WMI Tasks: Accounts and Domains (Windows)

Switch View :

WMI Tasks: Accounts and Domains

Account and domain administrative tasks obtain information such as the computer domain or the currently logged-on user. Many of these tasks are best performed with ADSI scripts. For more information and other examples, see the TechNet ScriptCenter Script Repository.

The script examples shown in this topic obtain data only from the local computer. For more information about how to use the script to obtain data from remote computers, see Connecting to WMI on a Remote Computer.

The following procedure describes how to run a script.

Aa394586.wedge(en-us,VS.85).gif To run a script

Copy the code and save it in a file with a .vbs extension. Ensure that your text editor does not add a .txt extension to the file.
Open a command prompt window and navigate to the directory where you saved the file.
Type cscript scriptfile.vbs at the command prompt.

Note By default, cscript displays the output of a script in the command prompt window. Because WMI scripts can produce large amounts of output, you might want to redirect the output to a file. Type cscript scriptfile.vbs > outfile.txt at the command prompt to redirect the output of the filename.vbs script to outfile.txt.

The following table lists script examples that can be used to obtain various types of data from the local computer.

How do I...	WMI classes or methods
...determine the domain in which a computer belongs?	Use the Win32_ComputerSystem class and check the value of the Domain property. You can also use the DNSDomain property in Win32_NetworkAdapterConfiguration. `strComputer = "." Set objWMIService = GetObject("winmgmts:" _ & "{impersonationLevel=impersonate}!\\" _ & strComputer & "\root\cimv2") Set colSettings = objWMIService.ExecQuery _ ("Select * from Win32_ComputerSystem") For Each objComputer in colSettings Wscript.Echo "System Name: " & objComputer.Name Wscript.Echo "Domain: " & objComputer.Domain Next`
...determine whether a computer is a server or a workstation?	Use the Win32_ComputerSystem class and the DomainRole property. strComputer = "." Set objWMIService = GetObject("winmgmts:" _ & "{impersonationLevel=impersonate}!\\" _ & strComputer & "\root\cimv2") Set colComputers = objWMIService.ExecQuery _ ("Select DomainRole from Win32_ComputerSystem") For Each objComputer in colComputers Select Case objComputer.DomainRole Case 0 strComputerRole = "Standalone Workstation" Case 1 strComputerRole = "Member Workstation" Case 2 strComputerRole = "Standalone Server" Case 3 strComputerRole = "Member Server" Case 4 strComputerRole = "Backup Domain Controller" Case 5 strComputerRole = "Primary Domain Controller" End Select Wscript.Echo strComputerRole Next
...determine the computer name?	Use the Win32_ComputerSystem class and the Name property. You can also use the DNSHostName property in Win32_NetworkAdapterConfiguration. `strComputer = "." Set objWMIService = GetObject("winmgmts:" _ & "{impersonationLevel=impersonate}!\\" _ & strComputer & "\root\cimv2") Set colItems = objWMIService.ExecQuery _ ("Select * from Win32_ComputerSystem") For Each objItem in colItems Wscript.Echo "Computer Name: " & objItem.Name Next`
...find the name of the person currently logged on to a computer?	Use the Win32_ComputerSystem class and the UserName property. `strComputer = "." Set objWMIService = GetObject("winmgmts:" _ & "{impersonationLevel=impersonate}!\\" _ & strComputer & "\root\cimv2") Set colComputer = objWMIService.ExecQuery _ ("Select * from Win32_ComputerSystem") For Each objComputer in colComputer Wscript.Echo "User Name = " & objComputer.UserName _ & VBNewLine & "Computer Name = " & objComputer.Name WScript.Echo objComputer.UserName Next`
...rename a computer?	Use the Win32_ComputerSystem class, and the Rename method. Windows 2000: Rename is not available. `strComputer = "." Set objWMIService = GetObject("winmgmts:" _ & "{impersonationLevel=impersonate}!\\" _ & strComputer & "\root\cimv2") Set colComputers = objWMIService.ExecQuery _ ("Select * from Win32_ComputerSystem") For Each objComputer in colComputers errReturn = ObjComputer.Rename("NewName") WScript.Echo "Computer name is now " & objComputer.Name Next`
...retrieve only local groups using WMI?	Use the Win32_Group class and include the following WHERE clause in your WQL query. `Where LocalAccount = True` Windows 2000: The LocalAccount property is not available. `strComputer = "." Set objWMIService = GetObject( _ "winmgmts:\\" & strComputer & "\root\cimv2") Set colItems = objWMIService.ExecQuery _ ("Select * from Win32_Group Where LocalAccount = True") For Each objItem in colItems Wscript.Echo "Local Account: " & objItem.LocalAccount & VBNewLine _ & "Name: " & objItem.Name & VBNewLine _ & "SID: " & objItem.SID & VBNewLine _ & "SID Type: " & objItem.SIDType & VBNewLine _ & "Status: " & objItem.Status & VBNewLine Next`

# Get-DomainRole.ps1  
# Gets system's domain role using PowerShell
# Sample 2 from http://msdn.microsoft.com/en-us/library/aa394586
# Thomas Lee - tfl@psp.co.uk

# Get Computer info
$Computer = Get-WmiObject - Class Win32_ComputerSystem 

# Print Role:"Computer `"{0}.{1}`" is a: "-f $Computer.Name,$computer.domain
switch  ($computer.DomainRole) {
0 {"Standalone Workstation"}
1 {"Member Workstation"}
2 {"Standalone Server"}
3 {"Member Server"}
4 {"Backup Domain Controller"}5 {"Primary Domain Controller"}
}

This script produces the following output:

PS C:\foo> .\Get-DomainRole

Computer "COOKHAM8.cookham.net" is a:
Member Server

Tags : code powershell wmi win32_computersystem

Thomas Lee

Get ComputerName using WMI and PowerShell

# Get-ComputerName.ps1

# Gets system's computer name using PowerShell # Sample 3 from http://msdn.microsoft.com/en-us/library/aa394586 # Thomas Lee - tfl@psp.co.uk

# Get Computer info

$Computer = Get-WmiObject -Class Win32_ComputerSystem

# Print Computer Name

"Computer Name is: {0}" -f $Computer.Name

This script produces the following output

PS C:\foo> .\Get-ComputerName.ps1

Computer Name is: COOKHAM8

Tags : code powershell wmi win32_computersystem

Thomas Lee

Getting Logged on User using WMI and PowerShell

# Get-LoggedOnUser.ps1

# Uses Win32_Computer System to the logged on user(s)

# Sample 4 from http://msdn.microsoft.com/en-us/library/aa394586

# Thomas Lee - tfl@psp.co.uk

# Format messed up by MSDN Edit Tool :-(

# Get details of this computer

$computers = Get-WmiObject -Class Win32_ComputerSystem

# Get Logged on User(s)

"Logged on user(s):"

foreach($computer in $computers) {

"User: {0}" -f $computer.UserName

This script produces the following output:

PS C:\foo> .Get-LoggedOnUser.ps1

Logged on user(s):
User: COOKHAM\tfl

Tags : code powershell wmi win32_computersystem

Thomas Lee

Get Local Groups using WMI and PowerShell

# Get-LocalGroups.ps1

# Gets local groups using WMI and Win32_Group class

# Effectively, the 6th sample from http://msdn.microsoft.com/en-us/library/aa394586

# Thomas Lee - tfl@psp.co.uk

# Get Win32 Group Accounts

  $Accts=Get-WMIObjectWin32_Group|where {$_.LocalAccount}
   
  # Display them

  $accts |ftName, Sid, SidType, Status-autosize

This script produces the following output:

PS C:\foo> .\get-localgroups.ps1

Name                                            Sid                                          SidType Status
----                                            ---                                          ------- ------
Administrators                                  S-1-5-32-544                                       4 OK
Backup Operators                                S-1-5-32-551                                       4 OK
Certificate Service DCOM Access                 S-1-5-32-574                                       4 OK
Cryptographic Operators                         S-1-5-32-569                                       4 OK
Distributed COM Users                           S-1-5-32-562                                       4 OK
Event Log Readers                               S-1-5-32-573                                       4 OK
Guests                                          S-1-5-32-546                                       4 OK
IIS_IUSRS                                       S-1-5-32-568                                       4 OK
Network Configuration Operators                 S-1-5-32-556                                       4 OK
Performance Log Users                           S-1-5-32-559                                       4 OK
Performance Monitor Users                       S-1-5-32-558                                       4 OK
Power Users                                     S-1-5-32-547                                       4 OK
Print Operators                                 S-1-5-32-550                                       4 OK
Remote Desktop Users                            S-1-5-32-555                                       4 OK
Replicator                                      S-1-5-32-552                                       4 OK
Users                                           S-1-5-32-545                                       4 OK
SQLServer2005MSFTEUser$COOKHAM8$MICROSOFT##SSEE S-1-5-21-2376918343-887200126-108515810-1005       4 OK
SQLServer2005MSSQLServerADHelperUser$COOKHAM8   S-1-5-21-2376918343-887200126-108515810-1002       4 OK
SQLServer2005MSSQLUser$COOKHAM8$MICROSOFT##SSEE S-1-5-21-2376918343-887200126-108515810-1004       4 OK
SQLServer2005MSSQLUser$COOKHAM8$SQLEXPRESS      S-1-5-21-2376918343-887200126-108515810-1003       4 OK
SQLServer2005SQLBrowserUser$COOKHAM8            S-1-5-21-2376918343-887200126-108515810-1001       4 OK
WSS_ADMIN_WPG                                   S-1-5-21-2376918343-887200126-108515810-1006       4 OK
WSS_RESTRICTED_WPG                              S-1-5-21-2376918343-887200126-108515810-1007       4 OK
WSS_WPG                                         S-1-5-21-2376918343-887200126-108515810-1008       4 OK
__vmware__                                      S-1-5-21-2376918343-887200126-108515810-1009       4 OK

Tags : code powershell wmi win32_group

See Also