Solved

list all admin account

Posted on 2012-04-02
7
333 Views
Last Modified: 2012-04-19
I am new to scripting. I want a script to list all admin account in the entire domain. I can use Active role console or can run  from server. Could you please help. Thanks
0
Comment
Question by:cyrilma
7 Comments
 
LVL 57

Expert Comment

by:Mike Kline
Comment Utility
Are you looking for members of "domain admins"   I wrote a blog that will give them to you

http://adisfun.blogspot.com/2012/03/lastlogontimestamp-for-group-members.html

That will also give you the last time they logged in, lots of ways as you can see in the blog

Thanks

Mike
0
 

Author Comment

by:cyrilma
Comment Utility
Thanks, Mike for the quick response. I need the list of all users belongs to Admin account, enterprise admin, schema admin in the entire forest for an auditing purpose.
0
 
LVL 57

Expert Comment

by:Mike Kline
Comment Utility
just use the example from the blog; you can do it for each group.

Thanks

Mike
0
6 Surprising Benefits of Threat Intelligence

All sorts of threat intelligence is available on the web. Intelligence you can learn from, and use to anticipate and prepare for future attacks.

 
LVL 35

Expert Comment

by:Joseph Daly
Comment Utility
I like the DS series of tools for this sort of stuff. The following command will get you what you are looking for.


dsquery group -name "domain admins" | dsget group -members -expand | dsget user -ln -fn -samid
0
 
LVL 21

Expert Comment

by:motnahp00
Comment Utility
Try this:

net group "Domain Admins"
0
 

Author Comment

by:cyrilma
Comment Utility
Thanks a lot for all your suggestions and help.

Admin accounts are spreade across different domains. We are trying to create a script which can fetch info of all admin accounts in root domain and in other sub domains. Anyone who has any kind of administrative rights we need details which need to send it to audit team on monthly basis.

I found a good VB script I want to share with you all..

http://halfloaded.com/blog/vbscript-list-all-members-of-sensitive-groups-schema-enterprise-and-domain-admins/
0
 
LVL 15

Accepted Solution

by:
Russell_Venable earned 500 total points
Comment Utility
I have a script already made for this. You might want to check it out here. If you need tweaking of course it can be done. This script reads a list of machines and reports the results in separate files including the ones that do not work.
0

Featured Post

Highfive Gives IT Their Time Back

Highfive is so simple that setting up every meeting room takes just minutes and every employee will be able to start or join a call from any room with ease. Never be called into a meeting just to get it started again. This is how video conferencing should work!

Join & Write a Comment

Installing a printer using group policy preferences is not that hard let’s take a look at it. First lets open up your group policy console and edit the policy you want to add it to. I recommend creating a new policy for each printer makes it a l…
Ever notice how you can't use a new drive in Windows without having Windows assigning a Disk Signature?  Ever have a signature collision problem (especially with Virtual Machines?)  This article is intended to help you understand what's going on and…
In this video, we discuss why the need for additional vertical screen space has become more important in recent years, namely, due to the transition in the marketplace of 4x3 computer screens to 16x9 and 16x10 screens (so-called widescreen format). …
With the advent of Windows 10, Microsoft is pushing a Get Windows 10 icon into the notification area (system tray) of qualifying computers. There are many reasons for wanting to remove this icon. This two-part Experts Exchange video Micro Tutorial s…

728 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

9 Experts available now in Live!

Get 1:1 Help Now