Tech Thoughts

A cloud, PowerShell, server, hardware, technology, and more tech thoughts blog

VB.NET get list of local administrators

Using VB.NET get list of local administrators

This post will cover how to use VB.net to get a list of local administrators from a device.

If you’re like me, you’ve already searched around and discovered that getting a list of the local admins is a little trickier than you first thought.

My approach utilizes the net command to generate a text file log of all users that are members of the local administrators group.

Dealing with IO and error handling for writing/reading to the drive does complicate the procedure a bit, but I’ve found that this process works on every device I’ve tested it on.  (XP, Vista, 7, 8, Embedded OS’s)

The general concept is as follows:

  • Create a few variables of users you would like to ensure are members of the local admins group
  • Shell the net command to generate a text file log of all users that are members of the local administrators group
  • Search through the log file to see if your users are inside
  • Return a status indicating whether all users are found or not

I have no doubt there is a better way to accomplish this, so feel free to share it in the comments below.

Get a list of users who are in the Local Administrator group:

'################################################################################
'runs check to see if correct Local Group Administrators are on the device
'note we will be passing the status back to another Sub via the ByRef hasLocalAdmins
Public Sub checkLocalAdmins(ByRef hasLocalAdmins)
'create boolean variables for each Administrator or Admin group you want to check
Dim firstAdmin As Boolean = False 'domain\LocalAdmin1
Dim secondAdmin As Boolean = False 'domain\LocalAdmin2
Dim thirdAdmin As Boolean = False 'LocalAdmin3

'try catch to ensure good error control
Try
'********************************************************************
'we have to write out a text file for this to work, so here we go...
'lets check to ensure that the C:\Stuff folder exists, if not, make it
If (Not System.IO.Directory.Exists("C:\Stuff\")) Then
System.IO.Directory.CreateDirectory("C:\Stuff\")
End If
'lets check if we've created an admin log file before, if we did, delete it
If File.Exists("C:\Stuff\admins.txt") Then
File.Delete("C:\Stuff\admins.txt")
End If
'********************************************************************
'lets create the text file with a list of local admins
Shell("cmd.exe /c net localgroup administrators > C:\Stuff\admins.txt", vbHide, True)
'********************************************************************
'now lets loop through that text file to find the admins we're looking for
'we start by reading all lines of the text file we just created
For Each line As String In IO.File.ReadAllLines("C:\Stuff\admins.txt")
'if any line of the text file contains the name we're looking for, return true
If line.Contains("LocalAdmin1") Then
firstAdmin = True
End If
If line.Contains("LocalAdmin2") Then
secondAdmin = True
End If
If line.Contains("LocalAdmin3") Then
thirdAdmin = True
End If
Next
'********************************************************************
'return a number which indicates the status of the results
'if all admins are found, then, return 1
If firstAdmin = True And secondAdmin = True And thirdAdmin = True Then
hasLocalAdmins = 1 'all admins found
Else
'if not, return 2
hasLocalAdmins = 2 'all admins not found
End If
Catch ex As Exception
'if something went wrong, return 0
hasLocalAdmins = 0 'couldn't determine results
End Try
'return the results of our findings
Return
End Sub
'################################################################################

Tags:

Leave a Reply

Your email address will not be published. Required fields are marked *