The only item to configure is the arrRealAdmins array of strings, where you may put in a list of user names that you do not wish to show in the report. The example already include two common administrator names that should be valid, “Administrator” and “Domain Administrators”.
Note that the sample code below outputs the invalid local administrator group members in a msgbox() pop-up box. You may wish to substitute this output method with something that may be more useful to you, such as outputting them to a report, write into a database, send email, etc.
'''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''
' List local admin users '
' '
' Description: Finds a list of local admin users on a Windows '
' machine '
' Author: C. Peter Chen, http://dev-notes.com '
' Version Tracker: '
' 1.0 20081021 Base version '
'''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''
option explicit
dim arrRealAdmins
'''''''''''''''''
' Configuration '
'''''''''''''''''
arrRealAdmins = Array("Administrator","Domain Admins") ' List of users that *are* supposed to be administrators; we'll ignore these people later
'''''''''''''''''''''
' End configuration '
'''''''''''''''''''''
dim adminGroup, groupMember, ret
function isPermitedAdmin(MemberName)
dim i
for i = lbound(arrRealAdmins) to ubound(arrRealAdmins)
if ucase(MemberName) = ucase(arrRealAdmins(i)) then
isPermitedAdmin = true
exit function
end if
next
isPermitedAdmin = false
end function
set adminGroup = getObject("WinNT://./Administrators, group")
for each groupMember in adminGroup.members
if not isPermitedAdmin(groupMember.name) then
ret = ret & groupMember.name & ","
end if
next
if ret = "" then
msgbox("No invalid local administrators found.")
else
ret = mid(ret, 1, len(ret)-1) ' To get rid of the last comma
msgbox("The following users are in the local admin group: " & vbcrlf & ret)
end if