RE: Local Administrators

["Simon and Sara Zuckerbraun" <szucker () rcn com>]

John,

I believe you can use something along these lines, as a vbs file (run from
the command line using cscript):

dim oGroup
dim oMembers
dim oMember
dim server

server = "NameOfTargetMachine"

set oGroup = GetObject("WinNT://" + server + "/Administrators")

set oMembers = oGroup.Members

for each oMember in oMembers
        WScript.StdOut.Write oMember.AdsPath + VbCRLF
Next


The variable "server" must contain the name of the machine you're querying.
However, whether or not you can actually run such a script remotely from
another machine against another will depend on the particulars of your
network, so you may still need to push this script out onto each machine
you're querying. If this is what you wind up doing, which is likely, you can
have the script automatically determine the name of the computer it's
running on:

server = WScript.CreateObject("WScript.Network").ComputerName


Simon

-----Original Message-----
From: Van Meter, John [mailto:John.VanMeter () ost dot gov] 
Sent: Tuesday, December 30, 2003 4:47 AM
To: security-basics () securityfocus com
Subject: Local Administrators

Is there an easy way to find out what users are in the local admin group?
The workstations are Win2k Pro SP4, I was thinking about using adduser from
the resource kit, but it takes several lines of code to do it that way. 

Thank You
John van Meter


---------------------------------------------------------------------------
----------------------------------------------------------------------------




---------------------------------------------------------------------------
----------------------------------------------------------------------------