Solved

list all admin account

Posted on 2012-04-02
7
334 Views
Last Modified: 2012-04-19
I am new to scripting. I want a script to list all admin account in the entire domain. I can use Active role console or can run  from server. Could you please help. Thanks
0
Comment
Question by:cyrilma
7 Comments
 
LVL 57

Expert Comment

by:Mike Kline
ID: 37796752
Are you looking for members of "domain admins"   I wrote a blog that will give them to you

http://adisfun.blogspot.com/2012/03/lastlogontimestamp-for-group-members.html

That will also give you the last time they logged in, lots of ways as you can see in the blog

Thanks

Mike
0
 

Author Comment

by:cyrilma
ID: 37796857
Thanks, Mike for the quick response. I need the list of all users belongs to Admin account, enterprise admin, schema admin in the entire forest for an auditing purpose.
0
 
LVL 57

Expert Comment

by:Mike Kline
ID: 37796861
just use the example from the blog; you can do it for each group.

Thanks

Mike
0
Windows Server 2016: All you need to know

Learn about Hyper-V features that increase functionality and usability of Microsoft Windows Server 2016. Also, throughout this eBook, you’ll find some basic PowerShell examples that will help you leverage the scripts in your environments!

 
LVL 35

Expert Comment

by:Joseph Daly
ID: 37796926
I like the DS series of tools for this sort of stuff. The following command will get you what you are looking for.


dsquery group -name "domain admins" | dsget group -members -expand | dsget user -ln -fn -samid
0
 
LVL 21

Expert Comment

by:motnahp00
ID: 37797037
Try this:

net group "Domain Admins"
0
 

Author Comment

by:cyrilma
ID: 37797204
Thanks a lot for all your suggestions and help.

Admin accounts are spreade across different domains. We are trying to create a script which can fetch info of all admin accounts in root domain and in other sub domains. Anyone who has any kind of administrative rights we need details which need to send it to audit team on monthly basis.

I found a good VB script I want to share with you all..

http://halfloaded.com/blog/vbscript-list-all-members-of-sensitive-groups-schema-enterprise-and-domain-admins/
0
 
LVL 15

Accepted Solution

by:
Russell_Venable earned 500 total points
ID: 37803886
I have a script already made for this. You might want to check it out here. If you need tweaking of course it can be done. This script reads a list of machines and reports the results in separate files including the ones that do not work.
0

Featured Post

Microsoft Certification Exam 74-409

Veeam® is happy to provide the Microsoft community with a study guide prepared by MVP and MCT, Orin Thomas. This guide will take you through each of the exam objectives, helping you to prepare for and pass the examination.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

In this article, I am going to show you how to simulate a multi-site Lab environment on a single Hyper-V host. I use this method successfully in my own lab to simulate three fully routed global AD Sites on a Windows 10 Hyper-V host.
Last week, our Skyport webinar on “How to secure your Active Directory” (https://www.experts-exchange.com/videos/5810/Webinar-Is-Your-Active-Directory-as-Secure-as-You-Think.html) provided 218 attendees with a step-by-step guide for identifying Acti…
This tutorial will walk an individual through the process of configuring their Windows Server 2012 domain controller to synchronize its time with a trusted, external resource. Use Google, Bing, or other preferred search engine to locate trusted NTP …
This video shows how to use Hyena, from SystemTools Software, to bulk import 100 user accounts from an external text file. View in 1080p for best video quality.

785 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question