Want to protect your cyber security and still get fast solutions? Ask a secure question today.Go Premium

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 301
  • Last Modified:

Report If Backup_Administrators Exist in Local Admins

I'm querying from a list of servers to report on whether or not the Backup_Administrator group exists within the Local Administrators group.

I'm also pulling the OU location of the server in ADUC, as well as the Last Logon Date. These are working fine, but BackUp_Admin check is always coming up false, even when it exists.
'Option Explicit

Dim strSourceFile, objExcel, objWorkbook, IntRow
Dim strMachine, strDomain, strBUAdmin
Dim objConnection, objCommand, objRecordSet
Dim strCategory, strTarget, strFilter
Dim strLocation, objMachine, objMemberOf, strResult, strOU, i, strOrgUnit
Dim arrRealAdmins, adminGroup, groupMember, ret


' Reference Section
strSourceFile = "C$\Server_input.xls"

Set objExcel = CreateObject("Excel.Application")
Set objWorkbook = objExcel.Workbooks.Open(strSourceFile)
IntRow = 1
strDomain = "dc=domain,dc=com"

Set objConnection = CreateObject("ADODB.Connection")
objConnection.Open "Provider=ADsDSOObject;"
Set objCommand = CreateObject("ADODB.Command")
objCommand.ActiveConnection = objConnection


' Worker Section
Do Until objExcel.Cells(IntRow, 1).Value = ""
arrRealAdmins = Array("Backup_Administrators")
strMachine = objExcel.Cells(IntRow, 1).Value
WScript.Echo "Querying " & strMachine
strCategory = "(objectCategory=Computer)"
strTarget = "(cn=" & strMachine & ")"
strFilter = strCategory & strTarget

objCommand.CommandText = "<GC://" & strDomain & ">;(&" & strFilter & ")" & ";LastLogonTimeStamp,DistinguishedName;subtree"
Set objRecordSet = objCommand.Execute

While Not objRecordSet.EOF
 
  strLocation = objRecordSet.Fields("DistinguishedName")
  strOU = Split(strLocation,",")
  
    For i = LBound(strOU) To UBound(strOU)
      If InStr(strOU(i), "_") > 0 Then
        strOrgUnit = mid(strOU(i), 4)
      Else
      End If
    Next
  
  Set objMachine = GetObject("LDAP://" & strLocation )'  
    
  strDate = objRecordSet.Fields("LastLogonTimeStamp")
  Set lngDate = strDate
  strDate = #1/1/1601#
  
  If (lngDate.HighPart = 0) And (lngDate.LowPart = 0 ) Then
    strDate = #1/1/1601#
  Else
    strDate = #1/1/1601# + (((lngDate.HighPart * (2 ^ 32)) + lngDate.LowPart)/600000000)/1440
  End If
  strDateOnly = Split(strDate," ")
   
  Call IsBUAdminPresent(strBUAdmin,MemberName)
     
  ' Output Section within loop
  'WScript.Echo objMachine.Name
	  If strBUAdmin = True Then
	  	  objExcel.Cells(IntRow, 2).Value = "Yes"
	      objExcel.Cells(IntRow, 3).Value = strDateOnly 
		  objExcel.Cells(IntRow, 4).Value = objRecordSet.Fields("DistinguishedName")
	  ElseIf strBUAdmin = False Then
	  	  objExcel.Cells(IntRow, 2).Value = "No"
	      objExcel.Cells(IntRow, 3).Value = strDateOnly 
		  objExcel.Cells(IntRow, 4).Value = objRecordSet.Fields("DistinguishedName")
	  End If
  objRecordSet.MoveNext
  
Wend

IntRow = IntRow + 1

Loop

Function IsBUAdminPresent(strBUAdmin, MemberName)
	dim i
	for i = lbound(arrRealAdmins) to ubound(arrRealAdmins)
		if ucase(MemberName) = ucase(arrRealAdmins(i)) then
			strBUAdmin = True
			exit Function
		end If
	Next
	strBUAdmin = False
end Function

objConnection.Close
objExcel.Quit

Open in new window

0
JB4375
Asked:
JB4375
1 Solution
 
prashanthdCommented:
Hi,

The code for checking the group was missing.

Try the following code

regards
Prashanth
'Option Explicit
On Error Resume Next

Dim strSourceFile, objExcel, objWorkbook, IntRow
Dim strMachine, strDomain, strBUAdmin
Dim objConnection, objCommand, objRecordSet
Dim strCategory, strTarget, strFilter
Dim strLocation, objMachine, objMemberOf, strResult, strOU, i, strOrgUnit
Dim arrRealAdmins, adminGroup, groupMember, ret


' Reference Section
strSourceFile = "C$\Server_input.xls"

Set objExcel = CreateObject("Excel.Application")
Set objWorkbook = objExcel.Workbooks.Open(strSourceFile)
IntRow = 1
strDomain = "dc=domain,dc=com"

Set objConnection = CreateObject("ADODB.Connection")
objConnection.Open "Provider=ADsDSOObject;"
Set objCommand = CreateObject("ADODB.Command")
objCommand.ActiveConnection = objConnection


' Worker Section
Do Until objExcel.Cells(IntRow, 1).Value = ""
    arrRealAdmins = "Backup_Administrators"
    strMachine = objExcel.Cells(IntRow, 1).Value
    
    WScript.Echo "Querying " & strMachine
    strCategory = "(objectCategory=Computer)"
    strTarget = "(cn=" & strMachine & ")"
    strFilter = strCategory & strTarget
    
    objCommand.CommandText = "<GC://" & strDomain & ">;(&" & strFilter & ")" & ";LastLogonTimeStamp,DistinguishedName;subtree"
    Set objRecordSet = objCommand.Execute
    
    While Not objRecordSet.EOF
        
        strLocation = objRecordSet.Fields("DistinguishedName")
        strOU = Split(strLocation,",")
        
        For i = LBound(strOU) To UBound(strOU)
            If InStr(strOU(i), "_") > 0 Then
                strOrgUnit = Mid(strOU(i), 4)
            Else
            End If
        Next
        
        Set objMachine = GetObject("LDAP://" & strLocation )'  
        
        strDate = objRecordSet.Fields("LastLogonTimeStamp")
        Set lngDate = strDate
        strDate = #1/1/1601#
        
        If (lngDate.HighPart = 0) And (lngDate.LowPart = 0 ) Then
            strDate = #1/1/1601#
        Else
            strDate = #1/1/1601# + (((lngDate.HighPart * (2 ^ 32)) + lngDate.LowPart)/600000000)/1440
        End If
        strDateOnly = Split(strDate," ")
        
        'Check for backup admin 
        strBUAdmin = False
        Set objGroup = GetObject("WinNT://" & strMachine & "/Administrators,group")
        
        For Each mem In objGroup.Members
            WScript.echo strMachine & " - " & mem.name
            If StrComp(LCase(mem.name),LCase(arrRealAdmins)) Then
                strBUAdmin = True
                Exit For
            End If            
        Next
        
        ' Output Section within loop
        'WScript.Echo objMachine.Name
        If strBUAdmin = True Then
            objExcel.Cells(IntRow, 2).Value = "Yes"
            objExcel.Cells(IntRow, 3).Value = strDateOnly 
            objExcel.Cells(IntRow, 4).Value = objRecordSet.Fields("DistinguishedName")
        ElseIf strBUAdmin = False Then
            objExcel.Cells(IntRow, 2).Value = "No"
            objExcel.Cells(IntRow, 3).Value = strDateOnly 
            objExcel.Cells(IntRow, 4).Value = objRecordSet.Fields("DistinguishedName")
        End If
        objRecordSet.MoveNext
        
    Wend
    
    IntRow = IntRow + 1
    
Loop

objConnection.Close
objExcel.Quit

Open in new window

0
 
markdmacCommented:
Another way to check it:
Dim strFindName: strFindName = "Backup_Administrator"
Dim strTarget: strTarget = "."

WScript.Echo CheckAdmin(strTarget, strFindName)


Function CheckAdmin(strComputer, strAdmin)
	Set objGroup = GetObject("WinNT://" & strComputer & "/Administrators,group")
	BackupPresent = False	
	If Err.Number = 0 Then
		For Each objUser In objGroup.Members
	        If UCase(objUser.Name) = UCase(strAdmin) Then
	        	BackupPresent = True
	        End If
	   	Next
	End If
	CheckAdmin = BackupPresent
End Function

Open in new window

0
 
JB4375Author Commented:
Prashanthd,
That worked perfectly!!
Thanks,
JB
0

Featured Post

[Webinar] Database Backup and Recovery

Does your company store data on premises, off site, in the cloud, or a combination of these? If you answered “yes”, you need a data backup recovery plan that fits each and every platform. Watch now as as Percona teaches us how to build agile data backup recovery plan.

Tackle projects and never again get stuck behind a technical roadblock.
Join Now