Click here to Skip to main content
Click here to Skip to main content

List Local Admins recursively

, 5 Mar 2013
Rate this:
Please Sign up or sign in to vote.
A small tool listing Administrators group members recursively using the ActiveDS library.

Introduction   

In Windows Domains, the groups can be nested. I wondered if I could list members of local Administrators group recursively to get full list of local administrators. I've found some non recursive code in VB and PowerShell, but in C++ things appear slightly differently due to C++/COM idioms and recursive traversing was the main target.

Using the code   

Download the zip, open in Visual Studio 2012, or in previous studio create new Console Application with ATL support and CutAndPaste the content of ListAdmins.cpp into main module file.  I think the code is pretty easy to understand. The compiled tool will list local admins into stdout.  The project is using WinXP toolset, so Update to VS2012 must be installed. 

The first example lists local administrators where "Everyone" is member of "Administrators": 

0 User Administrator WinNT://WORKGROUP/JAN-PC/Administrator
0 Group Everyone WinNT://Everyone
Cannot get WinNT://Everyone.
- Not enough priviledges? Not logged to domain? Well known object?  -2147467262
0 User UserTest0 WinNT://WORKGROUP/JAN-PC/UserTest0
0 User jmach WinNT://WORKGROUP/JAN-PC/jmach

Where we can see, that members of well known group Everyone cannot be enumerated. It's also a tip for future improvement to handle this situation by comparing SID of object with SIDs of well known objects.  

And here is example of really recursive traversing of  members of "Administrators" of computer joined to domain "QA":  

0 User Administrator WinNT://QA/JAM-VIRT-XP/Administrator
0 User jam WinNT://QA/JAM-VIRT-XP/jam
0 Group Domain Admins WinNT://QA/Domain Admins
1 User Administrator WinNT://QA/Administrator
1 User admin_privileges WinNT://QA/admin_privileges 
  

History     

Nothing so far.

License

This article, along with any associated source code and files, is licensed under The Code Project Open License (CPOL)

Share

About the Author

jan.mach71
Software Developer (Senior) Nexthink
Switzerland Switzerland
Please have a look at http://cz.linkedin.com/pub/jan-mach/22/6b1/815/
Follow on   Twitter   Google+

Comments and Discussions

 
-- There are no messages in this forum --
| Advertise | Privacy | Mobile
Web02 | 2.8.140814.1 | Last Updated 5 Mar 2013
Article Copyright 2013 by jan.mach71
Everything else Copyright © CodeProject, 1999-2014
Terms of Service
Layout: fixed | fluid