Hi Olivier,
I solved this problem with a logon script. This script puts in a shared
folder named public a .txt file with the computer name and users which are in
the local administrators group and are not domain admins or administrator:
Option Explicit
Const ForAppending = 8
Dim objGroup, strComputer, objMember, WshNetwork, objRecordSet, objFSO,
objFile, strFileName
strComputer = "."
Set WshNetwork = WScript.CreateObject("WScript.Network")
WScript.Echo "Computer Name = " & WshNetwork.ComputerName
Set objGroup = GetObject("WinNT://" & strComputer & "/Administrators,group")
For Each objMember In objGroup.Members
If objMember.Name <> "Administrator" and objMember.Name <> "Domain Admins"
Then
Set objFSO = CreateObject("Scripting.FileSystemObject")
strFileName = "C:\Public\" & WshNetwork.ComputerName & ".txt"
Set objFile = objFSO.OpenTextFile(strFileName, ForAppending, True)
objFile.WriteLine (objMember.Name)
objFile.Close
End If
Next
Hope this is what you're looking for!
"Olivier" wrote:
<span style="color:blue">
> Dear all,
>
> For an audit I need to know (for a large number a servers) what
> accounts/groups are member of the local administrator group. Is there a
> simple way to create this list (a script for example)? If so, how?
>
> Any help would be highly appreciated.
>
> O.</span>