The below scripts works for only Win 2000 and XP not for other operating systems .Here are the simple steps that you can achive this(getting a report for local administrators).*******test it once before taking it to production*****************
1.Go to the X:\smsinboxes\clifiles.src\hinv\sms_def.mof where X is SMS installed Drive,edit SMS_DEF.MOF file (If you have already edited it ,not changes are required .If you are doing it in SCCM environment for the first time, u can still do the same in SMS_DEF.MOF file.)
2.At the very bottom ,Add these lines to the MOF file .
//***********************************Local admins***********************
//#pragma namespace (“\\\\.\\root\\cimv2\\sms“)
[ SMS_Report (TRUE),
SMS_Group_Name ("LocalAdmins"),
SMS_Class_ID ("MICROSOFT|LocalAdmins|1.0")]
class Win32_LocalAdmins : SMS_Class_Template
{
[SMS_Report(TRUE), key]
string AccountName;
[SMS_Report(TRUE), key]
string GroupName;
};
3.Keep monitoring the dataldr.log file and u can see the changes that have been done, given below for your reference: SMS_DEF.Mof change detected
Connected to SQL; waiting for Hinv action ID…
Done with wait for Hinv action ID.
Start of cimv2\sms-to-policy conversion
Resetting SMS_Report qualifier to FALSE on all classes and properties in cimv2\sms namespace
Running MOFCOMP on D:\SMS\inboxes\clifiles.src\hinv\sms_def.mof
MOF backed up to D:\SMS\data\hinvarchive\sms_def.mof.bak
End of cimv2\sms-to-policy conversion; returning 0×0 .
4.Create a folder on your media Drivewhich can used to source folder for package creation.
5.Create a MOF file and add the below lines into the file and save it as LocalAdmin.MOF in the folder that you have created
// Local Administrators
// Requires Localadmins.MOF to be compile
#pragma namespace (“\\\\.\\root\\cimv2“)
[union, ViewSources{"Select * from Win32_GroupUser where GroupComponent=\"Win32_Group.Domain='BUILTIN',Name='Administrators'\""},
ViewSpaces{"\\\\.\\root\\CIMV2"}, Dynamic : ToInstance, provider("MS_VIEW_INSTANCE_PROVIDER")]
class Win32_LocalAdmins
{
[PropertySources("PartComponent"), key] Win32_Account ref AccountName;
[PropertySources("GroupComponent"), key] Win32_Group ref GroupName;
};
6.Crete a New package(ex:Local Admins) with the created folder as source files
7.Create program with a command Line MOFCOMP.EXE LocalAdmin.MOF
8.Create a advertisement and advertise it onto the collection (as per the needs).
9.Move onto the reporting node and create a report with the following Query:
select distinct Name0 as ‘Computer Name’, substring(AccountName0,charindex(‘Domain=’,Accountname0)+8,(charindex(‘Name=’,Accountname0)-charindex(‘Domain=’,Accountname0)-10)) as ‘Domain Name’, substring(AccountName0,len(AccountName0)-charindex(‘”‘,reverse(AccountName0),2)+2,charindex(‘”‘,reverse(AccountName0),2)-2) as ‘User Name’
from v_GS_SYSTEM INNER JOIN v_GS_LocalAdmins ON v_GS_SYSTEM.ResourceID = v_GS_LocalAdmins.ResourceID where (AccountName0 not like ‘%Administrator%’ AND AccountName0 not like ‘%Domain Admins%’)
If your orgamization has admin groups like admin or xxxxxx ,you can add few more lines to the above code like AccountName0 not like ‘%Admin%’ .Just wait until computers ran the localadmin.MOF file and sends hinv to the siteserver. more information about this can be found here
Key difference between SMS_DEF.MOF and Configuration.mof file:
SMS 2003 has ONE MOF file, the SMS_DEF.MOF. This file contains both the data provider MOF’s and the reporting MOF’s as well handling registering new provider types.
SCCM 2007 has TWO MOF files, the CONFIGURATION.MOF and SMS_DEF.MOF. The CONFIGURATION.MOF contains the data providers and the SMS_DEF.MOF contains the reporting MOF’s. For more information look at here
