Szuromi
asked on
VB Script to list of users for “Log on as a service” on PCs
Hi Everybody,
I need to write a VB script which would check and create report with member of users or groups for “Log on as a Service” policy on local PCs. Company I work for would like to know who has access to “Log on as a Service” policy on each PCs?
Is anybody will able to give me some idea or sample VB script?
Thanks,
I need to write a VB script which would check and create report with member of users or groups for “Log on as a Service” policy on local PCs. Company I work for would like to know who has access to “Log on as a Service” policy on each PCs?
Is anybody will able to give me some idea or sample VB script?
Thanks,
may need to run this at startup (not logon) so it runs as System user, with full access.
rem '-------------------------------------------------
rem ' robberbaron
rem needs accesschk.exe in local folder or search path
rem '----------------------
@echo off
rem '--- set up files & log ---------
set LogFldr="AccessList.log"
for /F "tokens=2*" %%i in ('date /t') do set datex=%%i
for /F "tokens=1*" %%i in ('time /t') do set timex=%%i
VER | findstr /i "5.0." > nul
IF %ERRORLEVEL% EQU 0 set version=2000
VER | findstr /i "5.1." > nul
IF %ERRORLEVEL% EQU 0 set version=XP
VER | findstr /i "5.2." > nul
IF %ERRORLEVEL% EQU 0 set version=2003
VER | findstr /i "6.0." > nul
IF %ERRORLEVEL% EQU 0 set version=Vista
VER | findstr /i "6.1." > nul
IF %ERRORLEVEL% EQU 0 set version=Win7
VER | findstr /i "6.2." > nul
IF %ERRORLEVEL% EQU 0 set version=Win8
VER | findstr /i "6.3." > nul
IF %ERRORLEVEL% EQU 0 set version=Win8
if %version%==Vista goto ok
if %version%==XP goto ok
if %version%==Win7 goto ok
if %version%==Win8 goto ok
echo %datex% %timex% FAILED -- %USERNAME% : %COMPUTERNAME% >> %LogFldr%
goto end
:OK
echo %datex% %timex% -- %USERNAME% : %COMPUTERNAME% >> %LogFldr%
accesschk -a -q SeBatchLogonRight >> %LogFldr%
if errorlevel 0 echo "---ok---" >> %LogFldr%
:end
also can use the psExec tool to run remotely on a list of computers provided you have the access rights.
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
Thanks
http://blogs.technet.com/b/secguide/archive/2008/07/21/how-to-use-accesschk-exe-for-security-compliance-management.aspx
if you want to run this on every pc, i would add it as a Logon script that echos to a log file.