Need help in query

This topic contains 5 replies, has 3 voices, and was last updated by Profile photo of Randie Randie 1 month, 1 week ago.

  • Author
    Posts
  • #55910
    Profile photo of Randie
    Randie
    Participant

    how can get all list of local administrator accounts and enabled computers on network?

  • #55913
    Profile photo of Don Jones
    Don Jones
    Keymaster

    You can't, really, unless you can be sure that all computers are in AD, in which case, Get-ADComputer.

  • #55919
    Profile photo of Randie
    Randie
    Participant

    Yes all computers are in AD, I was using
    Get-ADComputer -Filter * -Property * | Format-Table Name , Enabled -Wrap –Auto
    but it shows me just list of computer, i also need local administrator accounts

  • #55927
    Profile photo of Randie
    Randie
    Participant

    This code i was trying, but not working. I am new in Powershell

    Import-Module ActiveDirectory

    $ADComputerArray = Get-ADComputer -Properties * -Filter * -SearchBase "OU=LocalAdministrators, DC=domainname,DC=ad"

    foreach($ADComputer in $ADComputerArray){

    $GroupMembers = Get-ADComputerMember $ADComputer
    $file.WriteLine($ADComputer.Name + ":")

    foreach ($member in $GroupMembers){
    if ($member.objectClass -eq "user"){
    $file.WriteLine($member.name)
    }
    }

    $file.WriteLine("")
    }

    $file.Close()

  • #55933
    Profile photo of Rob Simmers
    Rob Simmers
    Participant

    It appears that you are coming from a background in VBScript trying to write a file on the fly. A more 'Powershelly' way to do it is working with objects and then exporting them to a file. The code you posted looked like you were trying to get AD computer information. It sounds like you want the members of the local administrator group on a computer. You can try the below which is something I modified to from this function.

    function Get-LocalAdmin {  
        #https://gallery.technet.microsoft.com/scriptcenter/Get-remote-machine-members-bc5faa57
        param (
            $ComputerName = $env:COMPUTERNAME
        )
        
        if (Test-Connection -ComputerName $ComputerName -Count 2 -Quiet) {  
            try {
                $admins = Get-WmiObject -Class Win32_GroupUser -ComputerName $ComputerName -ErrorAction Stop |
                Where {$_.GroupComponent –like '*"Administrators"'}
          
                $localAdmins = foreach ($admin in $admins) {
                    $admin.partcomponent –match “.+Domain\=(.+)\,Name\=(.+)$” > $nul  
                    $matches[1].trim('"') + “\” + $matches[2].trim('"')  
                }
    
                $props = @{
                    ComputerName = $ComputerName
                    LocalAdmins = $localAdmins
                    Status = "Success"
                }
            }
            catch {
                $props = @{
                    ComputerName = $ComputerName
                    LocalAdmins = @()
                    Status = "Failed. WMI Error connecting to {0}. {1}" -f $ComputerName, $_.Exception.Message
                }
            }
        }
        else {
            
            $props = @{
                ComputerName = $ComputerName
                LocalAdmins = @()
                Status = "Ping Failed. {0} is offline." -f $ComputerName
            }
        }
    
        New-Object -TypeName PSObject -Property $props
    }
    
    $computers = Get-ADComputer -Properties * -Filter * -SearchBase "OU=LocalAdministrators,DC=domainname,DC=ad"
    
    $results = foreach($computer in $computers){
        Get-LocalAdmin -ComputerName $computer.Name
    }
    
    $results
    

    Output:

    PS C:\WINDOWS\system32> Get-LocalAdmin
    
    Status  ComputerName LocalAdmins                       
    ------  ------------ -----------                       
    Success MY-PC       {MY-PC\Administrator, MY-PC\Rob}
    

    Once you have the results, you would export them to a CSV or better yet use Powershell to run queries against the $results:

    $results | Select Status, ComputerName, @{Name="LocalAdmins";Expression={$_.LocalAdmins -join ","}} | Export-CSV C:\Scripts\LocalAdmin.csv -NoTypeInformation
    
  • #56029
    Profile photo of Randie
    Randie
    Participant

    Thank you very much, it helped me a lot
    But is it possible to get list of all computers on AD and return list of local administrator accounts and the enabled\disabled status of those accounts using one script

    Forexample:
    ComputerName Status Local Administrator

    —- — ——

    Thanks

You must be logged in to reply to this topic.