January 14th, 2005, 06:49 PM
I manage about 900 machines at work. I am trying to scan my Active Directory list for accounts where the domain admin account is missing from the local admin group. By default, users joining the domain will get the domain admin account added to the local admin group. Is there a program that can scan my AD list and report back the machines that I can/can not access?
January 15th, 2005, 12:14 PM
i'm not sure if i understand correctly, but if i am, then languard networkscanner would be able to help you....
January 17th, 2005, 05:15 PM
I built a Perl script to do something like what you are looking for, although it scans IP address ranges rather than machine names but you could pipe in a list of machine names.
My need was to check the local administrator password on every PC. It logged the result to a file (re.; successfull or not).
I'm sure it could be modified to just try to either map a drive to one of the admin shares or simply try to get a directory of it. Failure could be a result of 1 of 2 things: 1) admin shares are disabled, or 2) the account you are running the Perl script as (locally logged in on box you are running it from) does not have admin rights to the PC.
If interested let me know and I'll send you the Perl script...after I clean it up a bit.