Script to remotely list Windows local administrator group membership

The following script can be run against remote Windows machines, and will enumerate the contents of the remote server’s local administrators group.

It requires Sysinternals PSExec utility, and must be run with administrative credentials.  Set the four paths to the correct locations for your workstation.

REM set path to PSexec on machine the script is being run from
Set PSExecDir=c:\pstools

REM Set file that contains the list of all your remote machines
Set InputFile=C:\servers.txt

REM Set path to file where administrator group membership is logged
Set OutputFile=C:\localadmins.txt

REM set path to error log file
Set ErrorFile=C:\errors.txt

for /f %%a in (%InputFile%) do (

echo *** Checking Server %%a *** >> %OutputFile%

%PSExecDir%\psexec \\%%a net localgroup administrators >> %OutputFile%

IF ERRORLEVEL 1 (echo Problem with obtaining local administrators on %%a >> %ErrorFile%)