Clearing out a local group

Comments

4 comments

  • Brigg Angus

    It looks like there might be some quotation issues. Rather than double-quotes, use single quotes. Technically, the double-quotes on the example below (i.e. "SophosAdministrator" aren't necessary, but I like consistency.

    for /F %%i in ('net localgroup "SophosAdministrator"') do net localgroup "SophosAdministrator" %%i /delete

    I tested this out on a few machines with good results, though Deploy shows it failed (I ran it as a deployment using a Command Step) and returned an error code 2. This is likely because the command is wonky, but it worked to remove the users from my test group. 

    0
    Comment actions Permalink
  • Eric Elder

    I solved in a similar way.  

    for /F %%i in (^'net localgroup Administrators^') do net localgroup Administrators %%i /delete

     

    It is wonky in a sense.  It tries to delete a couple users that do not exist:

     

    Alias
    Comment
    Members

    ---------------------------------------------------------------------

     

    All appear to be header information if you list a group via command line.

     

    Another thing, is it tries to delete the local admin account, which is in fact in the group, however you just cannot remove the built-in admin.

    But I agree, the result is what is expected.  Just the path to get there is not as clean as it should be.  But there is not way to pull this off another way that is cleaner or nearly as efficient if you are changing membership on 1000 workstations.  :-)

     

    Thank you for your reply!

     

     

     

    0
    Comment actions Permalink
  • Eric Elder

    My apology, that was for my local admins.  However, the Sophos Admins is the same command with a different group.  But the results are the same except it doesn't fuss about built-in accounts.

    0
    Comment actions Permalink
  • Brigg Angus

    Excellent, and thanks for the additional information. I'm glad you found a solution that works as well. Either way you run it, they're strange commands, but so long as it works regardless of the weird/nonsensical entries in the output log, it's great, especially on a 1,000 workstations.

    0
    Comment actions Permalink

Please sign in to leave a comment.