Using command line to see if a given computer's local guest account is disabled
6,521
Solution 1
Here's a little PowerShell function to check for this.
function Test-LocalAccountDisabled
{
param (
[string]
$AccountName = 'Guest',
[string[]]
$ComputerName = $env:COMPUTERNAME
)
$AccountDisable=0x0002
foreach ($Computer in $ComputerName)
{
[ADSI]$Guest="WinNT://$Computer/$AccountName,User"
if ($Guest -ne $null)
{
New-Object PSObject -Property @{
Disabled = ($Guest.UserFlags.Value -band $AccountDisable) -as [boolean]
AccountName = $AccountName
ComputerName = $Computer
}
}
else
{
Write-Error "Unable to find $AccountName on $Computer."
}
}
}
If you have a list of computers in a text file separated by line breaks, you could do something like
Test-LocalAccountDisabled -ComputerName (get-content computers.txt)
Solution 2
PowerShell is probably the easiest way:
foreach ( $computer in (Get-Content computers.txt) ) {
Get-WmiObject Win32_UserAccount -Computer $computer -Filter "Name = 'guest'" `
| Select-Object __Server, Disabled
}
Using wmic in batch is ugly, but will work as well:
set query=useraccount where name^^="guest" get disabled
for /f %c in ('computers.txt') do (
for /f "delims== tokens=2" %a in ('wmic /node:%c %query% /value') do (
echo %c %a
)
)
Author by
Juanjo Daza
Updated on September 18, 2022Comments
-
Juanjo Daza over 1 year
I need to generate a report that shows the guest account is disabled for a given list of computers.
How can I use
net user, powershell, or any other commonly used tool for this purpose? -
Jerrish Varghese over 11 yearsNice solution. I suggested a couple of edits (adding __Server to know what machine the account status was coming from in the case of checking multiples and using the pipe as the line continuation rather than the backtick.
-
Jerrish Varghese over 11 yearsSteve, rather than using the foreach, you can pass all the computer names to the -computername parameter. You could add __Server to the output so that the user knows which machine the account report is coming from.
-
Steve G over 11 yearsAhh.. yes. You are correct!
-
Ansgar Wiechers over 11 years@StevenMurawski Thanks. I'm aware that a pipe at the end of the line would automatically continue the line, but I prefer to escape the line break and put the pipe at the beginning of the next line. That way I can see immediately where a command is continued from the previous line. I didn't know about
__Server, though. Thanks for the tip, that's much more convenient than@{n=computer;e={$computer}}. -
Jerrish Varghese over 11 yearsYou bet. The backtick at the end of the line can sometimes throw people off, so that's why I recommended that change. No worries. Rather than using the foreach, you could just pass the whole (Get-Content computers.txt) to the -computername parameter. That would let all the queries go at once rather than queuing them up in a line. If you have a number of machines, that will perform better.
-
Juanjo Daza over 11 yearsI don't have a disabled property for any server I query.
-
Jerrish Varghese over 11 yearsWhat version of PowerShell are you using? V1, V2, or V3?
-
Juanjo Daza over 11 years2.0 on Win7 via
function Ver { get-host | select version } -
Jerrish Varghese over 11 yearsInteresting. I do get output objects on my Win 7 test machine. How are you trying to call the function?
-
Juanjo Daza over 11 yearshmm this works:
Get-WmiObject -Class Win32_UserAccount -Computer hostname -Filter "LocalAccount='$true'"|Select-Object Name,Disabled|Format-Table -AutoSize.. do you know how I can have 2 filter statements?&&doesn't work. I'd like to add the "name" parameter? -
Jerrish Varghese over 11 yearsthe filter is a wql query, so you have to use "and" It would look like "LocalAccount='$true' and Name like 'Guest'"
