I got email from client that they needs to find out users that have local administration rights on machine
The customer is using SCCM 2007 infrastructre also in the enviornment , so I researched on internet weather it is possible to do this via SCCM.
Yes, its possible… I found from some forum that its possible by modifying sms_def.mof file & running vb script on client side using packaging.
Here are the steps:
1. Edit inboxes\clifiles.src\hinv\sms_def.mof. At the very bottom, add these lines.
[ SMS_Report (TRUE),SMS_Group_Name (“LocalAdmins”),SMS_Class_ID (“MICROSOFT|LocalAdmins|1.0”)]
class Win32_LocalAdmins : SMS_Class_Template
{
[SMS_Report(TRUE), key] string AccountName;
[SMS_Report(TRUE), key] string GroupName;
};
2. Run this Vb script on client end using packaging
On Error Resume Next '1 Create temporary .mof file in Temp folder '2 mofcomp the created .mof file 'Kudos to Mike Seely-->http://www.myitforum.com/forums/Local_Admins_MOF/m_179546/tm.htm 'and of course Ward Lange, and report structure from Gavin Ross & Claudio Dhondt--> 'http://www.myitforum.com/forums/m_149305/tm.htm#149662 '6/8/08 Sherry Kissinger Set fso = CreateObject("Scripting.FileSystemObject") Set nwo = CreateObject("Wscript.Network") Set sho = CreateObject("Wscript.Shell") TempFolder = sho.ExpandEnvironmentStrings("%temp%") strWindir = sho.ExpandEnvironmentStrings("%windir%") Set f1 = fso.CreateTextFile(TempFolder & "\SMSLocalAdmin.mof",True) f1.WriteLine("#pragma namespace ("&Chr(34)&"\\\\.\\root\\cimv2"&chr(34)&")") f1.WriteLine("[union, ViewSources{"&chr(34)&"Select * from Win32_GroupUser where " &_ "GroupComponent=\"&chr(34)&"Win32_Group.Domain='"&nwo.ComputerName&_ "',Name='Administrators'\"&Chr(34)&Chr(34)&_ "},ViewSpaces{"&Chr(34)&"\\\\.\\root\\CIMV2"&Chr(34)&"}, Dynamic : ToInstance, provider("&_ Chr(34)&"MS_VIEW_INSTANCE_PROVIDER"&CHR(34)&")]") f1.WriteLine("class Win32_LocalAdmins") f1.WriteLine("{") f1.WriteLine("[PropertySources("&chr(34)&"PartComponent"&chr(34)&"), key] Win32_Account ref AccountName;") f1.WriteLine("[PropertySources("&chr(34)&"GroupComponent"&chr(34)&"), key] Win32_Group ref GroupName;") f1.WriteLine("};") f1.Close sho.Run strWindir & "\system32\wbem\mofcomp " & TempFolder & "\SMSLocalAdmin.mof",0,True Set f1 = fso.getFile(TempFolder & "\smslocaladmin.mof") f1.Delete wscript.quit 3. You can create a seprate collection if required select SMS_R_SYSTEM.ResourceID from SMS_R_System where SMS_R_System.ResourceId not in (select SMS_R_System.ResourceId from SMS_R_System inner join SMS_G_System_LOCALADMINS on SMS_G_System_LOCALADMINS.ResourceID = SMS_R_System.ResourceId where SMS_G_System_LOCALADMINS.AccountName is not null) 4. Create a report with follwing sql commands select distinct Name0 as 'Computer Name', substring(AccountName0,charindex('Domain=',Accountname0)+8,(charindex('Name=',Accountname0)-charindex('Domain=',Accountname0)-10)) as 'Domain Name', substring(AccountName0,len(AccountName0)-charindex('"',reverse(AccountName0),2)+2,charindex('"',reverse(AccountName0),2)-2) as 'User Name' from v_GS_SYSTEM INNER JOIN v_GS_LocalAdmins ON v_GS_SYSTEM.ResourceID = v_GS_LocalAdmins.ResourceID where (AccountName0 not like '%Administrator%' AND AccountName0 not like '%Domain Admins%') After you run this report you will get the local administration report in proper format. Thanks to the scripting guy who created it..
After study just a few of the weblog posts in your website now, and I truly like your way of blogging. I bookmarked it to my bookmark website listing and will probably be checking again soon. Pls check out my web site as effectively and let me know what you think.
After I initially commented I clicked the -Notify me when new feedback are added- checkbox and now every time a comment is added I get four emails with the identical comment. Is there any approach you’ll be able to remove me from that service? Thanks!
I’ve been following your blog since you started. You have made amazing progress. This site is an inspiration for all pursuing a long transition versus the big chop.
– Rob