to report all users that are local administrators on there machines.

I was wondering why you were bothering with comparrison when the above did nto mention that as a requirement.

So, I take it you are running this script during the day then and not after hours.

Anyway, this version will do what you ask.

'==========================================================================
'
' NAME: EnumLocalAdminscheckCurrent.vbs
'
' AUTHOR: Mark D. MacLachlan , The Spider's Parlor
' URL: [URL unfurl="true"]http://www.TheSpidersParlor.com[/URL]
' COPYWRITE (c) 2006 All Rights Reserved
' DATE  : 4/5/2006
'
' COMMENT: Enumerates local admin IDs and writes to file.
'==========================================================================
On Error Resume Next

Set oFSO = CreateObject("Scripting.FileSystemObject")
Set WSHNetwork = CreateObject("WScript.Network")
strComputer = WSHNetwork.ComputerName

'Find the current user session
Set objWMIService = GetObject("winmgmts:\\" & strComputer & "\root\cimv2")
Set colItems = objWMIService.ExecQuery("Select * from Win32_ComputerSystem",,48)
For Each objItem in colItems
    CurrentUser = lcase(objItem.UserName)
Next


Set oAdminGroup = GetObject("WinNT://" & strComputer & "/Administrators")

Report = strComputer & " Local Adminstrators" & vbCrLf

   For Each oAdminUser in oAdminGroup.Members
    If Lcase(oAdminUser.Name) = CurrentUser Then
    	Report = Report & vbTab & Lcase(oAdminUser.Name) & " is currently logged in with admin rights! " & vbCrLf
    Else
    	Report = Report & vbTab & Lcase(oAdminUser.Name) & vbCrLf
    End If
   Next

Set file = oFSO.OpenTextFile("\\<server>\<share>\localadmins.csv", 8, True)
file.Write Report
file.close
WScript.Echo "Done"

I hope you find this post helpful.

Regards,

Mark