This discussion has been locked.

You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Custom report - local admin and local group membership of servers

Hi guys,

I need to produce a report that used to be present in Quest Reporter (which is now end of life) which checks the local admin and local group membership of servers within our organization.

It would need to exclude system based accounts or the authenticated user accounts so it only captures users and groups that have been added.

Is this possible at all within Enterprise Reporter? we are running version 2.5.1 build 200.

Many thanks,

Mo.

0 IvanK over 7 years ago

Hello Mohammed

We're reviewing the request and will get back to you soon

Regards

Ivan
Cancel
Up 0 Down

Cancel
0 IvanK over 7 years ago

Hello Mohammed

Do I correctly understand that you need a report based on Computer's Local Groups with Members report to show group membership for the selected computer?
The Well-Known system accounts like SYSTEM, EVERYONE, LOCAL SERVICE, AUTHENTICATED USERS, etc.should be excluded.
If it is correct, this report is possible.

Regards
Ivan
Cancel
Up 0 Down

Cancel
0 mohammed.shah over 7 years ago

Hello Ivan,

Yes that is correct, we would need to be able to point the report to multiple OU's so it can check against the servers that reside under it and base the report of those systems.

The requirement is to ensure it captures AD accounts/Security groups that are part of the local admin group so the team reviewing the report can find any non authorised access and remove the said user ad account or security group.

I hope that makes sense?

Regards,

Mo.
Cancel
Up 0 Down

Cancel
0 IvanK over 7 years ago

Hello Mo

Hope the following report suits your needs:
www.quest.com/.../136

Should you need some changes please reply here.

Regards
Ivan
Cancel
Up 0 Down

Cancel
0 mohammed.shah over 7 years ago

Hi Ivan,

Quick question but when defining which OU to check for servers exactly what format should I use? as an example I want to scan all servers and sub OU's under Development; so would I use the following value?

/Europe/London/Development/*

I'm struggling to get a result at the moment, I defined the domain in the first value then used the above value to define the OU location to scan. Not sure if I am using the correct format for the report.

Thanks,

Mo.
Cancel
Up 0 Down

Cancel
0 IvanK over 7 years ago

Hi Mo

You can provide canonical name for OU parameter. Something like erd01.local/Computers
You can also use * and ? wildcards.
You have to run both Computer and AD discoveries to get the correct results. AD discovery should include computers.

Regards, Ivan
Cancel
Up 0 Down

Cancel
0 mohammed.shah_49869 over 6 years ago

Hi Ivan,

Many thanks for the report I have managed to get it to work as I needed to setup a computers discovery.

How would I add filters to the results? as with Quest Reporter the same report has numerous filters applied that I need to mimic in Enterprise reporter.

Filters such as computer name "does not contain "value" and
Members "does not end with" "value".

As I need to strip the report down to the accounts that we are interested in.

Hope I make sense with my explanation? Im guessing I would need to add additional entries into the Query filed of the report.

Could you give me some generic examples of code to satisfy the two mentioned filters please?

Regards,

Mo.
Cancel
Up 0 Down

Cancel
0 Angela.Freeman over 6 years ago

Hello,

Unfortunately Ivan is no longer working on Enterprise Reporter but another team member will take a look at your question and reply shortly.

Thank you,
-Angela
Cancel
Up 0 Down

Cancel
0 Adam.Greenaway over 6 years ago

Hi Mo

If you open Report Manager and edit your "Local Administrators" report you'll see a "Query" tab. Go to the very end of the query and add the following lines above "order by ...". Note: You can copy and paste the query into Microsoft SQL Server Management Studio to test things out if that works best for you.

For "Computer name does not contain value" you can add *one* of the following (whichever works best for you):

... This one will exclude all computers that match "ComputerA".
... where CP.ComputerName not like '%computera%'

... This one will exlude "ComputerA1", "ComputerA2" and "ComputerA3
... where CP.ComputerName not in ('computera1', 'computera2', 'computera3')

For "Members do not end with value" you can add *one* of the following (whichever works best for you, but note this only operates on the account name and not the account domain/computer name):

... This one will exclude all accounts that end with "Administrator".
... where MA.SAMAccountName not like '%administrator'

... This one will exlude accounts "Administrator" and "Domain Admins"
... where MA.SAMAccountName not in ('administrator', 'domain admins')

Examples (note how you only need one "where" - other condtions can be joined together by "and"):

1.
where CP.ComputerName not like '%computera%'
and MA.SAMAccountName not in ('administrator', 'domain admins')
order by CP.DomainName, CP.ComputerName, GroupName, AccountName, Path, Level

2.
where CP.ComputerName not in ('computera1', 'computera2', 'computera3')
and MA.SAMAccountName not like '%administrator'
order by CP.DomainName, CP.ComputerName, GroupName, AccountName, Path, Level

Hope this is what you need.

Thanks
Adam
Cancel
Up 0 Down

Cancel
0 mohammed.shah_49869 over 6 years ago

Hi Adam,

Many thanks for all the examples! could you kindly give me an example of the following that I need to translate from a report in Quester Reporter over to Enterprise reporter please:

members does not equal

members does not contain

members does not begin with

That should be all the examples I need to filter out the report as needed. I have around 75 exceptions I need to add in order to the team the exact results they care for after the exceptions have been applied.

Regards,

Mo.
Cancel
Up 0 Down

Cancel