Script to remotely list Windows local administrator group membership


The following script can be run against remote Windows machines, and will enumerate the contents of the remote server’s local administrators group.

It requires Sysinternals PSExec utility, and must be run with administrative credentials.  Set the four paths to the correct locations for your workstation.

REM set path to PSexec on machine the script is being run from
Set PSExecDir=c:\pstools

REM Set file that contains the list of all your remote machines
Set InputFile=C:\servers.txt

REM Set path to file where administrator group membership is logged
Set OutputFile=C:\localadmins.txt

REM set path to error log file
Set ErrorFile=C:\errors.txt

for /f %%a in (%InputFile%) do (

echo *** Checking Server %%a *** >> %OutputFile%

%PSExecDir%\psexec \\%%a net localgroup administrators >> %OutputFile%

IF ERRORLEVEL 1 (echo Problem with obtaining local administrators on %%a >> %ErrorFile%)
)

One Response to “Script to remotely list Windows local administrator group membership”

  1. Bob Says:

    I’m trying to run your windows local administrator script as follows:-
    REM set path to PSexec on machine the script is being run from
    Set PSExecDir=”c:\\SysInternals\\PsTools”
    REM Set file that contains the list of all your remote machines
    Set InputFile=”C:\\SysInternals\\computers.txt”
    REM Set path to file where administrator group membership is logged
    Set OutputFile=”C:\\SysInternals\\localadmins.txt”
    REM set path to error log file
    Set ErrorFile=”C:\\SysInternals\\errors.txt”
    for/F %aa in (%InputFile%) do (
    echo *** Checking Server “%aa” *** >> %OutputFile%
    %PSExecDir%\psexec \\%%’ net localgroup administrators >> %OutputFile%
    IF ERRORLEVEL 1 (echo Problem with obtaining local administrators on %%a >> %ErrorFile%)
    )
    But the script fails to compile at line 9 char 5 which is the for loop. The error is “Expected Identifier”.

    I’m no scripting expert any help you can give will be appreciated!

    Bob


Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

%d bloggers like this: