Solved

Report If Backup_Administrators Exist in Local Admins

Posted on 2011-03-18
3
291 Views
Last Modified: 2012-05-11
I'm querying from a list of servers to report on whether or not the Backup_Administrator group exists within the Local Administrators group.

I'm also pulling the OU location of the server in ADUC, as well as the Last Logon Date. These are working fine, but BackUp_Admin check is always coming up false, even when it exists.
'Option Explicit

Dim strSourceFile, objExcel, objWorkbook, IntRow
Dim strMachine, strDomain, strBUAdmin
Dim objConnection, objCommand, objRecordSet
Dim strCategory, strTarget, strFilter
Dim strLocation, objMachine, objMemberOf, strResult, strOU, i, strOrgUnit
Dim arrRealAdmins, adminGroup, groupMember, ret


' Reference Section
strSourceFile = "C$\Server_input.xls"

Set objExcel = CreateObject("Excel.Application")
Set objWorkbook = objExcel.Workbooks.Open(strSourceFile)
IntRow = 1
strDomain = "dc=domain,dc=com"

Set objConnection = CreateObject("ADODB.Connection")
objConnection.Open "Provider=ADsDSOObject;"
Set objCommand = CreateObject("ADODB.Command")
objCommand.ActiveConnection = objConnection


' Worker Section
Do Until objExcel.Cells(IntRow, 1).Value = ""
arrRealAdmins = Array("Backup_Administrators")
strMachine = objExcel.Cells(IntRow, 1).Value
WScript.Echo "Querying " & strMachine
strCategory = "(objectCategory=Computer)"
strTarget = "(cn=" & strMachine & ")"
strFilter = strCategory & strTarget

objCommand.CommandText = "<GC://" & strDomain & ">;(&" & strFilter & ")" & ";LastLogonTimeStamp,DistinguishedName;subtree"
Set objRecordSet = objCommand.Execute

While Not objRecordSet.EOF
 
  strLocation = objRecordSet.Fields("DistinguishedName")
  strOU = Split(strLocation,",")
  
    For i = LBound(strOU) To UBound(strOU)
      If InStr(strOU(i), "_") > 0 Then
        strOrgUnit = mid(strOU(i), 4)
      Else
      End If
    Next
  
  Set objMachine = GetObject("LDAP://" & strLocation )'  
    
  strDate = objRecordSet.Fields("LastLogonTimeStamp")
  Set lngDate = strDate
  strDate = #1/1/1601#
  
  If (lngDate.HighPart = 0) And (lngDate.LowPart = 0 ) Then
    strDate = #1/1/1601#
  Else
    strDate = #1/1/1601# + (((lngDate.HighPart * (2 ^ 32)) + lngDate.LowPart)/600000000)/1440
  End If
  strDateOnly = Split(strDate," ")
   
  Call IsBUAdminPresent(strBUAdmin,MemberName)
     
  ' Output Section within loop
  'WScript.Echo objMachine.Name
	  If strBUAdmin = True Then
	  	  objExcel.Cells(IntRow, 2).Value = "Yes"
	      objExcel.Cells(IntRow, 3).Value = strDateOnly 
		  objExcel.Cells(IntRow, 4).Value = objRecordSet.Fields("DistinguishedName")
	  ElseIf strBUAdmin = False Then
	  	  objExcel.Cells(IntRow, 2).Value = "No"
	      objExcel.Cells(IntRow, 3).Value = strDateOnly 
		  objExcel.Cells(IntRow, 4).Value = objRecordSet.Fields("DistinguishedName")
	  End If
  objRecordSet.MoveNext
  
Wend

IntRow = IntRow + 1

Loop

Function IsBUAdminPresent(strBUAdmin, MemberName)
	dim i
	for i = lbound(arrRealAdmins) to ubound(arrRealAdmins)
		if ucase(MemberName) = ucase(arrRealAdmins(i)) then
			strBUAdmin = True
			exit Function
		end If
	Next
	strBUAdmin = False
end Function

objConnection.Close
objExcel.Quit

Open in new window

0
Comment
Question by:JB4375
3 Comments
 
LVL 12

Accepted Solution

by:
prashanthd earned 500 total points
ID: 35170241
Hi,

The code for checking the group was missing.

Try the following code

regards
Prashanth
'Option Explicit
On Error Resume Next

Dim strSourceFile, objExcel, objWorkbook, IntRow
Dim strMachine, strDomain, strBUAdmin
Dim objConnection, objCommand, objRecordSet
Dim strCategory, strTarget, strFilter
Dim strLocation, objMachine, objMemberOf, strResult, strOU, i, strOrgUnit
Dim arrRealAdmins, adminGroup, groupMember, ret


' Reference Section
strSourceFile = "C$\Server_input.xls"

Set objExcel = CreateObject("Excel.Application")
Set objWorkbook = objExcel.Workbooks.Open(strSourceFile)
IntRow = 1
strDomain = "dc=domain,dc=com"

Set objConnection = CreateObject("ADODB.Connection")
objConnection.Open "Provider=ADsDSOObject;"
Set objCommand = CreateObject("ADODB.Command")
objCommand.ActiveConnection = objConnection


' Worker Section
Do Until objExcel.Cells(IntRow, 1).Value = ""
    arrRealAdmins = "Backup_Administrators"
    strMachine = objExcel.Cells(IntRow, 1).Value
    
    WScript.Echo "Querying " & strMachine
    strCategory = "(objectCategory=Computer)"
    strTarget = "(cn=" & strMachine & ")"
    strFilter = strCategory & strTarget
    
    objCommand.CommandText = "<GC://" & strDomain & ">;(&" & strFilter & ")" & ";LastLogonTimeStamp,DistinguishedName;subtree"
    Set objRecordSet = objCommand.Execute
    
    While Not objRecordSet.EOF
        
        strLocation = objRecordSet.Fields("DistinguishedName")
        strOU = Split(strLocation,",")
        
        For i = LBound(strOU) To UBound(strOU)
            If InStr(strOU(i), "_") > 0 Then
                strOrgUnit = Mid(strOU(i), 4)
            Else
            End If
        Next
        
        Set objMachine = GetObject("LDAP://" & strLocation )'  
        
        strDate = objRecordSet.Fields("LastLogonTimeStamp")
        Set lngDate = strDate
        strDate = #1/1/1601#
        
        If (lngDate.HighPart = 0) And (lngDate.LowPart = 0 ) Then
            strDate = #1/1/1601#
        Else
            strDate = #1/1/1601# + (((lngDate.HighPart * (2 ^ 32)) + lngDate.LowPart)/600000000)/1440
        End If
        strDateOnly = Split(strDate," ")
        
        'Check for backup admin 
        strBUAdmin = False
        Set objGroup = GetObject("WinNT://" & strMachine & "/Administrators,group")
        
        For Each mem In objGroup.Members
            WScript.echo strMachine & " - " & mem.name
            If StrComp(LCase(mem.name),LCase(arrRealAdmins)) Then
                strBUAdmin = True
                Exit For
            End If            
        Next
        
        ' Output Section within loop
        'WScript.Echo objMachine.Name
        If strBUAdmin = True Then
            objExcel.Cells(IntRow, 2).Value = "Yes"
            objExcel.Cells(IntRow, 3).Value = strDateOnly 
            objExcel.Cells(IntRow, 4).Value = objRecordSet.Fields("DistinguishedName")
        ElseIf strBUAdmin = False Then
            objExcel.Cells(IntRow, 2).Value = "No"
            objExcel.Cells(IntRow, 3).Value = strDateOnly 
            objExcel.Cells(IntRow, 4).Value = objRecordSet.Fields("DistinguishedName")
        End If
        objRecordSet.MoveNext
        
    Wend
    
    IntRow = IntRow + 1
    
Loop

objConnection.Close
objExcel.Quit

Open in new window

0
 
LVL 15

Expert Comment

by:markdmac
ID: 35172123
Another way to check it:
Dim strFindName: strFindName = "Backup_Administrator"
Dim strTarget: strTarget = "."

WScript.Echo CheckAdmin(strTarget, strFindName)


Function CheckAdmin(strComputer, strAdmin)
	Set objGroup = GetObject("WinNT://" & strComputer & "/Administrators,group")
	BackupPresent = False	
	If Err.Number = 0 Then
		For Each objUser In objGroup.Members
	        If UCase(objUser.Name) = UCase(strAdmin) Then
	        	BackupPresent = True
	        End If
	   	Next
	End If
	CheckAdmin = BackupPresent
End Function

Open in new window

0
 
LVL 1

Author Closing Comment

by:JB4375
ID: 35180382
Prashanthd,
That worked perfectly!!
Thanks,
JB
0

Featured Post

Is Your Active Directory as Secure as You Think?

More than 75% of all records are compromised because of the loss or theft of a privileged credential. Experts have been exploring Active Directory infrastructure to identify key threats and establish best practices for keeping data safe. Attend this month’s webinar to learn more.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

This is an addendum to the following article: Acitve Directory based Outlook Signature (http://www.experts-exchange.com/Programming/Languages/Visual_Basic/VB_Script/Q_24950055.html) The script is fine, and works in normal client-server domains…
Hello again, all.  For those of you that have been following along, you'll know that this is my third article on this topic (though it is not Part III).  This article is sort of remedial, and probably the topic with which I should have started the s…
This Micro Tutorial will teach you how to censor certain areas of your screen. The example in this video will show a little boy's face being blurred. This will be demonstrated using Adobe Premiere Pro CS6.
Along with being a a promotional video for my three-day Annielytics Dashboard Seminor, this Micro Tutorial is an intro to Google Analytics API data.

863 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

28 Experts available now in Live!

Get 1:1 Help Now