I hope some of you can offer suggestions to help me with something. I am trying to write either a property or something that will tell me what accounts are members of the local administrators group for my Windows computers, and I did see this forum entry: http://forum.bigfix.com/viewtopic.php?id=2334
However, the second part of my question is how I can better understand the relevance language described in that post, because for the life of me, unless it is a very simple statement, I find myself continually getting confused when trying to decipher the result I should get.
Can someone out there recommend to me how I would a) solve my dilemma in trying to list the members of the local administrators group and b) point me in the best direction for learning more about the relevance language?
To get the users of the admin group, you can do something like this:
q: members of local group "administrators"
A: QUETZAL\Administrator
A: QUETZAL\Technical Services
A: BIGFIX\Domain Admins
A: BIGFIX\ben_kus
Most people learn relevance either by playing with examples or by taking our 2-day “Solutions Development” training, which we offer in both public and private settings. See http://www.bigfix.com/products/services/training.php for more information.
Thanks for the relevance statement you provided. I am interested in doing the training, but was hoping you would have something in the DC area. The website indicates that your training is done in Washington, DC, but there is nothing listed for classes in that area. Any thoughts on if that will change in the near future?
Also, you posted a topic a few months back about having a conference – is that going to happen?
The conference is still tentatively planned for 2009 and we will have more details as they are available.
I am not sure when we will have our next DC training, but we are soon going to be launching some virtual training and maybe that will be a good option for you.
Thanks Ben! In the meantime I have downloaded and printed out three PDF files from your site. They are the BigFix Training Guide for Writing BES Custom Content, the BigFix Windows Inspector Library, and the BigFix Windows Shell Action Command Library. They appear a little dated, but they have also given me a lot of insight in using the relevance debugger and I have been able to learn some that way, so it’s a start! Every day I learn something new I realize that I have learned perhaps a drop in the bucket of everything that there is to offer!
Does anyone have the relevance handy to enumerate the nested members of the local administrators group? For example, if BIGFIX\Domain Admins is a nested group within “Administrators”, can we use relevance to enumerate the members of “BIGFIX\Domain Admins”?
I don’t believe we have domain group inspectors because that information is stored locally on your domain servers and for the agent to query it, I think it would have to query your domain server, which might drive lots of unnecessary load…
It might be possible to use WMI for this, but I am not sure how to do it (and I would be worried about the load).
I’d like to try to use WMI to get this information about the members of a Domain Group that is nested under local Administrators group. (We’re gonna run it at night to reduce impact to production server use). My problem is, I cannot get at the WMI that lists the members of the group. I’m a novice at WMI relevance.
I’ve attached a picture of the WMI I’m trying to get to. I want to return the list of “Names” under Win32_UserAccount that is under Win32_Group.Domain. Can you help?