MilesLogan
asked on
Output local administrators from multiple servers - Output file
Hi All
I have the script below that an EEE helped me create but I wanted to see if we can tweak it a bit with the output file .
I attached a sample of the output file , lines 2,4,6 are for local accounts on this server .. can someone help me change the output file so that local accounts do not have the domain information? local accounts show " MYLAB/ " which is the domain name. The data just seems a bit confusing since these are local accounts so the line should not include the domain name .. id rather the output does not show the domain name for local accounts .
also , can the parent column show the word Local for local accounts and MYLAB for the domain accounts/groups or does it have to show " WinNT:// " ?
This is the script I am using.
I have the script below that an EEE helped me create but I wanted to see if we can tweak it a bit with the output file .
I attached a sample of the output file , lines 2,4,6 are for local accounts on this server .. can someone help me change the output file so that local accounts do not have the domain information? local accounts show " MYLAB/ " which is the domain name. The data just seems a bit confusing since these are local accounts so the line should not include the domain name .. id rather the output does not show the domain name for local accounts .
also , can the parent column show the word Local for local accounts and MYLAB for the domain accounts/groups or does it have to show " WinNT:// " ?
This is the script I am using.
function get-localusers {
param(
[Parameter(Mandatory=$true,valuefrompipeline=$true)]
[string]$strComputer)
begin {}
Process {
$Select = "Name","Class","Parent" | %{
Invoke-Expression "@{n='$_';e={ `$_.GetType().InvokeMember('$_', 'GetProperty', `$Null, `$_, `$Null) }}"
}
If (Test-Connection $strComputer -Count 2 -Quiet){
try{
$adminlist =""
$computer = [ADSI]("WinNT://" + $strComputer + ",computer")
$AdminGroup = $computer.psbase.children.find("Administrators")
$Adminmembers= $AdminGroup.psbase.invoke("Members") | Select $Select
foreach ($admin in $Adminmembers) {
$admin | Select @{N="ComputerName";E={$strComputer}},@{N="Administrators";E={"$(($_.parent) -replace "WinNT://")\$($_.Name)"}},Class,Parent
} }
catch
{ "" | Select @{N="ComputerName";E={$strComputer}},@{N="Administrators";E={"Access Denied"}},Class,Parent}
}
Else {
"" | Select @{N="ComputerName";E={$strComputer}},@{N="Administrators";E={"Not able to Ping"}},Class,Parent
}
}
end {}
}
Get-Content "C:\Powershell\Servers.txt" | get-localusers | Select ComputerName,Administrators,Class,Parent | Export-Csv "C:\Powershell\LocalAdm$((get-date).toString('MM-dd-yyyy')).csv" -NTI
Output file attached:
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
No need to open a new question as this was part of the original request. I actually missed it..
Replace line 17 with following code..
Replace line 17 with following code..
$admin | Select @{N="ComputerName";E={$strComputer}},@{N="Administrators";E={"$(($_.parent -SPLIT "/")[-1])\$($_.Name)"}},Class,@{N="Parent";E={($_.parent -SPLIT "/")[-1]}}
Strange, the script posted by me works fine on my system, with both a non-domain and a domain machine. "Access Denied" is the default "reply" of that script if some error occured inside the loop. To find out what happens (if interested), execute
$error.Clear()
# run the script #
$error
You've changed how "Parent" should be displayed: "can the parent column show the word Local for local accounts" was the original request (and what my script should do). DIsplaying the machine name here is ok, it depends on what you want to do later with the results.
I have not tested the code from ID: 40284436.. But there is a Typo in line 14, Administratoren instead of Administrators, which probably caused the error,
Thanks, Subsun, and that is the reason! I forgot to re-replace the group name. It is no typo, just how that works with non-english OS (stupid thing to do by Microsoft, really).
ASKER
Thank you both ! always awesome help here .. wow
ASKER
I don't mind using another script if you have one that does the same task ...
I ran yours and the output was not correct, see below.. I ran the original and it did output ..