Reporte de usuarios Administradores en active directory

Buenas tardes cordial saludo:

Como puedo generar un reporte de usuarios que esten catalogados como administradores en el AD?

Gracias por la ayuda.
1 Respuesta

Puedes abrir el Grupo Domain Admins o Server Operators y te daras cuenta.


Si lo que buscas es cuales son administradores de sus propios equipos, tienes que correr un script como este y dejarlo correr, rellenar a mano las IP o Netbios / FQDN (nombre de las PCs) que quieres escanee.

' *******************************************************************************************************
' *                                                                                                     *
' *  Script name: ListLocalAdmin1.0.vbs                                                           *
' *  Description:  Lists all members of local administrators group of computers located in list    *
' *                                                                                                     *
' *  Author:        Konráð Hall                                                           *
' *                                                                                                     *
' *  Platforms/Req:     Windows 2000 or newer                                                           *
' *                                                                                                     *
' *******************************************************************************************************
Set objFSO    =   CreateObject("Scripting.FileSystemObject")
Set objDictionary   =   CreateObject("Scripting.Dictionary")
Set objNetwork    =   CreateObject("Wscript.Network")

strLogFolder   =   "c:\Logs"
strInputfile    =   "C:\Logs\Comp.txt"
strLogfile    =   "c:\Logs\listlocaladmin"&date()&".log"
strComputer    =   objNetwork.ComputerName
Const ForReading   =   1

On Error Resume Next

If ReportFileStatus(strInputfile)="False" Then
Wscript.Echo "Input file not found"
End If

If ReportFolderStatus(strLogFolder) = False Then
End If

If ReportFileStatus(strLogfile)="False" Then
Set logs = objFso.CreateTextFile(strLogfile)
End If 

Set objTextFile = objFSO.OpenTextFile (strInputFile, ForReading)
i = 0

Do Until objTextFile.AtEndOfStream
strNextLine = objTextFile.Readline
If Not Left(strNextLine, 1) = "#" Then
      objDictionary.Add i, strNextLine
      i = i + 1
End If

For Each objItem in objDictionary
StrComputerName = objDictionary.Item(objItem)
If DeadOrAlive(StrComputerName) = "True" Then
  Set objGroup = GetObject("WinNT://" & StrComputerName & "/Administrators,group")
  For Each objUser in objGroup.Members
   members = members & ";" & objUser.Name
  Set logs = objFso.OpenTextFile(strLogfile, 8)
  logs.writeline(" "& now() & ";"& "Alive;" & StrComputerName & members)
  members = " "
  Set logs = objFso.OpenTextFile(strLogfile, 8)
  logs.writeline(" "& now() & ";"& "Dead;" & strComputerName)
End If

'***     Check if log file exists

Function ReportFileStatus(filespec)
Dim fso, msg
Set objfso = CreateObject("Scripting.FileSystemObject")
If (objfso.FileExists(filespec)) Then
  ReportFileStatus = True
   Exit Function
   ReportFileStatus = False
   Exit Function
End If
End Function

'***     Check if computer is alive
Function DeadOrAlive(ComputerName)
Set objShell = CreateObject("Wscript.Shell")
Set objScriptExec = objShell.Exec("ping -n 2 -w 1000 " & ComputerName)
If InStr(objScriptExec.StdOut.ReadAll, "Reply") > 0 Then
  DeadOrAlive = True
  DeadOrAlive = False
End If
End Function

'Function wich returns either true or False
Function ReportFolderStatus(folderspec)
Dim fso
Set fso = CreateObject("Scripting.FileSystemObject")
If (fso.FolderExists(folderspec)) Then
ReportFolderStatus = True
Exit Function
ReportFolderStatus = False
Exit Function
End If
End Function
