Script to show users in local admin group

Welcome Forums General PowerShell Q&A Script to show users in local admin group

Viewing 7 reply threads
  • Author
    Posts
    • #187168
      Participant
      Topics: 1
      Replies: 4
      Points: 4
      Rank: Member

      Hi,

      Im after a script that interrogates all end user machines on our domain, and shows a list of all users who are in the local admin group and on what machine.

      Is this poss?

    • #187189
      Senior Moderator
      Topics: 8
      Replies: 1123
      Points: 3,831
      Helping Hand
      Rank: Community Hero

      It would be great if you can make you question bit more clear.

      Are you facing any issue with an existing script or are you expecting a ready made script ?

    • #187204
      Participant
      Topics: 4
      Replies: 85
      Points: 136
      Helping Hand
      Rank: Participant

      Would it be something as simple as this?

      $computers = get-adcomputer -filter * | select -expand name
      invoke-command -computername $computers -scriptblock {Get-LocalGroupMember -Group administrators}
      
    • #187234
      Participant
      Topics: 1
      Replies: 4
      Points: 4
      Rank: Member
      Thanks for getting back to me.. i tried what you suggested but i get the  results below for multiple devices..  the devices are deffo on the network and switched on.
      + CategoryInfo : OpenError: (computername:String) [], PSRemotingTransportException
      + FullyQualifiedErrorId : WinRMOperationTimeout,PSSessionStateBroken
      [computername] Connecting to remote server computername failed with the following error message : WinRM cannot complete the operation. Verify that the specified computer name is valid,
      that the computer is accessible over the network, and that a firewall exception for the WinRM service is enabled and allows access from this computer. By default, the WinRM firewall
      exception for public profiles limits access to remote computers within the same local subnet. For more information, see the about_Remote_Troubleshooting Help topic.
    • #187237
      Participant
      Topics: 1
      Replies: 4
      Points: 4
      Rank: Member

      Also the report im after is to show all users who are in local admin group which also exports results to a CSV or excel file for example.

      I have tried this but couldnt get it to work

      https://gallery.technet.microsoft.com/scriptcenter/Get-remote-machine-members-bc5faa57

    • #187276
      Participant
      Topics: 6
      Replies: 108
      Points: 299
      Helping Hand
      Rank: Contributor

      Probably a lot more complicated than it needs to be, but here is one I wrote:

      function Get-LocalAdmin
      {
      	param ($ComputerName)
      
      	$localAdmins = @()
      
      	$regex_user = 'Win32_UserAccount \(Domain \= "(.+)", Name = "(.+)"\)'
      	$regex_group = 'Win32_Group \(Domain \= "(.+)", Name = "(.+)"\)'
      	$admins = Get-CimInstance -ClassName win32_groupuser -ComputerName $ComputerName | Where-Object GroupComponent -like "*Administrators*"
      
      	$admins.PartComponent | 
      	ForEach-Object {
      		if ($_ -like "Win32_UserAccount*") 
      		{ 
      			$_ |
      			Select-String -Pattern $regex_user | 
      			ForEach-Object { 
      				$localAdmins += [PSCustomObject]@{
      					Type = "User"
      					Value = "$($_.Matches.Groups[1].Value)\$($_.Matches.Groups[2].Value)" 
      				}
      			}
      		} 
      		elseif ($_ -like "Win32_Group*") 
      		{ 
      			$_ |
      			Select-String -Pattern $regex_group | 
      			ForEach-Object { 
      				$localAdmins += [PSCustomObject]@{
      					Type = "Group"
      					Value = "$($_.Matches.Groups[1].Value)\$($_.Matches.Groups[2].Value)" 
      				}
      			}
      		}
      		else
      		{ 
      			$_ |
      			Select-String -Pattern $regex_group | 
      			ForEach-Object { 
      				$localAdmins += [PSCustomObject]@{
      					Type = "Other"
      					Value = "$($_.Matches.Groups[1].Value)\$($_.Matches.Groups[2].Value)" 
      				}
      			}
      		}
      	}
      }

      You could get that into a CSV by piping the output to Export-Csv:

      Get-LocalAdmin server01 | Export-Csv -NoTypeInformation e:\temp\localadmin.csv
    • #187633
      Participant
      Topics: 1
      Replies: 4
      Points: 4
      Rank: Member

      Hi Charles,

      Tried running what you suggested but i get

      PS C:\WINDOWS\system32> C:\Temp\123.ps1
      At C:\Temp\123.ps1:2 char:1
      + {
      + ~
      Missing closing '}' in statement block or type definition.
      + CategoryInfo : ParserError: (:) [], ParentContainsErrorRecordException
      + FullyQualifiedErrorId : MissingEndCurlyBrace

      • #187654
        Participant
        Topics: 6
        Replies: 108
        Points: 299
        Helping Hand
        Rank: Contributor

        Yeah, looks like I missed the final curly brace when I pasted it into the post. I updated it, but it was just adding a '}' to the very end of the code (line 47).

    • #187798
      Participant
      Topics: 1
      Replies: 4
      Points: 4
      Rank: Member

      Yeah, looks like I missed the final curly brace when I pasted it into the post. I updated it, but it was just adding a '}' to the very end of the code (line 47).

      Thanks again Charles!. Im new to some PS scripting so forgive my pestering.. so i pasted in the updated script and ran through PS ISE but when i hit run script it just goes back to PS C:\WINDOWS\system32> C:\Temp\.......

      Now im guessing i need to enter our corp domain, and some other bit of info for the script to pickup what i need,  but where do i enter it?

Viewing 7 reply threads
  • You must be logged in to reply to this topic.