Using SecTok.exe, I have scripted MbrShp.bat to return the NetBIOS local and domain group names that the logged on user's security token indicates they are a member of. The output is displayed on the console, like:
"Everyone" "NT AUTHORITY\Authenticated Users" "NT AUTHORITY\This Organization" "JSIINC\accountants" "JSIINC\Accounts Payables" "BUILTIN\Users" "NT AUTHORITY\INTERACTIVE"The syntax for using MbrShp.bat is:
To output to a file:
MbrShp>filename
To process the returned membership:
for /f "Tokens=*" %%a in ('MbrShp') do (
set group=%%a
:: do something
)
MbrShp.bat contains:
@echo off setlocal ENABLEDELAYEDEXPANSION set wrk="%TEMP%\MbrShp_%RANDOM%.TMP" @echo Logon Session>%wrk% @echo LOCAL>>%wrk% for /f "Tokens=*" %%a in ('sectok^|findstr /B "Group:"') do ( set group=%%a set group=!group:* - =! for /f "Tokens=*" %%b in ('@echo !group!^|findstr /B /G:%wrk% /V') do ( @echo "%%b" ) ) endlocal
0 comments
Hide comments