Remove all users from Local Administrator Group and add the user in the file.

Hi,

Remove all users from Local Administrator Group and add the user in the file.
I have a txt file that has

machine name,NTlogin

When run script has to remove any user in the administrator fgroup and add just the users in the txt file next to the machine name.

Need a results csv or txt that shows what was removed and what was added.

Regards
Sharath
LVL 11
bsharathAsked:
Who is Participating?
 
sirbountyConnect With a Mentor Commented:
Oops - forgot the logging...
'Read machine name,NTlogin from log file:
Const ADS_SCOPE_SUBTREE = 2
 
strLogFile = "C:\Logfile.txt"
strOutput = "C:\Results.txt"
 
Dim objFSO : Set objFSO = CreateObject("Scripting.FileSystemObject")
Dim objFile : Set objFile = objFSO.OpenTextFile(strLogFile)
Dim objOut : Set objOut = objFSO.CreateTextFile(strOutput)
 
Do While Not objFile.AtEndOfStream
  arrData = Split(objFile.ReadLine, ",")
  strPC = Trim(arrData(0))
  strUser = FindUser(Trim(arrData(1)))
  Set objNewUser = GetObject(strUser)
 
  Dim objAdmin : Set objAdmin = GetObject("WinNT://" & strPC & "/Administrators")
  On Error Resume Next
  objAdmin.Add(objNewUser.AdsPath)
  If Err.Number <> = Then
    objOut.WriteLine "Couldn't add " & strUser & " to " & strPC
  Else
    objOut.WriteLine "Added " & strUser & " to " & strPC    
  End If
  On Error Goto 0
 
  For Each objUser In objAdmin.Members
    If objUser.Name <> objNewUser.CN Then objAdmin.Remove(objUser.AdsPath)
    objOut.WriteLine "Removed " & objUser.Name & " from " & strPC    
  Next
  Set objUser = Nothing
Loop
 
objOut.Close
wscript.quit
 
Function FindUser (UserName)
  Dim rootDSE : Set rootDSE = GetObject("LDAP://rootDSE")
  strADsPath = rootDSE.Get("defaultNamingContext")
  Dim objConn : Set objConn = CreateObject("ADODB.Connection")
  Dim objCmd : Set objCmd = CreateObject("ADODB.Command")
  objConn.Provider = "ADsDSOObject"
  objConn.Open "Active Directory Provider"
  Set objCmd.ActiveConnection = objConn
  objCmd.CommandText = "Select ADsPath From 'LDAP://" & strADsPath & "' Where objectClass='user' And Name='" & UserName & "'"
  objCmd.Properties("Page Size") = 1000
  objCmd.Properties("Timeout") = 300
  objCmd.Properties("Searchscope") = ADS_SCOPE_SUBTREE
  Dim objRS : Set objRS = objCmd.Execute
 
  objRS.MoveFirst
  If Not objRS.EOF Then FindUser=objRS.Fields(0).Value
End Function

Open in new window

0
 
sirbountyCommented:
That a local or domain login?
0
 
sirbountyCommented:
Try this...
'Read machine name,NTlogin from log file:
 
strLogFile = "C:\Logfile.txt"
strOutput = "C:\Results.txt"
 
Dim objFSO : Set objFSO = CreateObject("Scripting.FileSystemObject")
Dim objFile : Set objFile = objFSO.OpenTextFile(strLogFile)
Dim objOut : Set objOut = objFSO.CreateTextFile(strOutput)
 
Do While Not objFile.AtEndOfStream
  arrData = Split(objFile.ReadLine, ",")
  strPC = Trim(arrData(0))
  strUser = Trim(arrData(1))
 
  Dim objAdmin : Set objAdmin = GetObject("WinNT://" & strPC & "/Administrators")
  Dim objUser : Set objUser = GetObject("WinNT://" & strPC & "/" & strUser)
  objAdmin.Add(objUser.AdsPath)
 
  For Each objUser In objAdmin.Members
    If objUser.Name <> strUser Then objAdmin.Remove(objUser.AdsPath)
  Next
  Set objUser = Nothing
Loop

Open in new window

0
Free Tool: Subnet Calculator

The subnet calculator helps you design networks by taking an IP address and network mask and returning information such as network, broadcast address, and host range.

One of a set of tools we're offering as a way of saying thank you for being a part of the community.

 
bsharathAuthor Commented:
That is a Domain Login in the txt files
The group is local Administrator group of each machine
0
 
sirbountyCommented:
Forget that first one then...
Second question - is it going to be 'just' the user's name, or the full path to it (cn=username,dc=domain,dc=com)?
0
 
bsharathAuthor Commented:
Just the user name in the txt file
0
 
sirbountyCommented:

'Read machine name,NTlogin from log file:
Const ADS_SCOPE_SUBTREE = 2
 
strLogFile = "C:\Logfile.txt"
strOutput = "C:\Results.txt"
 
Dim objFSO : Set objFSO = CreateObject("Scripting.FileSystemObject")
Dim objFile : Set objFile = objFSO.OpenTextFile(strLogFile)
Dim objOut : Set objOut = objFSO.CreateTextFile(strOutput)
 
Do While Not objFile.AtEndOfStream
  arrData = Split(objFile.ReadLine, ",")
  strPC = Trim(arrData(0))
  strUser = FindUser(Trim(arrData(1)))
  Set objNewUser = GetObject(strUser)
 
  Dim objAdmin : Set objAdmin = GetObject("WinNT://" & strPC & "/Administrators")
  objAdmin.Add(objNewUser.AdsPath)
 
  For Each objUser In objAdmin.Members
    If objUser.Name <> objNewUser.CN Then objAdmin.Remove(objUser.AdsPath)
  Next
  Set objUser = Nothing
Loop
 
wscript.quit
 
Function FindUser (UserName)
  Dim rootDSE : Set rootDSE = GetObject("LDAP://rootDSE")
  strADsPath = rootDSE.Get("defaultNamingContext")
  Dim objConn : Set objConn = CreateObject("ADODB.Connection")
  Dim objCmd : Set objCmd = CreateObject("ADODB.Command")
  objConn.Provider = "ADsDSOObject"
  objConn.Open "Active Directory Provider"
  Set objCmd.ActiveConnection = objConn
  objCmd.CommandText = "Select ADsPath From 'LDAP://" & strADsPath & "' Where objectClass='user' And Name='" & UserName & "'"
  objCmd.Properties("Page Size") = 1000
  objCmd.Properties("Timeout") = 300
  objCmd.Properties("Searchscope") = ADS_SCOPE_SUBTREE
  Dim objRS : Set objRS = objCmd.Execute
 
  objRS.MoveFirst
  If Not objRS.EOF Then FindUser=objRS.Fields(0).Value
End Function

Open in new window

0
 
bsharathAuthor Commented:
Thank U Shall try and get back
0
 
bsharathAuthor Commented:
I get this

---------------------------
Windows Script Host
---------------------------
Script:      C:\Remove all and add this user.vbs
Line:      20
Char:      20
Error:      Syntax error
Code:      800A03EA
Source:       Microsoft VBScript compilation error

---------------------------
OK  
---------------------------
0
 
sirbountyCommented:
If Err.Number <> = Then
should read:
If Err.Number <> 0 Then
0
 
bsharathAuthor Commented:
I get this

---------------------------
Windows Script Host
---------------------------
Script:      C:\Remove all and add this user.vbs
Line:      51
Char:      3
Error:      Either BOF or EOF is True, or the current record has been deleted. Requested operation requires a current record.
Code:      800A0BCD
Source:       ADODB.Recordset

---------------------------
OK  
---------------------------
0
 
bsharathAuthor Commented:
Sirbounty any view...
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.