Security Basics mailing list archives
RE: Administrators & Power Users
From: "Weir, Jason" <jason.weir () nhrs org>
Date: Tue, 24 Jul 2007 14:12:06 -0400
Here is a quick and dirty Perl script that I use to scan my machines for members of the local admins and power users group. It takes a list of computer names as input but it could be easily modified to scan by subnet. ************************************************************************ **** use Win32::NetAdmin; system ("cls"); open (MACHINEFILE, "machines.txt"); @Machines=<MACHINEFILE>; close (MACHINEFILE); open (OUTFILE, ">localadmins.csv"); print OUTFILE "Machine\,Administrators Group\,Power Users Group\n"; foreach $Machine(@Machines){ chomp $Machine; if (`ping -n 1 -l 1 $Machine` =~ /Reply/){ print OUTFILE "$Machine\,"; Win32::NetAdmin::LocalGroupGetMembers($Machine, 'Administrators', \@admins) || die "$^E\n"; foreach $user(@admins){ print OUTFILE "$user\:" unless ($user =~ /administrator|domain admins/i); } print OUTFILE "\,"; Win32::NetAdmin::LocalGroupGetMembers($Machine, 'Power Users', \@pusers) || die "$^E\n"; foreach $user(@pusers){ print OUTFILE "$user\:" unless ($user =~ /administrator|domain admins/i); } print OUTFILE "\n"; }else{ print OUTFILE "$Machine\,Down\n"; } } close OUTFILE; ************************************************************************ **** Good luck, Jason -----Original Message----- From: listbounce () securityfocus com [mailto:listbounce () securityfocus com] On Behalf Of Tinu Koshy (CISD) Sent: Monday, July 23, 2007 11:51 PM To: security-basics () securityfocus com Subject: Administrators & Power Users Greetings List, I have an environment where too many people are local administrators or power users on their PCs. I was looking at a tool which might scan the network (by subnet) to tell me the admin & power user groups on PCs. It could even be a remote registry scan tool but please let me know which registry value I must look into. Thanks & Regards, Tinu Koshy
Current thread:
- Re: Vulnerability Assessment Mondai Ji (Jul 23)
- <Possible follow-ups>
- Re: Vulnerability Assessment Colin Grady (Jul 23)
- RE: Vulnerability Assessment Gibbs, Jason (Jul 23)
- Re: Vulnerability Assessment Danux (Jul 26)
- Re: Re: Vulnerability Assessment mkburns (Jul 23)
- RE: Re: Vulnerability Assessment Gibbs, Jason (Jul 23)
- Administrators & Power Users Tinu Koshy (CISD) (Jul 24)
- RE: Administrators & Power Users Weir, Jason (Jul 24)
- Re: Administrators & Power Users Kurt Buff (Jul 24)
- RE: Re: Vulnerability Assessment Gibbs, Jason (Jul 23)
- Re: Re: Vulnerability Assessment Michael Graham (Jul 24)
- Re: Vulnerability Assessment Deepak Parashar (Jul 23)
- Re: Vulnerability Assessment jfvanmeter (Jul 24)
- Re: Vulnerability Assessment holger . reichert (Jul 26)
- Re: Vulnerability Assessment Uzair Hashmi (Jul 26)
- RE: Vulnerability Assessment tima (Jul 26)