Looking for Administrative Local accounts

system · August 12, 2006, 2:47am

(imported topic written by bhattan)

Hello all,

I am hoping someone can assist me.

I am looking to find computers via BigFix that have Admin Local accounts. Currently I have the following property:

(name of it & " - " & admin privilege of it as string) of local users

Which for example may display something like:

Administrator – False

ASPNET – False

Networke – True

NeverUsed – False

Testman – True

What I am trying to find is ONLY values that evaluate to “True” and of those values, ONLY ones that do not have the name of “Networke.”

So, in the example above only “Testman – True” would be found. If no results are found then a ‘None’ would be displayed.

I am looking for this info because my organization is trying to cut out all local accts with administrative access.

Any help would be much appreciated. thanks

system · August 12, 2006, 2:49am

(imported comment written by Weylan_Wang)

If you useed QnA, you get

q: (name of it & " - " & admin privilege of it as string) of local users

A: Administrator - True

A: bigfix - True

A: Guest - False

A: HelpAssistant - False

A: IUSR - False

A: SUPPORT_388945a0 - False

I: plural string

What you want is

q: (substrings before " - True" of ((name of it & " - " & admin privilege of it as string) of local users))

A: Administrator

A: bigfix

I: plural substring

Let me know if you needed something else.

system · August 12, 2006, 2:53am

(imported comment written by SystemAdmin)

Here is a slightly more compact expression, logically the same tho:

names of local users whose (admin privilege of it)

system · August 12, 2006, 3:05am

(imported comment written by bhattan)

thank you!

that now returns:

Networke – True

Testman – True

How can i return only “Testman – True” . So pretty much it should not return “Networke – True” if found.

thanks

system · August 12, 2006, 3:09am

(imported comment written by Weylan_Wang)

You are going to have to be a little more specific here. the values you specified fit in to the criteria that you specified. What is special about Networke - True that makes it invalid? Based on the list of logic rules it should be present.

system · August 12, 2006, 3:39am

(imported comment written by bhattan)

ure right based on the logic rules it should be there. Ok thanks for all your help guys, i have got what i need

BenKus · August 12, 2006, 2:36pm

(imported comment written by BenKus)

On a related note, we commonly have a request to list the members of the local administrators group. With BES 6.0, you can use the following:

members of local group “Administrators”

For instance:

q: members of local group “Administrators”

A: FIREBIRD\Administrator

A: BIGFIX\ben_kus

system · November 27, 2006, 9:02pm

(imported comment written by jr6591)

This came back as incorrect in QnA.

Q: if exists current user then name of current user else “”

E: Singular expression refers to nonexistent object.

Q: exists current user and (name of operating system = “WinXP”)

A: True

Q: members of local groups “Administrators”

E: The operator “local groups” is not defined.

system · November 27, 2006, 9:52pm

(imported comment written by Paul_Kerpa)

JR,

Try changing those queries just a tad.

q: if exists current user then name of current user as string else “none”

A: username

OR

q: name of current user as string

A: username

q: names of local groups

A: Administrators

A: Backup Operators

A: Guests

A: Network Configuration Operators

A: Power Users

A: Remote Desktop Users

A: Replicator

A: Users

A: HelpServicesGroup

q: members of local group “Administrators”

A: Computername\membername

Paul

system · November 27, 2006, 10:17pm

(imported comment written by jr6591)

I still don’t get these working in QnA. I am using the latest QnA.

Q: if exists current user then name of current user else “”

E: Singular expression refers to nonexistent object.

Q: if exists current user then name of current user as string else “none”

E: Singular expression refers to nonexistent object.

Q: name of current user as string

E: Singular expression refers to nonexistent object.

These work okay.

Q: names of local groups

A: Administrators

A: Backup Operators

A: Guests

A: Network Configuration Operators

A: Power Users

A: Remote Desktop Users

A: Replicator

A: Users

A: HelpServicesGroup

Q: members of local group “Administrators”

A: PC Name\Administrator

A: Domain\Domain Admins

A: Domain\Other Group

system · November 27, 2006, 11:26pm

(imported comment written by Paul_Kerpa)

JR,

Can you attach a screenshot of exactly what you are putting in and the exact results for the 3 queries that are not working for you?

Also, which OS is this on, are you doing this remotely or as a local account?

Let me know and I will see what I can do.

Thanks

Paul

system · December 8, 2011, 9:13pm

(imported comment written by jr6591)

Attached is the QnA

system · November 27, 2006, 11:35pm

(imported comment written by Paul_Kerpa)

JR,

Which operating system is this being run on, and is this a terminal connection or a local account?

Let me know.

Thanks.

Paul

system · November 27, 2006, 11:56pm

(imported comment written by jr6591)

Windows xp sp2. I am doing this on my own pc. Not via terminal services.

system · November 28, 2006, 12:16am

(imported comment written by Paul_Kerpa)

JR,

A couple of things you can try.

q: number of current user

A: 1

q: name of current user = “whatever your username is”

A: true

In the previous query make sure to use the login name that you are currently logged in as.

Also, if you wouldn’t mind, can you provide me with the actual logged on user name, there is a possibility that it has characters that QNA does not recognize.

Let me know.

Thanks

Paul

system · November 28, 2006, 1:07am

(imported comment written by jr6591)

Q: number of current user

A: 1

Q: name of current user = “AdminRiggijo”

E: Singular expression refers to nonexistent object

My username is AdminRiggiJo.

But why are these failing?

Q: if exists current user then name of current user else “”

E: Singular expression refers to nonexistent object.

Q: if exists current user then name of current user as string else “none”

E: Singular expression refers to nonexistent object.

Q: name of current user as string

E: Singular expression refers to nonexistent object.

system · November 28, 2006, 1:39am

(imported comment written by Paul_Kerpa)

JR,

At this point I am not sure why the queries are not evaluation properly, they are correctly written.

What I would like to do is set up a Webex with you on the matter so we can look more in depth on this.

Please give technical support a call so I can schedule a Webex with you at your convenience and we can go over this together.

Paul Kerpa

system · November 28, 2006, 2:19am

(imported comment written by jr6591)

Thanks Paul. One more thing.

I just re-ran all those QnA’s on my 2nd PC. Different results.

PC#1 (logged on as a user with Admin rights)

Q: if exists current user then name of current user as string else “none”

E: Singular expression refers to nonexistent object.

Q: name of current user as string

E: Singular expression refers to nonexistent object.

Q: if exists current user then name of current user else “”

E: Singular expression refers to nonexistent object.

PC # 2 (logged on as a user without admin rights)

Q: if exists current user then name of current user as string else “none”

A: riggijo

Q: name of current user as string

A: riggijo

Q: if exists current user then name of current user else “”

A: riggijo

I am using the latest QnA. Is there a bug in QnA?

BenKus · November 28, 2006, 10:03am

(imported comment written by BenKus)

Hey jr,

I think you QnA is broken on that particular computer… I am not exactly sure how it could be broken but can you delete the QNA and re-download it and try again?

Ben

system · November 28, 2006, 3:51pm

(imported comment written by jr6591)

Thanks Ben. I reinstalled and it works okay now. Thanks Paul for all you’re help.