Farhan Kazi: Search Specific User or a Group inside Local Administrators Group of Domain Computers

Following script will search for specific user or a group inside local administrators group of domain computers.

You only have to set 'ObjectName' variable inside a script to the username of a group name.

@ECHO OFF
SET ObjectName=Domain Users

SET Counter=0
SET OutputFile=GroupInfo.txt
FOR /F "delims=\\ " %%c IN ('NET VIEW ^|FIND "\\"') DO (
    PING -n 1 -l 10 -w 100 %%c |FIND /I "TTL" >NUL
    IF NOT ERRORLEVEL 1 (
        ECHO Processing: %%c
        WMIC /NODE:"%%c" PATH Win32_GroupUser WHERE ^(GroupComponent="win32_group.name=\"Administrators\",Domain=\"%%c\""^) GET PartComponent |FIND /I "%ObjectName%" >NUL
        IF NOT ERRORLEVEL 1 (
            SET /A Counter+=1
            ECHO =============================>>"%OutputFile%"
            ECHO Machine: %%c >>"%OutputFile%"
            ECHO =============================>>"%OutputFile%"
            ECHO Date: %DATE% Time: %TIME% >>"%OutputFile%"
            ECHO Administrators group members:>>"%OutputFile%"
            WMIC /OUTPUT:TmpResult.txt /NODE:"%%c" PATH Win32_GroupUser WHERE ^(GroupComponent="win32_group.name=\"Administrators\",Domain=\"%%c\""^) GET PartComponent /FORMAT:CSV
            FOR /F "Tokens=5 Delims==," %%u IN ('TYPE TmpResult.txt') DO ECHO %%~u >>"%OutputFile%"
            ECHO. >>"%OutputFile%"
            ECHO ALERT: '%ObjectName%' exists in Administrators group of %%c computer.)))

IF EXIST TmpResult.txt DEL /F /Q TmpResult.txt
IF %Counter% GTR 0 (
    ECHO. &ECHO SUMMARY: Found %Counter% machine^(s^) having '%ObjectName%' in Administrators Group.
    ECHO For more info check '%OutputFile%' file on %CD%) ELSE (
    ECHO. &ECHO SUMMARY: No machine found having '%ObjectName%' in Administrators Group.)

:ExitScript
ECHO.
PAUSE

Farhan Kazi

Thursday, September 24, 2009

Search Specific User or a Group inside Local Administrators Group of Domain Computers

No comments:

Post a Comment

Blog Archive

.