list all admin account

Posted on 2012-04-02
Medium Priority
Last Modified: 2012-04-19
I am new to scripting. I want a script to list all admin account in the entire domain. I can use Active role console or can run  from server. Could you please help. Thanks
Question by:cyrilma
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
LVL 57

Expert Comment

by:Mike Kline
ID: 37796752
Are you looking for members of "domain admins"   I wrote a blog that will give them to you


That will also give you the last time they logged in, lots of ways as you can see in the blog



Author Comment

ID: 37796857
Thanks, Mike for the quick response. I need the list of all users belongs to Admin account, enterprise admin, schema admin in the entire forest for an auditing purpose.
LVL 57

Expert Comment

by:Mike Kline
ID: 37796861
just use the example from the blog; you can do it for each group.


Learn Veeam advantages over legacy backup

Every day, more and more legacy backup customers switch to Veeam. Technologies designed for the client-server era cannot restore any IT service running in the hybrid cloud within seconds. Learn top Veeam advantages over legacy backup and get Veeam for the price of your renewal

LVL 35

Expert Comment

by:Joseph Daly
ID: 37796926
I like the DS series of tools for this sort of stuff. The following command will get you what you are looking for.

dsquery group -name "domain admins" | dsget group -members -expand | dsget user -ln -fn -samid
LVL 21

Expert Comment

ID: 37797037
Try this:

net group "Domain Admins"

Author Comment

ID: 37797204
Thanks a lot for all your suggestions and help.

Admin accounts are spreade across different domains. We are trying to create a script which can fetch info of all admin accounts in root domain and in other sub domains. Anyone who has any kind of administrative rights we need details which need to send it to audit team on monthly basis.

I found a good VB script I want to share with you all..

LVL 15

Accepted Solution

Russell_Venable earned 1500 total points
ID: 37803886
I have a script already made for this. You might want to check it out here. If you need tweaking of course it can be done. This script reads a list of machines and reports the results in separate files including the ones that do not work.

Featured Post


Modern healthcare requires a modern cloud. View this brief video to understand how the Concerto Cloud for Healthcare can help your organization.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Recently, Microsoft released a best-practice guide for securing Active Directory. It's a whopping 300+ pages long. Those of us tasked with securing our company’s databases and systems would, ideally, have time to devote to learning the ins and outs…
Compliance and data security require steps be taken to prevent unauthorized users from copying data.  Here's one method to prevent data theft via USB drives (and writable optical media).
This tutorial will walk an individual through the process of transferring the five major, necessary Active Directory Roles, commonly referred to as the FSMO roles from a Windows Server 2008 domain controller to a Windows Server 2012 domain controlle…
Are you ready to implement Active Directory best practices without reading 300+ pages? You're in luck. In this webinar hosted by Skyport Systems, you gain insight into Microsoft's latest comprehensive guide, with tips on the best and easiest way…
Suggested Courses

650 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question