Help with Sets - Lock Down of Administrators Group

(imported topic written by SystemAdmin)

I am trying to create some code for local Administrator group lock down. I can’t seem to get this work properly. Can I built a “string set” of data from relevance (see the first set) and subtract that by a literal “string set”. I can take the output of the set with the relevance in it, and if I use the literal data, it works. I can’t get it to work with the relevance creating the first set dynamically.

elements of (set of (("%22" & it & “%22”) of concatenation “%22;%22” of unique values of (members of local group “Administrators” as string as uppercase))

set of (“DOMAIN\USERNAME”;“MACHINENAME\USERNAME”)

)

(imported comment written by MattBoyd)

Hey Kevin,

Maybe I’m misunderstanding what you’re trying to do, but this works fine for me:

elements of ( set of ( unique values of (members of local group "Administrators" as string as uppercase))
-
set of ("MACHINE\USERNAME";"DOMAIN\USERNAME")
)

It seems to return a list of users that are in the administrators group, but are not in the second set (“MACHINE\USERNAME”;“DOMAIN\USERNAME”)

(imported comment written by SystemAdmin)

Hello Boyd,

Thank you for your input. So, I am under the assumption that set data needs to be presented as (“data1”;“data2”;“data3”)… Which is why I had the following (("%22" & it & “%22”) of concatenation “%22;%22” around my results of the administrator group lookup. Is that not the case?

(imported comment written by SystemAdmin)

Essentially, I am trying to get this statement below to work. I want the Bigfix operator to be able to copy and paste a list of administrators that should be on systems. I do not want them to format the data. There will be relevance to make sure the local Administrators group is exactly this list. If not, members not on the list will be removed and missing members will be added. I have all of the other code working, but need to get this set data correct.

elements of (set of (("%22" & it & “%22”) of concatenation “%22;%22” of unique values of (members of local group “Administrators” as string as uppercase))

set of

((if (it ends with “;%22”) then (preceding text of last “;” of it) else (it)) of

(if (it starts with “%22;”) then (following text of first “;” of it) else (it)) of

concatenation “%22;%22” of

substrings separated by “%0d” of

unique values of ("

DOMAIN\USERNAME1

DOMAIN\USERNAME2

" as string as uppercase)))

(imported comment written by MattBoyd)

Ok, again, I’m not absolutely positive that this is exactly what you want, but here’s my best shot:

  1. This is the relevance that will make the task applicable if the local administrators set does not match the set that the user entered. I don’t think you need to worry about surrounding everything with quotes…

    ( set of ( members of local group
    "Administrators" as string as uppercase ) = ( set of substrings separated by
    "%0d%0a" of (
    " DOMAIN\USER1 DOMAIN\USER2 DOMAIN\USER3
    " as string as uppercase ) ) - set of (
    "") )

  2. Here’s relevance to return a list of users that are NOT in the local administrators group, but should be:

    elements of ( ( set of substrings separated by
    "%0d%0a" of (
    " DOMAIN\USER1 DOMAIN\USER2 DOMAIN\USER3
    " as string as uppercase ) ) - set of (
    "" ) - set of ( members of local group
    "Administrators" as string as uppercase ) )

  3. Here’s relevance to return a list of local administrators that should be removed:

    elements of intersection of( set of ( members of local group
    "Administrators" as string as uppercase ) - ( set of substrings separated by
    "%0d%0a" of (
    " DOMAIN\USER1 DOMAIN\USER2 DOMAIN\USER3
    " as string as uppercase ) ) - set of (
    "") )

I’m not quite sure how you want the result of #2 and #3 to be formatted, but that should be easy to change.

(imported comment written by SystemAdmin)

Awesome, thank you… This was a tricky one!

(imported comment written by MattBoyd)

Yes, but you did most of the work! I hadn’t thought of using sets for this, so thanks for the idea :slight_smile: