A. You can use the whoami command with the /groups switch to display all the groups in the currently logged on user token as the following command and output show:
whoami /groups \[Group 1\] = "SAVILLTECH\Domain Users" \[Group 2\] = "Everyone" \[Group 3\] = "WKSSAVD800\Debugger Users" \[Group 4\] = "BUILTIN\Users" \[Group 5\] = "BUILTIN\Administrators" \[Group 6\] = "NT AUTHORITY\INTERACTIVE" \[Group 7\] = "NT AUTHORITY\Authenticated Users" \[Group 8\] = "LOCAL" \[Group 9\] = "SAVILLTECH\Domain Admins" \[Group 10\] = "SAVILLTECH\Enterprise Admins"In this example, my user account is a member of the Domain and Enterprise Admin groups as well as all the other displayed groups. You can use this same command to determine the group membership for the local computer account. To do so, start a command session under the system context, which you do by using the scheduler to start a command session 1 minute in the future, as the following command shows:
<1 minute in future> /inter cmd.exeWhen the new command session starts, run the whoami /groups command to show the groups that the computer account is a member of, as this example shows:
C:\WINDOWS\system32>whoami /groups \[Group 1\] = "BUILTIN\Administrators" \[Group 2\] = "Everyone" \[Group 3\] = "NT AUTHORITY\Authenticated Users"Notice that the computer account is a member of the Authenticated Users group, which you might not have expected.
5 comments
Hide comments