Help

finding all the admin accounts

madscripter
New Contributor II

Posted on ‎08-18-2010 07:39 AM

All,

I am rolling out Casper and I want find all the local admin accounts on every computers, and generate a monthly report on them.

But I did not see local accounts as a criteria to search by.

I there a way to accomplish this? Or is this a feature request?

Peace, Tim Kendall

0 Kudos
Reply
3 REPLIES 3

tlarkin
Honored Contributor

Posted on ‎08-18-2010 07:51 AM

I do this by dummy receipt policy to catch hackers making their accounts admin.

I do it via a shell script and a custom trigger policy...

http://tlarkin.com/tech/dummy-receipts-casper

Then you can just look at the policy receipts. Do note that the second script has a syntax error due to the geshi syntax highlighter not liking reserved HTML characters

-Tom

0 Kudos
Reply

madscripter
New Contributor II

Posted on ‎08-19-2010 02:50 PM

Tom,

I think your solution will work for me with some modifications.

I would still like a Casper native solution though so I am going submit a feature request.

Thank you, Tim

Tim Kendall
System Administrator
Materials Science Division (MSD)
Argonne National Laboratory
tkendall at anl.gov

0 Kudos
Reply

ernstcs
Contributor III

Posted on ‎08-19-2010 03:51 PM

There is a custom report in the Resource Kit called ShowAllUsers. I imagine
it wouldn't take much to modify it to only show users that are admins. I
haven't tried to modify one of their JSPs before so I won't attempt to.
Don't know JSP, but maybe if I get bored tonight...

JAMF may be willing to help here. Sounds a lot better than trying to work
with dummy receipts when the data is already in the JSS.

Craig E

0 Kudos
Reply