Reporting Domain accounts on the local PC

[Tom Ker]

Using the query below I can report all the local accounts on a PC.

Set cUsers = oWMIService.ExecQuery("Select * from Win32_UserAccount Where
LocalAccount = True")

Can I use WMI to report all the local accounts as well as all the domain
accounts and groups that are present on a PC?

Thanks,

Tom

 

[Richard Mueller]

Using the query below I can report all the local accounts on a PC.

Set cUsers = oWMIService.ExecQuery("Select * from Win32_UserAccount Where
LocalAccount = True")

Can I use WMI to report all the local accounts as well as all the domain
accounts and groups that are present on a PC?

Hi,

There are no domain accounts or groups on the PC. However, domain users and
groups can be members of local groups. Also, when domain users logon can
leave a profile, so in a sense the PC "knows" about the domain user. Do you
want to know what domain users and groups are members of local groups?

 

[Marty List]

Using the query below I can report all the local accounts on a PC.

Set cUsers = oWMIService.ExecQuery("Select * from Win32_UserAccount Where
LocalAccount = True")

Can I use WMI to report all the local accounts as well as all the domain
accounts and groups that are present on a PC?

Thanks,

Tom

The local PC will only have local accounts and local groups, it will never have
any domain accounts or domain groups (unless you run the script from a domain
controller).

Explain what you are trying to accomplish. Are you trying to enumerate group
members?

If you're trying to enumerate domain accounts, change the "Local Account = True"
portion of your query to "Local Account = False".

 

[Tom Ker]

Thanks for the quick reply. See my longer reply to Richard for some
details.

I tried "LocalAccount = False" and got the results you stated - not what I'm
after, though.

Thanks,

Tom

 

[Tom Ker]

Thanks for the quick reply. Guess I should have thought more about what I
was writing.

Yes, I am looking for all local users that have been created and all domain
users that have been added to local groups and any domain groups that have
been added to local groups. In this instance I do not care who has logged
on in the past, so I don't care what profiles have been created in the Docs
& Settings folder.

Since that short WMI query is cleaner and seems to process the local users
faster than looping with the code below, I thought I'd give WMI a try.
(Basically, I'm trying to expand my horizons with some new techniques.) The
code below is what I'm using today to create a dictionary of all objects in
all groups and all users that were created but not associated with any
group.

------ snip ------
Set cUsers = GetObject("WinNT://" & sCompName & "")
cUsers.Filter = Array("User")
Set cGroups = GetObject("WinNT://" & sCompName & "")
cGroups.Filter = Array("Group")
Set oUserDict = CreateObject("Scripting.Dictionary")

'Build User dictionary
sName = "xxxx" : sStatus = "xxxx"
For Each oGroup in cGroups
For Each oUser in oGroup.Members
Call Get_User
If NOT oUserDict.Exists(sName) Then
oUserDict.Add sName, sStatus & "," & LCase(oGroup.Name)
Else
sGrpList = oUserDict.Item(sName)
oUserDict.Remove(sName)
oUserDict.Add sName, sGrpList & "," & LCase(oGroup.Name)
End If
Next
Next
For Each oUser in cUsers
Call Get_User
If NOT oUserDict.Exists(sName) Then oUserDict.Add sName, sStatus &
",no_group"
Next

'Get and report the user's name and status
Sub Get_User()
sUser = Right(oUser.AdsPath, Len(oUser.AdsPath) - 8) 'Remove the
"WinNT://"
aUser = Split(sUser, "/")
If UBound(aUser) = 2 Then 'UBound = 2 for Local Users
sName = UCase(sCompName) & "\" & oUser.Name
bUserDisabled = CBool(oUser.AccountDisabled)
If bUserDisabled Then
sStatus = " -- Found Disabled"
Else
sStatus = " -- Found Active"
End If
Else 'Process other users or groups
If InStr(LCase(sUser), "domainname") <> 0 Then
sName = "DOMAINNAME\" & oUser.Name
sStatus = " -- Domain ID/Group"
Else
sName = "NT AUTHORITY\" & oUser.Name
sStatus = " -- System Generated"
End If
bUserDisabled = FALSE
End If
End Sub

------ snip ------

Thanks,
Tom