List all domain accounts on remote machine

TheMSsForum.com: The Microsoft Software Forum

I'm using HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows
NT\CurrentVersion\ProfileList to list all the users on a remote machine and
then use that information to get other information from Active Directory. How
can I find out which accounts are local accounts and which are domain
accounts? I don't want to waste time hitting the AD for the local accounts.
Any advice to determine which are domain accounts?
Top

Re: List all domain accounts on remote machine by Richard

Richard
Wed Mar 05 12:30:50 CST 2008

notta wrote:

> I'm using HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows
> NT\CurrentVersion\ProfileList to list all the users on a remote machine
> and
> then use that information to get other information from Active Directory.
> How
> can I find out which accounts are local accounts and which are domain
> accounts? I don't want to waste time hitting the AD for the local
> accounts.
> Any advice to determine which are domain accounts?

SID values are very different for local and domain accounts. Local SID's
will be similar to "S-1-5-19", while domain SID's are much longer, similar
to "S-1-5-21-4173817940-1596382273-4091973628-1136". I think any SID
starting with "S-1-5-21-" is a domain account.

--
Richard Mueller
Microsoft MVP Scripting and ADSI
Hilltop Lab - http://www.rlmueller.net
--


Top

Re: List all domain accounts on remote machine by notta

notta
Wed Mar 05 12:53:01 CST 2008

Thanks Richard. I have local accounts that start with S-1-5-21, so I can't
use that. I have no problem checking local accounts and just have it fail,
but I thought there would be some flag that would distinguish a local account
from a domain account as in the way you suggested.

"Richard Mueller [MVP]" wrote:

> notta wrote:
>
> > I'm using HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows
> > NT\CurrentVersion\ProfileList to list all the users on a remote machine
> > and
> > then use that information to get other information from Active Directory.
> > How
> > can I find out which accounts are local accounts and which are domain
> > accounts? I don't want to waste time hitting the AD for the local
> > accounts.
> > Any advice to determine which are domain accounts?
>
> SID values are very different for local and domain accounts. Local SID's
> will be similar to "S-1-5-19", while domain SID's are much longer, similar
> to "S-1-5-21-4173817940-1596382273-4091973628-1136". I think any SID
> starting with "S-1-5-21-" is a domain account.
>
> --
> Richard Mueller
> Microsoft MVP Scripting and ADSI
> Hilltop Lab - http://www.rlmueller.net
> --
>
>
>
Top

Re: List all domain accounts on remote machine by James

James
Thu Mar 06 21:28:55 CST 2008

"notta" <notta@discussions.microsoft.com> wrote in message
news:F037F512-E67E-4491-A4AE-9D43DAF6DCAC@microsoft.com...
> Thanks Richard. I have local accounts that start with S-1-5-21, so I
> can't
> use that. I have no problem checking local accounts and just have it fail,
> but I thought there would be some flag that would distinguish a local
> account
> from a domain account as in the way you suggested.

I am not sure if it is a reliable test method or not, but I noticed that
the domain accounts on my computer have a string value named 'Guid' in their
SID key under 'HKLM\SOFTWARE\Microsoft\Windows
NT\CurrentVersion\ProfileList' and the local accounts do not.


Top

Re: List all domain accounts on remote machine by CoreyThomasMCSEMCSAMCDBA

CoreyThomasMCSEMCSAMCDBA
Fri Mar 07 16:19:04 CST 2008

I'll agree with Richard here. Domain accounts will be have a SID that is
rather long compared to the local accounts. When I'm querying machines, I
typically look for SID's that are longer than 16 characters. Then I query
the SID to get domain\user names. If you need code for that, let us know.

-Corey Thomas
MCSE/MCSA/MCDBA

"Richard Mueller [MVP]" wrote:

> notta wrote:
>
> > I'm using HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows
> > NT\CurrentVersion\ProfileList to list all the users on a remote machine
> > and
> > then use that information to get other information from Active Directory.
> > How
> > can I find out which accounts are local accounts and which are domain
> > accounts? I don't want to waste time hitting the AD for the local
> > accounts.
> > Any advice to determine which are domain accounts?
>
> SID values are very different for local and domain accounts. Local SID's
> will be similar to "S-1-5-19", while domain SID's are much longer, similar
> to "S-1-5-21-4173817940-1596382273-4091973628-1136". I think any SID
> starting with "S-1-5-21-" is a domain account.
>
> --
> Richard Mueller
> Microsoft MVP Scripting and ADSI
> Hilltop Lab - http://www.rlmueller.net
> --
>
>
>
Top