Remove admin rights from local users

Collapse
X
Collapse
 
  • Page of 1
  • Time
  • Show
Clear All
new posts
Previous template Next
  • maxamis4
    Recognized Expert Contributor
    • Jan 2007
    • 295
    #1

    Remove admin rights from local users

    THIS IS A VBSCRIPT (.VBS)


    Below is code that i created. The connection to the dB works perfect. I have tested it with insert statements and it has been established.

    Code:
    Set Conn = CreateObject("ADODB.Connection")

Set cmd = CreateObject("ADODB.Command")

Set rs = CreateObject("ADODB.Recordset")

Conn.Open "Provider=sqloledb;" & _
           "Data Source=" & MyDBServer & ";" & _
           "Initial Catalog=" & myDB & ";" & _
           "User Id=" & myDB_User & ";" & _
           "Password=" & myDB_pwd & ""



' group name to remove user from
Set oGroupAdm = GetObject("WinNT://" & strComputer & "/Administrators")

' loop through all members of the Administrators group
For Each oAdmGrpUser In oGroupAdm.Members

	' get the name and make it lowercase
	sAdmGrpUser = LCase(oAdmGrpUser.Name)
	
	' Leave administrator and Domain Admins alone
	' use lowercase letters in the names in the If statement!
	If (sAdmGrpUser <> "administrator") And (sAdmGrpUser <> "domain admins") Then
	
		WScript.Echo sAdmGrpUser

		
		rSql = "SELECT dbo.tbl_Access_List.SAM_Account, dbo.tbl_Assets.Comp_Name, dbo.tbl_Activity_log.exDate" _
		& " FROM dbo.tbl_Access_List RIGHT OUTER JOIN" _
        & " dbo.tbl_Activity_log ON dbo.tbl_Access_List.UID = dbo.tbl_Activity_log.UID LEFT OUTER JOIN" _
        & " dbo.tbl_Assets ON dbo.tbl_Activity_log.SUID = dbo.tbl_Assets.AID" _
		& " WHERE(dbo.tbl_Activity_log.active = 1) AND (dbo.tbl_Access_List.SAM_Account = '" & sAdmGrpUser & "') AND (dbo.tbl_Assets.Comp_Name = '" & strComputer & "')"
    My issue is that my connection is not retrieving any records from my database source. Every time I try to use the connection above I get no error but, in the same sense I return no values. I have validated the query and it works inside the database. I need to figure out why it will not read the database any ideas based on the code?


    Code:
    rs.Open rSql, Conn, adOpenStatic, adLockOptimistic
		
rs.MoveFirst
		
				
While Not rs.EOF

	WScript.Echo objrs.Fields.Item(1).Value
	
	' remove users from Administrators group
	'oGroupAdm.Remove oAdmGrpUser.ADsPath
			
	rs.MoveNext
			
Wend

End if
Next
    Tags: vbs, vbscript
    • maxamis4
      Recognized Expert Contributor
      • Jan 2007
      • 295
      #2
      Okay for everyone out there I figured it out.

      ADODE connection could not be reset once it was opened and since I had turned off error handling this caused me not to see an issue. What I kept trying to do was reopen an already opened ADOBE connection source. Once I closed it on every loop I was able to query the data source correctly. So here what connects to an MS SQL Database and reads MS SQL records using a different query and establishing a new ADODBE connection for every value we are search for:
      Code:
      ' group name to remove user from

Set oGroupAdm = GetObject("WinNT://" & strComputer & "/Administrators")

' loop through all members of the Administrators group

For Each oAdmGrpUser In oGroupAdm.Members

' get the name and make it lowercase

sAdmGrpUser = LCase(oAdmGrpUser.Name)

strname = oAdmGrpUser.Name

rSql = "SELECT dbo.tbl_Access_List.SAM_Account, dbo.tbl_Assets.Comp_Name, dbo.tbl_Activity_log.exDate" _
& " FROM dbo.tbl_Access_List RIGHT OUTER JOIN" _
& " dbo.tbl_Activity_log ON dbo.tbl_Access_List.UID = dbo.tbl_Activity_log.UID LEFT OUTER JOIN" _
& " dbo.tbl_Assets ON dbo.tbl_Activity_log.SUID = dbo.tbl_Assets.AID" _
& " WHERE (dbo.tbl_Activity_log.active = 1) AND (dbo.tbl_Assets.Comp_Name = '" & strComputer & "') AND (dbo.tbl_Access_List.SAM_Account = '" & strname & "')"

 dbrs.Open rSql,Conn,3,3

' Leave administrator and Domain Admins alone

' use lowercase letters in the names in the If statement!
If (sAdmGrpUser <> "administrator") And (sAdmGrpUser <> "domain admins") And (InStr(1,strname,"L-")=0) Then
While Not dbrs.EOF
 
WScript.Echo dbrs.Fields.Item(0).Value
' remove users from Administrators group
'oGroupAdm.Remove oAdmGrpUser.ADsPath

dbrs.MoveNext

Wend

End If
 
dbrs.Close
Next
      Please note if your a newbie you will have declare your variables and your recordsets.

        Comment

        Previous template Next
        Working...