1
I know how to fetch a list of local administrators on a remote machine via WMI:
wmic /Node:"ComputerName" path win32_groupuser where (groupcomponent="win32_group.name=\"administrators\",domain=\"Computername\"")
This will return users and groups:
GroupComponent PartComponent
win32_group.domain="Computername",name="administrators" \\Computername\root\cimv2:Win32_UserAccount.Domain="Computername",Name="Administrator"
win32_group.domain="Computername",name="administrators" \\Computername\root\cimv2:Win32_Group.Domain="MYDOMAIN",Name="Domain Admins"
win32_group.domain="Computername",name="administrators" \\Computername\root\cimv2:Win32_Group.Domain="MYDOMAIN",Name="SomeOtherGroup"
win32_group.domain="Computername",name="administrators" \\Computername\root\cimv2:Win32_UserAccount.Domain="MYDOMAIN",Name="MyUser"
However, if a user is a member of SomeOtherGroup above, I need to know that he is a member - and therefore a local admin. So, I need to expand (likely recursively) all group members.
Is there a WMI query that can self-join on win32_group, expanding all usernames of all groups that are local admins?
Mark Richman
Posted 2017-07-10T15:13:56.207
Reputation: 252
I don't believe there is, so you probably need to enumerate the members of the groups found in the first search, and then join the results yourself. But someone else may have a different idea. – Ƭᴇcʜιᴇ007 – 2017-07-10T15:23:32.800
1Yeah, I'm pessimistic myself. All I really want is
bool IsUserLocalAdmin(string username)LOL – Mark Richman – 2017-07-10T15:27:16.080