Add Users to local Administrator querying whats already there as members. With a domain name change.

Hi,

Add Users to local Administrator querying whats already there as members. With a domain name change.
I want help with a script that can check each machine name in local administrator. Then add the same user from a different domain. Domain name =ICA
Say the users are
Dev\Sharath
And few more users
I want the same Sharath to be added as "ICA\Sharath"
I want both to be intact.

I want a report on what was there and what was added.

Any help is greatly usefeful for me.

Regards
Sharath
LVL 11
bsharathAsked:
Who is Participating?
 
jostranderCommented:
Or, If you'd like it to add groups as well, try this:
CONST FOR_READING=1
CONST FOR_WRITING=2

Dim strComputerListFile
Dim strLogFile
Dim strDomainOLD
Dim strDomainNEW
Dim strTitle
Dim DisplayEcho


'--------------------------------------------
'	User Variables
'--------------------------------------------
strComputerListFile = "c:\computers.txt"
strLogFile="c:\results.txt"

strDomainOLD="DEV"
strDomainNEW="ICA"

strTitle = "Admins Add"

DisplayEcho=True
'--------------------------------------------
Set WshShell=CreateObject("Wscript.Shell")
Set fso=CreateObject("Scripting.FileSystemObject")

If DisplayEcho=True then
	'FORCE CSCRIPT
	If instr(lcase(wscript.fullname),"wscript") then
		wshshell.run "cmd /k cscript //nologo " & chr(34) & wscript.scriptfullname & Chr(34),1,false
		wscript.quit
	End If
End If

Set inFile=fso.OpenTextFile(strComputerListFile,FOR_READING,true)
arrComputers=split(infile.ReadAll,vbCrLf)
inFile.close

Set oFile=fso.OpenTextFile(strLogFile,FOR_WRITING,true)


For each strComputer in arrComputers
	If strComputer <> "" then GroupMod strComputer
Next

oFile.close
wscript.echo "All Done!"


Sub GroupMod(myComputer)
	ON ERROR RESUME NEXT
	Set objGroup = GetObject("WinNT://" & myComputer & "/Administrators,group")
	
	For Each objMember in objGroup.Members
		strClass=objMember.class
		strName=objMember.Name
		strADsPath=objMember.ADsPath
		pos_start=Instr(strADsPath,"//")+2
		pos_end=InstrRev(strADsPath,"/")
		strDomain=mid(strADsPath,pos_start,pos_end-pos_start)
		strFullName=mid(strADsPath,pos_start)
		
		If ucase(strDomain)=ucase(strDomainOLD) then
			strPreviousList=strPreviousList & strFullName & vbCrLf

			Set objUserNew=GetObject("WinNT://" & strDomainNew & "/" & strName & "," & strClass)
			strUserNew=""
			strUserNew=objUserNew.Name
			If strUserNew="" then 
				strFailures = strFailures & strDomainNew & "\" & strName & ", " & " NOT FOUND" & vbCrLf
			Else
				err.clear
				objGroup.Add(objUserNew.ADsPath)
				If err.number <> 0 then 
					If err.number="-2147023518" then
						myErr="Already a member"
					Else
						myErr=err.number & " " & err.description
					End If
					strFailures = strFailures & strDomainNew & "\" & strName & ", " & myErr & vbCrLf
				Else
					strAdditions=strAdditions & strDomainNew & "\" & strName & vbCrLf
				End If
			End If
			Set objUserNew=Nothing
		ElseIf ucase(strDomain)=ucase(strDomainNEW) then
			strPreviousList=strPreviousList & strFullName & vbCrLf
		End If
		
		strName=""
		strUserNew=""
		strADsPath=""
		pos_start=""
		pos_end=""
		strDomain=""
		strFullName=""
		strClass=""
	Next
	
	Output "----------------------------------------------"
	Output "Computer:  " & myComputer
	Output "----------------------------------------------"
	Output "Previous List:"
	Output strPreviousList

	Output "Additions:"
	Output strAdditions

	Output "Failures:"
	Output strFailures
	

End Sub

Sub Output(txt)
	If DisplayEcho=True then wscript.echo txt
	oFile.writeLine txt
End Sub

Open in new window

0
 
markdmacCommented:
No reporting but this will do the actual work.  I would run this as a logon or startup script.  It enumerates the local admins, looks for domain accounts and then adds in the same accounts after replacing the domain name.
Dim WSHNetwork, WSHShell
Set WSHNetwork = CreateObject("WScript.Network")
Set WSHShell = CreateObject("Wscript.Shell")


GetLocalAdmins(WSHNetwork.ComputerName)


Sub GetLocalAdmins (Computer)
	Dim objComp
	strComputer = Computer
	Set objComp = GetObject("WinNT://" & strComputer)
	objComp.GetInfo  
	If objComp.PropertyCount > 0 Then
	    Set objGroup = GetObject("WinNT://" & strComputer & "/Administrators,group")
	    If objGroup.PropertyCount > 0 Then
	       For Each mem In objGroup.Members
	            AdminArray = Split(Right(mem.adsPath,Len(mem.adsPath) - 8) ,"/")
	            If UBound(AdminArray) = 1 Then
	               'domain account
	               'WScript.echo vbTab & Right(mem.adsPath,Len(mem.adsPath) - 8)
	               NewAdmin = "ICA\" & AdminArray(1)
	               WSHShell.Run "CMD.EXE /C NET LOCALGROUP Administrators " & NewAdmin & " /ADD"               
	            End If
	        Next
	    End If
	End If
End Sub

Open in new window

0
 
bsharathAuthor Commented:
Thanks
Can i have this to run on a specific set of machine names rather than login script
0
Cloud Class® Course: Microsoft Exchange Server

The MCTS: Microsoft Exchange Server 2010 certification validates your skills in supporting the maintenance and administration of the Exchange servers in an enterprise environment. Learn everything you need to know with this course.

 
bsharathAuthor Commented:
Mark one issue. When it comes to adding Domain admins it does not add
I guess because of space
0
 
markdmacCommented:
Use AD to specify which computers the script will hit.  It has to run locally.

Try replacing line 23 from this:
WSHShell.Run "CMD.EXE /C NET LOCALGROUP Administrators " & NewAdmin & " /ADD"    

To this:
WSHShell.Run "CMD.EXE /C NET LOCALGROUP Administrators " & Chr(34) & NewAdmin & Chr(34) & " /ADD"    

And let me know if it still does not add Domain Admins.
0
 
bsharathAuthor Commented:
It works perfect now.
Can i have it read a txt file with computer names please.

As it has to be done for different sets of systems
0
 
markdmacCommented:
That script can't be set as a remote script.  You might try using PSEXEC to launch it locally on a list, but the easiest solution is to do what I said above.  Create a GPO, set this as a login or startup script and apply the GPO only to the PCs you want affected.
0
 
jostranderCommented:
Hi Sharath,

This should do what you need:

CONST FOR_READING=1
CONST FOR_WRITING=2

Dim strComputerListFile
Dim strLogFile
Dim strDomainOLD
Dim strDomainNEW
Dim strTitle
Dim DisplayEcho


'--------------------------------------------
'	User Variables
'--------------------------------------------
strComputerListFile = "c:\computers.txt"
strLogFile="c:\results.txt"

strDomainOLD="DEV"
strDomainNEW="ICA"

strTitle = "Admins Add"

DisplayEcho=True
'--------------------------------------------
Set WshShell=CreateObject("Wscript.Shell")
Set fso=CreateObject("Scripting.FileSystemObject")

If DisplayEcho=True then
	'FORCE CSCRIPT
	If instr(lcase(wscript.fullname),"wscript") then
		wshshell.run "cmd /k cscript //nologo " & chr(34) & wscript.scriptfullname & Chr(34),1,false
		wscript.quit
	End If
End If

Set inFile=fso.OpenTextFile(strComputerListFile,FOR_READING,true)
arrComputers=split(infile.ReadAll,vbCrLf)
inFile.close

Set oFile=fso.OpenTextFile(strLogFile,FOR_WRITING,true)


For each strComputer in arrComputers
	If strComputer <> "" then GroupMod strComputer
Next

oFile.close
wscript.echo "All Done!"


Sub GroupMod(myComputer)
	ON ERROR RESUME NEXT
	Set objGroup = GetObject("WinNT://" & myComputer & "/Administrators,group")
	
	For Each objMember in objGroup.Members
		If lcase(objMember.class)="user" then
			strName=objMember.Name
			strADsPath=objMember.ADsPath
			pos_start=Instr(strADsPath,"//")+2
			pos_end=InstrRev(strADsPath,"/")
			strDomain=mid(strADsPath,pos_start,pos_end-pos_start)
			strFullName=mid(strADsPath,pos_start)
			
			If ucase(strDomain)=ucase(strDomainOLD) then
				strPreviousList=strPreviousList & strFullName & vbCrLf

				Set objUserNew=GetObject("WinNT://" & strDomainNew & "/" & strName & ",user")
				strUserNew=""
				strUserNew=objUserNew.Name
				If strUserNew="" then 
					strFailures = strFailures & strDomainNew & "\" & strName & ", " & " NOT FOUND" & vbCrLf
				Else
					err.clear
					objGroup.Add(objUserNew.ADsPath)
					If err.number <> 0 then 
						If err.number="-2147023518" then
							myErr="Already a member"
						Else
							myErr=err.number & " " & err.description
						End If
						strFailures = strFailures & strDomainNew & "\" & strName & ", " & myErr & vbCrLf
					Else
						strAdditions=strAdditions & strDomainNew & "\" & strName & vbCrLf
					End If
				End If
				Set objUserNew=Nothing
			ElseIf ucase(strDomain)=ucase(strDomainNEW) then
				strPreviousList=strPreviousList & strFullName & vbCrLf
			End If
			
			strName=""
			strUserNew=""
			strADsPath=""
			pos_start=""
			pos_end=""
			strDomain=""
			strFullName=""
		End If
	Next
	
	Output "----------------------------------------------"
	Output "Computer:  " & myComputer
	Output "----------------------------------------------"
	Output "Previous List:"
	Output strPreviousList

	Output "Additions:"
	Output strAdditions

	Output "Failures:"
	Output strFailures
	

End Sub

Sub Output(txt)
	If DisplayEcho=True then wscript.echo txt
	oFile.writeLine txt
End Sub

Open in new window

0
 
bsharathAuthor Commented:
Thanks a lot works perfect ..:-)
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.