Who on your network is a Local Admin?

This way you get text files (on a network location) for users and computers and is easy to find what you are after.

The code is below:

1 echo *** Checking Admin rights of PC and User ***
2 net localgroup administrators | find "\" | find /v "Domain Admins" > \\server\share\admins\PC\%COMPUTERNAME%.txt
3 for /F "tokens=1,2 delims=\" %%i in (\\server\share\admins\PC\%COMPUTERNAME%.txt) do if not "%%j"=="" echo %DATE% -- %COMPUTERNAME% >> \\server\share\admins\USER\%%j.TXT

Now all you have to do is a startup script in a group policy, and away it goes.

-Make sure the location \\server\share\admins has read and write access by all users.
-Make sure you apply the startup script to the computers OU (or the domain if you want to include all machines) and assign it to “Authenticated Users” so that it can apply to all authenticated computer accounts.
-Assign only to PC computer OU’s to exclude all servers and only apply to client PC’s.







Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )


Connecting to %s

%d bloggers like this: