Need help in query

Welcome Forums General PowerShell Q&A Need help in query

This topic contains 5 replies, has 3 voices, and was last updated by

 
Participant
2 years ago.

  • Author
    Posts
  • #55910

    Participant
    Points: 0
    Rank: Member

    how can get all list of local administrator accounts and enabled computers on network?

  • #55913

    Keymaster
    Points: 1,624
    Helping HandTeam Member
    Rank: Community Hero

    You can't, really, unless you can be sure that all computers are in AD, in which case, Get-ADComputer.

  • #55919

    Participant
    Points: 0
    Rank: Member

    Yes all computers are in AD, I was using
    Get-ADComputer -Filter * -Property * | Format-Table Name , Enabled -Wrap –Auto
    but it shows me just list of computer, i also need local administrator accounts

  • #55927

    Participant
    Points: 0
    Rank: Member

    This code i was trying, but not working. I am new in Powershell

    Import-Module ActiveDirectory

    $ADComputerArray = Get-ADComputer -Properties * -Filter * -SearchBase "OU=LocalAdministrators, DC=domainname,DC=ad"

    foreach($ADComputer in $ADComputerArray){

    $GroupMembers = Get-ADComputerMember $ADComputer
    $file.WriteLine($ADComputer.Name + ":")

    foreach ($member in $GroupMembers){
    if ($member.objectClass -eq "user"){
    $file.WriteLine($member.name)
    }
    }

    $file.WriteLine("")
    }

    $file.Close()

  • #55933

    Participant
    Points: 159
    Helping Hand
    Rank: Participant

    It appears that you are coming from a background in VBScript trying to write a file on the fly. A more 'Powershelly' way to do it is working with objects and then exporting them to a file. The code you posted looked like you were trying to get AD computer information. It sounds like you want the members of the local administrator group on a computer. You can try the below which is something I modified to from this function.

    function Get-LocalAdmin {  
        #https://gallery.technet.microsoft.com/scriptcenter/Get-remote-machine-members-bc5faa57
        param (
            $ComputerName = $env:COMPUTERNAME
        )
        
        if (Test-Connection -ComputerName $ComputerName -Count 2 -Quiet) {  
            try {
                $admins = Get-WmiObject -Class Win32_GroupUser -ComputerName $ComputerName -ErrorAction Stop |
                Where {$_.GroupComponent –like '*"Administrators"'}
          
                $localAdmins = foreach ($admin in $admins) {
                    $admin.partcomponent –match “.+Domain\=(.+)\,Name\=(.+)$” > $nul  
                    $matches[1].trim('"') + “\” + $matches[2].trim('"')  
                }
    
                $props = @{
                    ComputerName = $ComputerName
                    LocalAdmins = $localAdmins
                    Status = "Success"
                }
            }
            catch {
                $props = @{
                    ComputerName = $ComputerName
                    LocalAdmins = @()
                    Status = "Failed. WMI Error connecting to {0}. {1}" -f $ComputerName, $_.Exception.Message
                }
            }
        }
        else {
            
            $props = @{
                ComputerName = $ComputerName
                LocalAdmins = @()
                Status = "Ping Failed. {0} is offline." -f $ComputerName
            }
        }
    
        New-Object -TypeName PSObject -Property $props
    }
    
    $computers = Get-ADComputer -Properties * -Filter * -SearchBase "OU=LocalAdministrators,DC=domainname,DC=ad"
    
    $results = foreach($computer in $computers){
        Get-LocalAdmin -ComputerName $computer.Name
    }
    
    $results
    

    Output:

    PS C:\WINDOWS\system32> Get-LocalAdmin
    
    Status  ComputerName LocalAdmins                       
    ------  ------------ -----------                       
    Success MY-PC       {MY-PC\Administrator, MY-PC\Rob}
    

    Once you have the results, you would export them to a CSV or better yet use Powershell to run queries against the $results:

    $results | Select Status, ComputerName, @{Name="LocalAdmins";Expression={$_.LocalAdmins -join ","}} | Export-CSV C:\Scripts\LocalAdmin.csv -NoTypeInformation
    
  • #56029

    Participant
    Points: 0
    Rank: Member

    Thank you very much, it helped me a lot
    But is it possible to get list of all computers on AD and return list of local administrator accounts and the enabled\disabled status of those accounts using one script

    Forexample:
    ComputerName Status Local Administrator

    —- — ——

    Thanks

The topic ‘Need help in query’ is closed to new replies.