operat0r_001 Posted July 22, 2009 Posted July 22, 2009 I lost this then found it on security shell so posting it here so I dont lose it. code to find admin accounts on a domain :0 requires: * domain admin * have unutils for windows installed ( just dump the exe's in \system32 ) basically it dumps net view to a file then runs a VB script to check the administrators group on each machine ! audit.bat lam-O but finished .. http://rmccurdy.com/scripts/ find_localadmin.zip Quote
Tahnka Posted July 30, 2009 Posted July 30, 2009 Thanks for the code. Here's a way to get security group info from active directory that only requires a domain user account. 1) Install Powershell (free) [http://www.microsoft.com/windowsserver2003/technologies/management/powershell/download.mspx] 2) Install PowerQuest's ActiveRoles Plugin (free) [http://www.quest.com/powershell/activeroles-server.aspx] 3) Restart 4) Launch Powershell 5) Load the ActiveRoles Plugin by executing "Add-PSSnapin Quest.ActiveRoles.ADManagement" (I just do this in my powershell profile) 6) Execute this command to see all security groups (including domain admins) in Active Directory as well as who their members are: "Get-QADGroup -GroupType Security | format-list -property ParentContainer, SamAccountName, GroupType, GroupScope, AllMembers" 6a) Or for even more of a fire hose do this "Get-QADGroup -GroupType Security | format-list -property *" Quote
operat0r_001 Posted August 13, 2009 Author Posted August 13, 2009 lam-O but finished .. http://rmccurdy.com/scripts/ find_localadmin.zip Quote
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.