Go Back   TechArena Community > Technical Support > Computer Help > Windows Server > Windows Server Help
is domain user a local admin? is domain user a local admin?
Become a Member!
Forgot your username/password?
Register Tags Active Topics RSS Search Mark Forums Read SiteMap

Tags:

Sponsored Links



is domain user a local admin?

Windows Server Help


Reply
 
Thread Tools Search this Thread
  #1  
Old 19-05-2008
Alexey Vorobyev
 
Posts: n/a
is domain user a local admin?
Hi!

How can I write script to realize if the current (domain or local) is a
member of local "Administrators" group?

The problem is that it can be member of Admins group indirectly:

User --> Domain Admins --> Administrators
User --> IT Staff --> WS Admins --> Administrators

Script will be run locally on client computer as a startup script

Any ideas?

Thanks


Reply With Quote
  #2  
Old 19-05-2008
Shay Levi
 
Posts: n/a
Re: is domain user a local admin?


Hi Alexey,


Try this vbscript, it recurses all group memebers of the local admin group:

-----------------
DomainUser = "DomainUserName"

Set objLocalGroup = GetObject("WinNT://./Administrators,group")

ProcessGroup objLocalGroup

Sub ProcessGroup(objGroup)

For Each objMember In objGroup.Members

If (LCase(objMember.Class) = "group") Then
Call ProcessGroup(objMember)
End If


if objMember.Name = DomainUser then
wscript.echo objMember.Name & " is local admin"
wscript.quit
end if
Next

End Sub

------------------


You can also use NET.exe:

net localgroup Administrators | find /i "Domain\UserName"


---
Shay Levi
$cript Fanatic
http://scriptolog.blogspot.com

> Hi!
>
> How can I write script to realize if the current (domain or local) is
> a member of local "Administrators" group?
>
> The problem is that it can be member of Admins group indirectly:
>
> User --> Domain Admins --> Administrators
> User --> IT Staff --> WS Admins --> Administrators
> Script will be run locally on client computer as a startup script
>
> Any ideas?
>
> Thanks
>


Reply With Quote
  #3  
Old 19-05-2008
Richard Mueller [MVP]
 
Posts: n/a
Re: is domain user a local admin?
Alexey Vorobyev wrote:

>
> How can I write script to realize if the current (domain or local) is a
> member of local "Administrators" group?
>
> The problem is that it can be member of Admins group indirectly:
>
> User --> Domain Admins --> Administrators
> User --> IT Staff --> WS Admins --> Administrators
>
> Script will be run locally on client computer as a startup script
>
> Any ideas?

I have an example VBScript program to check if a user is a member of any
local group, like administrators. Besides nested local groups, the program
also checks for nested domain groups. This requires switching from the WinNT
provider to the LDAP provider.

http://www.rlmueller.net/IsMember9.htm

--
Richard Mueller
MVP Directory Services
Hilltop Lab - http://www.rlmueller.net
--


Reply With Quote
Reply

  TechArena Community > Technical Support > Computer Help > Windows Server > Windows Server Help

« Vista srv: nonpaged pool    RDC - because of an error in data encryption, this session will en »

Thread Tools Search this Thread
Search this Thread:

Advanced Search


Similar Threads for: "is domain user a local admin?"
Thread Thread Starter Forum Replies Last Post
How to make a VPN domain user permanent local admin Hassing Operating Systems 2 05-05-2010 06:40 PM
Add domain user\group to local admin group problem DangerMaus Active Directory 12 16-10-2009 10:30 PM
Verifying a user is a domain admin (with a renamed Domain Admin group) Lance Active Directory 7 05-11-2008 08:18 PM
Domain Admin vs Local Admin Chad M Window 2000 Help 9 12-07-2008 11:32 AM
Making a user Local Admin on domain computers Niklas Ramstedt Windows Server Help 1 29-04-2008 03:41 PM


All times are GMT +5.5. The time now is 07:31 PM.

Contact Us - TechArena - Privacy Statement -