Solved

How to query the local account's group name in VBScript?

Posted on 2007-12-04
10
2,570 Views
Last Modified: 2008-02-01
Hi,

I have this script attached as below, it queries the local accounts on the computer. But how do you find out what group the account belongs to, using the script? For an example, the local account "MyPC1\Administrator" is a member of the "Administrators" group. This script doesn't tell the group information. So, can anyone help?

thanks a lot in advance.
On Error Resume Next
 

strComputer = "."

Set objWMIService = GetObject("winmgmts:" _

    & "{impersonationLevel=impersonate}!\\" & strComputer & "\root\cimv2")
 

Set colItems = objWMIService.ExecQuery _

    ("Select * from Win32_UserAccount Where LocalAccount = True")
 

For Each objItem in colItems

    Wscript.Echo "Account Type: " & objItem.AccountType

    Wscript.Echo "Caption: " & objItem.Caption

    Wscript.Echo "Description: " & objItem.Description

    Wscript.Echo "Disabled: " & objItem.Disabled

    Wscript.Echo "Domain: " & objItem.Domain

    Wscript.Echo "Full Name: " & objItem.FullName

    Wscript.Echo "Local Account: " & objItem.LocalAccount

    Wscript.Echo "Lockout: " & objItem.Lockout

    Wscript.Echo "Name: " & objItem.Name

    Wscript.Echo "Password Changeable: " & objItem.PasswordChangeable

    Wscript.Echo "Password Expires: " & objItem.PasswordExpires

    Wscript.Echo "Password Required: " & objItem.PasswordRequired

    Wscript.Echo "SID: " & objItem.SID

    Wscript.Echo "SID Type: " & objItem.SIDType

    Wscript.Echo "Status: " & objItem.Status

    Wscript.Echo

Next

Open in new window

0
Comment
Question by:CRIIT
  • 6
  • 3
10 Comments
 
LVL 9

Expert Comment

by:asawatzki
Comment Utility
Give this code a shot
On Error Resume Next
 

Const wbemFlagReturnImmediately = &h10

Const wbemFlagForwardOnly = &h20

dim BuildGroup
 
 

'On Error Resume Next

 

strComputer = "."

Set objWMIService = GetObject("winmgmts:" _

    & "{impersonationLevel=impersonate}!\\" & strComputer & "\root\cimv2")

 

Set colItems = objWMIService.ExecQuery _

    ("Select * from Win32_UserAccount Where LocalAccount = True")

 

For Each objItem in colItems

    Wscript.Echo "Account Type: " & objItem.AccountType

    Wscript.Echo "Caption: " & objItem.Caption

    Wscript.Echo "Description: " & objItem.Description

    Wscript.Echo "Disabled: " & objItem.Disabled

    Wscript.Echo "Domain: " & objItem.Domain

    Wscript.Echo "Full Name: " & objItem.FullName

    Wscript.Echo "Local Account: " & objItem.LocalAccount

    Wscript.Echo "Lockout: " & objItem.Lockout

    Wscript.Echo "Name: " & objItem.Name

    Wscript.Echo "Password Changeable: " & objItem.PasswordChangeable

    Wscript.Echo "Password Expires: " & objItem.PasswordExpires

    Wscript.Echo "Password Required: " & objItem.PasswordRequired

    Wscript.Echo "SID: " & objItem.SID

    Wscript.Echo "SID Type: " & objItem.SIDType

    Wscript.Echo "Status: " & objItem.Status

    Groups objItem.Name

    Wscript.Echo BuildGroup

    Wscript.Echo

Next
 
 

Sub Groups(strUsername)
 

   Set objWMIService2 = GetObject("winmgmts:\\" & strComputer & "\root\CIMV2")

   Set colItems2 = objWMIService.ExecQuery("SELECT * FROM Win32_Group Where LocalAccount = True", "WQL", _

                                          wbemFlagReturnImmediately + wbemFlagForwardOnly)

   For Each objItem2 In colItems2

       GroupMembership strUsername, objItem2.name

     

   Next
 

End Sub
 

Sub GroupMembership(strUsername, strGroup)

  Set objGroup = GetObject("WinNT://" & strComputer & "/" & strGroup)

  For Each objUser in objGroup.Members

    If objUser.Name = strUsername Then

        BuildGroup =  BuildGroup & "Member of Group: " & strGroup & vbcrlf 

    End If

Next
 

End Sub
 

Function WMIDateStringToDate(dtmDate)

WScript.Echo dtm: 

	WMIDateStringToDate = CDate(Mid(dtmDate, 5, 2) & "/" & _

	Mid(dtmDate, 7, 2) & "/" & Left(dtmDate, 4) _

	& " " & Mid (dtmDate, 9, 2) & ":" & Mid(dtmDate, 11, 2) & ":" & Mid(dtmDate,13, 2))

End Function

Open in new window

0
 

Author Comment

by:CRIIT
Comment Utility
i will try tomorrow, and let u know, thanks
0
 
LVL 4

Expert Comment

by:MeCanHelp
Comment Utility
On Error Resume Next

Const E_ADS_PROPERTY_NOT_FOUND  = &h8000500D

Set objOU = GetObject _
    ("LDAP://cn=Users,dc=NA,dc=fabrikam,dc=com")
 
ObjOU.Filter= Array("user")
 
For Each objUser in objOU
    WScript.Echo objUser.cn & " is a member of: "
    WScript.Echo vbTab & "Primary Group ID: " & _
        objUser.Get("primaryGroupID")
 
    arrMemberOf = objUser.GetEx("memberOf")
 
    If Err.Number <>  E_ADS_PROPERTY_NOT_FOUND Then
        For Each Group in arrMemberOf
            WScript.Echo vbTab & Group
        Next
    Else
        WScript.Echo vbTab & "memberOf attribute is not set"
        Err.Clear
    End If
    Wscript.Echo
Next
      
0
 

Author Comment

by:CRIIT
Comment Utility
Hi MeCanHelp, I was looking to query the local account, not the domain account. thanks
0
 

Author Comment

by:CRIIT
Comment Utility
Hi asawatzki:

I tried your script. It runs without any error. but it displays all the group names from the local computer, but didn't display the particular group that one account belongs to. any idea? thanks
0
6 Surprising Benefits of Threat Intelligence

All sorts of threat intelligence is available on the web. Intelligence you can learn from, and use to anticipate and prepare for future attacks.

 

Author Comment

by:CRIIT
Comment Utility
also, what is that "Function WMIDateStringToDate(dtmDate)" for? thanks
0
 
LVL 9

Expert Comment

by:asawatzki
Comment Utility
You can toss that Function.  It converts WMI dates to string format.  Not being used in this script.  The account in question, is it a local user?  Also is the group that you are looking to see the user in, is it a local group?

Thanks
0
 

Author Comment

by:CRIIT
Comment Utility
yeah, i am trying to query the local accounts to see what local groups each account belongs to. For an example:

My computer name: PC1
One of the local accounts: test1
test1 belongs to "Backup Operators" and this is the only group that test1 belongs.

but when i run your script, it displays all the group names

any comment? thanks
0
 
LVL 9

Accepted Solution

by:
asawatzki earned 500 total points
Comment Utility
I see what happened.  Forgot to clear the BuildGroup variable between users.  Try this:
On Error Resume Next

 

Const wbemFlagReturnImmediately = &h10

Const wbemFlagForwardOnly = &h20

dim BuildGroup

 

 

'On Error Resume Next

 

strComputer = "."

Set objWMIService = GetObject("winmgmts:" _

    & "{impersonationLevel=impersonate}!\\" & strComputer & "\root\cimv2")

 

Set colItems = objWMIService.ExecQuery _

    ("Select * from Win32_UserAccount Where LocalAccount = True")

 

For Each objItem in colItems

    Wscript.Echo "Account Type: " & objItem.AccountType

    Wscript.Echo "Caption: " & objItem.Caption

    Wscript.Echo "Description: " & objItem.Description

    Wscript.Echo "Disabled: " & objItem.Disabled

    Wscript.Echo "Domain: " & objItem.Domain

    Wscript.Echo "Full Name: " & objItem.FullName

    Wscript.Echo "Local Account: " & objItem.LocalAccount

    Wscript.Echo "Lockout: " & objItem.Lockout

    Wscript.Echo "Name: " & objItem.Name

    Wscript.Echo "Password Changeable: " & objItem.PasswordChangeable

    Wscript.Echo "Password Expires: " & objItem.PasswordExpires

    Wscript.Echo "Password Required: " & objItem.PasswordRequired

    Wscript.Echo "SID: " & objItem.SID

    Wscript.Echo "SID Type: " & objItem.SIDType

    Wscript.Echo "Status: " & objItem.Status

    BuildGroup = ""

    Groups objItem.Name

    Wscript.Echo BuildGroup

    Wscript.Echo

Next

 

 

Sub Groups(strUsername)

 

   Set objWMIService2 = GetObject("winmgmts:\\" & strComputer & "\root\CIMV2")

   Set colItems2 = objWMIService.ExecQuery("SELECT * FROM Win32_Group Where LocalAccount = True", "WQL", _

                                          wbemFlagReturnImmediately + wbemFlagForwardOnly)

   For Each objItem2 In colItems2

       GroupMembership strUsername, objItem2.name

     

   Next

 

End Sub

 

Sub GroupMembership(strUsername, strGroup)

  Set objGroup = GetObject("WinNT://" & strComputer & "/" & strGroup)

  For Each objUser in objGroup.Members

    If objUser.Name = strUsername Then

        BuildGroup =  BuildGroup & "Member of Group: " & strGroup & vbcrlf 

    End If

Next

 

End Sub

Open in new window

0
 

Author Comment

by:CRIIT
Comment Utility
great, it works, thanks a lot
0

Featured Post

What Should I Do With This Threat Intelligence?

Are you wondering if you actually need threat intelligence? The answer is yes. We explain the basics for creating useful threat intelligence.

Join & Write a Comment

This article describes some techniques which will make your VBA or Visual Basic Classic code easier to understand and maintain, whether by you, your replacement, or another Experts-Exchange expert.
Since upgrading to Office 2013 or higher installing the Smart Indenter addin will fail. This article will explain how to install it so it will work regardless of the Office version installed.
Get people started with the utilization of class modules. Class modules can be a powerful tool in Microsoft Access. They allow you to create self-contained objects that encapsulate functionality. They can easily hide the complexity of a process from…
The viewer will learn how to create a basic form using some HTML5 and PHP for later processing. Set up your basic HTML file. Open your form tag and set the method and action attributes.: (CODE) Set up your first few inputs one for the name and …

743 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

16 Experts available now in Live!

Get 1:1 Help Now