Solved

How to query the local account's group name in VBScript?

Posted on 2007-12-04
10
2,589 Views
Last Modified: 2008-02-01
Hi,

I have this script attached as below, it queries the local accounts on the computer. But how do you find out what group the account belongs to, using the script? For an example, the local account "MyPC1\Administrator" is a member of the "Administrators" group. This script doesn't tell the group information. So, can anyone help?

thanks a lot in advance.
On Error Resume Next
 
strComputer = "."
Set objWMIService = GetObject("winmgmts:" _
    & "{impersonationLevel=impersonate}!\\" & strComputer & "\root\cimv2")
 
Set colItems = objWMIService.ExecQuery _
    ("Select * from Win32_UserAccount Where LocalAccount = True")
 
For Each objItem in colItems
    Wscript.Echo "Account Type: " & objItem.AccountType
    Wscript.Echo "Caption: " & objItem.Caption
    Wscript.Echo "Description: " & objItem.Description
    Wscript.Echo "Disabled: " & objItem.Disabled
    Wscript.Echo "Domain: " & objItem.Domain
    Wscript.Echo "Full Name: " & objItem.FullName
    Wscript.Echo "Local Account: " & objItem.LocalAccount
    Wscript.Echo "Lockout: " & objItem.Lockout
    Wscript.Echo "Name: " & objItem.Name
    Wscript.Echo "Password Changeable: " & objItem.PasswordChangeable
    Wscript.Echo "Password Expires: " & objItem.PasswordExpires
    Wscript.Echo "Password Required: " & objItem.PasswordRequired
    Wscript.Echo "SID: " & objItem.SID
    Wscript.Echo "SID Type: " & objItem.SIDType
    Wscript.Echo "Status: " & objItem.Status
    Wscript.Echo
Next

Open in new window

0
Comment
Question by:CRIIT
  • 6
  • 3
10 Comments
 
LVL 9

Expert Comment

by:asawatzki
ID: 20407099
Give this code a shot
On Error Resume Next
 
Const wbemFlagReturnImmediately = &h10
Const wbemFlagForwardOnly = &h20
dim BuildGroup
 
 
'On Error Resume Next
 
strComputer = "."
Set objWMIService = GetObject("winmgmts:" _
    & "{impersonationLevel=impersonate}!\\" & strComputer & "\root\cimv2")
 
Set colItems = objWMIService.ExecQuery _
    ("Select * from Win32_UserAccount Where LocalAccount = True")
 
For Each objItem in colItems
    Wscript.Echo "Account Type: " & objItem.AccountType
    Wscript.Echo "Caption: " & objItem.Caption
    Wscript.Echo "Description: " & objItem.Description
    Wscript.Echo "Disabled: " & objItem.Disabled
    Wscript.Echo "Domain: " & objItem.Domain
    Wscript.Echo "Full Name: " & objItem.FullName
    Wscript.Echo "Local Account: " & objItem.LocalAccount
    Wscript.Echo "Lockout: " & objItem.Lockout
    Wscript.Echo "Name: " & objItem.Name
    Wscript.Echo "Password Changeable: " & objItem.PasswordChangeable
    Wscript.Echo "Password Expires: " & objItem.PasswordExpires
    Wscript.Echo "Password Required: " & objItem.PasswordRequired
    Wscript.Echo "SID: " & objItem.SID
    Wscript.Echo "SID Type: " & objItem.SIDType
    Wscript.Echo "Status: " & objItem.Status
    Groups objItem.Name
    Wscript.Echo BuildGroup
    Wscript.Echo
Next
 
 
Sub Groups(strUsername)
 
   Set objWMIService2 = GetObject("winmgmts:\\" & strComputer & "\root\CIMV2")
   Set colItems2 = objWMIService.ExecQuery("SELECT * FROM Win32_Group Where LocalAccount = True", "WQL", _
                                          wbemFlagReturnImmediately + wbemFlagForwardOnly)
   For Each objItem2 In colItems2
       GroupMembership strUsername, objItem2.name
     
   Next
 
End Sub
 
Sub GroupMembership(strUsername, strGroup)
  Set objGroup = GetObject("WinNT://" & strComputer & "/" & strGroup)
  For Each objUser in objGroup.Members
    If objUser.Name = strUsername Then
        BuildGroup =  BuildGroup & "Member of Group: " & strGroup & vbcrlf 
    End If
Next
 
End Sub
 
Function WMIDateStringToDate(dtmDate)
WScript.Echo dtm: 
	WMIDateStringToDate = CDate(Mid(dtmDate, 5, 2) & "/" & _
	Mid(dtmDate, 7, 2) & "/" & Left(dtmDate, 4) _
	& " " & Mid (dtmDate, 9, 2) & ":" & Mid(dtmDate, 11, 2) & ":" & Mid(dtmDate,13, 2))
End Function

Open in new window

0
 

Author Comment

by:CRIIT
ID: 20408267
i will try tomorrow, and let u know, thanks
0
 
LVL 4

Expert Comment

by:MeCanHelp
ID: 20414938
On Error Resume Next

Const E_ADS_PROPERTY_NOT_FOUND  = &h8000500D

Set objOU = GetObject _
    ("LDAP://cn=Users,dc=NA,dc=fabrikam,dc=com")
 
ObjOU.Filter= Array("user")
 
For Each objUser in objOU
    WScript.Echo objUser.cn & " is a member of: " 
    WScript.Echo vbTab & "Primary Group ID: " & _
        objUser.Get("primaryGroupID")
 
    arrMemberOf = objUser.GetEx("memberOf")
 
    If Err.Number <>  E_ADS_PROPERTY_NOT_FOUND Then
        For Each Group in arrMemberOf
            WScript.Echo vbTab & Group
        Next
    Else
        WScript.Echo vbTab & "memberOf attribute is not set"
        Err.Clear
    End If
    Wscript.Echo
Next
      
0
The New “Normal” in Modern Enterprise Operations

DevOps for the modern enterprise offers many benefits — increased agility, productivity, and more, but digital transformation isn’t easy, especially if you’re not addressing the right issues. Register for the webinar to dive into the “new normal” for enterprise modern ops.

 

Author Comment

by:CRIIT
ID: 20420686
Hi MeCanHelp, I was looking to query the local account, not the domain account. thanks
0
 

Author Comment

by:CRIIT
ID: 20420698
Hi asawatzki:

I tried your script. It runs without any error. but it displays all the group names from the local computer, but didn't display the particular group that one account belongs to. any idea? thanks
0
 

Author Comment

by:CRIIT
ID: 20420744
also, what is that "Function WMIDateStringToDate(dtmDate)" for? thanks
0
 
LVL 9

Expert Comment

by:asawatzki
ID: 20420770
You can toss that Function.  It converts WMI dates to string format.  Not being used in this script.  The account in question, is it a local user?  Also is the group that you are looking to see the user in, is it a local group?

Thanks
0
 

Author Comment

by:CRIIT
ID: 20420821
yeah, i am trying to query the local accounts to see what local groups each account belongs to. For an example:

My computer name: PC1
One of the local accounts: test1
test1 belongs to "Backup Operators" and this is the only group that test1 belongs.

but when i run your script, it displays all the group names

any comment? thanks
0
 
LVL 9

Accepted Solution

by:
asawatzki earned 500 total points
ID: 20420898
I see what happened.  Forgot to clear the BuildGroup variable between users.  Try this:
On Error Resume Next
 
Const wbemFlagReturnImmediately = &h10
Const wbemFlagForwardOnly = &h20
dim BuildGroup
 
 
'On Error Resume Next
 
strComputer = "."
Set objWMIService = GetObject("winmgmts:" _
    & "{impersonationLevel=impersonate}!\\" & strComputer & "\root\cimv2")
 
Set colItems = objWMIService.ExecQuery _
    ("Select * from Win32_UserAccount Where LocalAccount = True")
 
For Each objItem in colItems
    Wscript.Echo "Account Type: " & objItem.AccountType
    Wscript.Echo "Caption: " & objItem.Caption
    Wscript.Echo "Description: " & objItem.Description
    Wscript.Echo "Disabled: " & objItem.Disabled
    Wscript.Echo "Domain: " & objItem.Domain
    Wscript.Echo "Full Name: " & objItem.FullName
    Wscript.Echo "Local Account: " & objItem.LocalAccount
    Wscript.Echo "Lockout: " & objItem.Lockout
    Wscript.Echo "Name: " & objItem.Name
    Wscript.Echo "Password Changeable: " & objItem.PasswordChangeable
    Wscript.Echo "Password Expires: " & objItem.PasswordExpires
    Wscript.Echo "Password Required: " & objItem.PasswordRequired
    Wscript.Echo "SID: " & objItem.SID
    Wscript.Echo "SID Type: " & objItem.SIDType
    Wscript.Echo "Status: " & objItem.Status
    BuildGroup = ""
    Groups objItem.Name
    Wscript.Echo BuildGroup
    Wscript.Echo
Next
 
 
Sub Groups(strUsername)
 
   Set objWMIService2 = GetObject("winmgmts:\\" & strComputer & "\root\CIMV2")
   Set colItems2 = objWMIService.ExecQuery("SELECT * FROM Win32_Group Where LocalAccount = True", "WQL", _
                                          wbemFlagReturnImmediately + wbemFlagForwardOnly)
   For Each objItem2 In colItems2
       GroupMembership strUsername, objItem2.name
     
   Next
 
End Sub
 
Sub GroupMembership(strUsername, strGroup)
  Set objGroup = GetObject("WinNT://" & strComputer & "/" & strGroup)
  For Each objUser in objGroup.Members
    If objUser.Name = strUsername Then
        BuildGroup =  BuildGroup & "Member of Group: " & strGroup & vbcrlf 
    End If
Next
 
End Sub

Open in new window

0
 

Author Comment

by:CRIIT
ID: 20420968
great, it works, thanks a lot
0

Featured Post

Free Tool: Path Explorer

An intuitive utility to help find the CSS path to UI elements on a webpage. These paths are used frequently in a variety of front-end development and QA automation tasks.

One of a set of tools we're offering as a way of saying thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

It is a general practice to get rid of old user profiles on a computer  in a LAN environment. As I have been working with a company in a LAN environment where users move from one place to some other place at times. This will make many user profil…
Enums (shorthand for ‘enumerations’) are not often used by programmers but they can be quite valuable when they are.  What are they? An Enum is just a type of variable like a string or an Integer, but in this case one that you create that contains…
Learn the basics of while and for loops in Python.  while loops are used for testing while, or until, a condition is met: The structure of a while loop is as follows:     while <condition>:         do something         repeate: The break statement m…
In this seventh video of the Xpdf series, we discuss and demonstrate the PDFfonts utility, which lists all the fonts used in a PDF file. It does this via a command line interface, making it suitable for use in programs, scripts, batch files — any pl…

856 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question