Improve company productivity with a Business Account.Sign Up

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 1952
  • Last Modified:

Powershell script to get a local adminitrator account remotely

hi,

I need to get remotely all local administrator account name.

All my server is member of my Active directory domain.

The script must check a txt file contain a list of server like this:

Server1
server2
server3
......

i need a csv file with result for every server and a name of a local administratif account.

Thanks for your help
0
cawasaki
Asked:
cawasaki
  • 6
  • 3
  • 2
  • +1
1 Solution
 
Shabarinath RamadasanInfrastructure ArchitectCommented:
Here we go..

Though result is a simple txt file.

Cheerio
Shaba
Get-QADComputer -LdapFilter "(operatingSystem=Windows Server*)" |foreach {$_.name} >serverlist.txt
$filename = Get-Date -Format yyyy-MM-dd
$filename = "LocalAdminAudit-" + $filename + ".txt"
$Result = @()
foreach($server in (gc .\serverlist.txt)){
 
$computer = [ADSI](”WinNT://” + $server + “,computer”)
$Group = $computer.psbase.children.find(”Administrators”)
 
	function getAdmins
		{$members = $Group.psbase.invoke(”Members”) | %{$_.GetType().InvokeMember(”Adspath”, ‘GetProperty’, $null, $_, $null)}
		$members}
 
$Result += $server
$Result += ( getAdmins )
$Result += "------------------------------------------------------------"
}
 
$Result > $filename

Open in new window

0
 
Shabarinath RamadasanInfrastructure ArchitectCommented:
If you have your own custom input file, delete/comment the first line.
#Get-QADComputer -LdapFilter "(operatingSystem=Windows Server*)" |foreach {$_.name} >serverlist.txt

and you can convert the result to csv by replacing the last line with GC $result |Export-csv result.csv

Cheeiro
Shaba
0
 
soostibiCommented:
Try this. This code collects from computers listed in the nameofservers.txt file the name of the built in local admin accounts (the account with the SID ending with 500).
$servers = get-content c:\namesofservers.txt

filter get-localadmin 
{
    $server = $_
    $pl = [ADSI]"WinNT://$server,computer"
    $users = $pl.children |where{$_.schemaclassname -eq "user"}
        
    $users | ?{
        $username = $_.name.tostring()
        $_.objectsid[0][-4] -eq 244 -and
        $_.objectsid[0][-3] -eq 1 -and
        $_.objectsid[0][-2] -eq 0 -and
        $_.objectsid[0][-1] -eq 0
    } | %{
        new-object -TypeName PSObject -Property @{
            NameOfLocalAdmin = $username
            Server = $server
        }
    }
}

$servers | get-localadmin | export-Csv c:\localadmins.csv -NoTypeInformation

Open in new window

0
Has Powershell sent you back into the Stone Age?

If managing Active Directory using Windows Powershell® is making you feel like you stepped back in time, you are not alone.  For nearly 20 years, AD admins around the world have used one tool for day-to-day AD management: Hyena. Discover why.

 
cawasakiAuthor Commented:
soostibi:

Your script work, but is not export all local administrators (members of local administrators group).

Your script only export Administrator account.
0
 
LearnctxEngineerCommented:
Here's an older one. If you try adapt this one to your needs.

http://www.experts-exchange.com/Programming/Languages/Scripting/Powershell/Q_24754216.html

Don't have a way to test it now, as I'm working mobile, but it should work. Might not be very pretty though :) Let me know if you would like the output refined, formatted differently, etc.
$inputfile = "c:\servers.txt"
$outfile = "c:\results.txt"

Foreach ($server in @(Get-Content $inputfile))
{
    ([ADSI]"WinNT://$server/Administrators,group").PsBase.Invoke("Members") | `
    Foreach-Object {
        "$server,$($_.GetType().InvokeMember("Name",'GetProperty',$null,$_,$null))"
    } | out-file $outfile -Append
}

Open in new window

0
 
cawasakiAuthor Commented:
shabarinath:

ok if i understand, i need to put a txt file "serverlist.txt" with this form:

name
server1
server2
.....

ok i have test this and the result is an error:

[PS] C:\Temp\PLOP>& '.\get admin account.ps1'
Exception calling "Find" with "1" argument(s): "The network path was not found.
"
At C:\Temp\PLOP\get admin account.ps1:7 char:40
+ $Group = $computer.psbase.children.find( <<<< "Administrators")
You cannot call a method on a null-valued expression.
At C:\Temp\PLOP\get admin account.ps1:10 char:35
+         {$members = $Group.psbase.invoke( <<<< "Members") | %{$_.GetType().InvokeMember("Adspath", 'GetProperty', $nu
ll, $_, $null)}
Export-Csv : Cannot bind argument to parameter 'InputObject' because it is null.
At C:\Temp\PLOP\get admin account.ps1:18 char:20
+ $result |Export-csv  <<<< result.csv

0
 
cawasakiAuthor Commented:
Learnctx:

Your script dont work, i have an error:

[PS] C:\Temp\PLOP>.\plip.ps1
Unexpected token 'Name,'GetProperty',$null,$_,$null))' in expression or statement.
At C:\Temp\PLOP\plip.ps1:8 char:84
+         "$server,$($_.GetType().InvokeMember("Name",'GetProperty',$null,$_,$null))" <<<<
0
 
cawasakiAuthor Commented:
Learnctx:

Ok its work in powershell version 2.0 not in 1.0.

so its good for me.

Its possible to add a line after the result like this:

server1,membera
server1,memberb
------------------------------------------
server2,membera
server2,memberb
------------------------------------------
......
0
 
LearnctxEngineerCommented:
Ah yes, I should have remembered I'm using PowerShell v2 :)

Yes, you could do this.
$inputfile = "c:\servers.txt"
$outfile = "c:\results.txt"

Foreach ($server in @(Get-Content $inputfile))
{
    ([ADSI]"WinNT://$server/Administrators,group").PsBase.Invoke("Members") | `
    Foreach-Object {
        "$server,$($_.GetType().InvokeMember("Name",'GetProperty',$null,$_,$null))"
    } | out-file $outfile -Append
    write-output "-------------------------------" | Out-File $outfile -Append
}

Open in new window

Here is another version with a little bit of error checking and exports to a CSV. Maybe more useful if you work with filters in Excel, etc.
$inputfile = "c:\servers.txt"
$outfile = "c:\results.csv"
$arrData = @()

Foreach ($server in @(Get-Content $inputfile))
{
    if ($server)
    {
        ([ADSI]"WinNT://$server/Administrators,group").PsBase.Invoke("Members") | `
        Foreach-Object {
            $objData = New-Object PSObject
            $objData | Add-Member -MemberType NoteProperty -Name "Device" -Value $server
            $objData | Add-Member -MemberType NoteProperty -Name "User" -Value $_.GetType().InvokeMember("Name",'GetProperty',$null,$_,$null)
            $arrData += $objData
        }
    }
    
    trap
    {
        "$($server): ERROR"
        Continue
    }
}

$arrData | Export-Csv -NoTypeInformation $outfile

Open in new window

0
 
soostibiCommented:
Hope that is perfect.

$servers = get-content c:\serverlist.txt
$localadminssid = "1 2 0 0 0 0 0 5 32 0 0 0 32 2 0 0"

function getlocaladmingroup ($separator = "----------------")
{
begin {
    $currentmachine = $null
}
process{
    $machine = $_
    if($separator -and $currentmachine -and $currentmachine -ne $machine){
        New-Object -TypeName psobject -Property @{server = $separator; member = $separator}
    }
    $currentmachine = $machine
    $pl = [ADSI]"WinNT://$machine,computer"
    $group = $pl.children |where{$_.schemaclassname -eq "group" -and $_.objectsid.tostring() -eq $localadminssid}
    $g = $group.name[0]
    $m = $group.members() | %{
            $_.GetType().InvokeMember("ADSPath", 'GetProperty', $null, $_, $null)
        }
    
    $m | Select-Object -Property @{n="domain"; e={($_ -split "/+")[-2]}}, 
            @{n="user"; e={($_ -split "/+")[-1]}} | %{"$($_.domain)/$($_.user)"} | %{
        New-Object -TypeName psobject -Property @{server = $machine; member = $_}
    }
}    
}

$servers | getlocaladmingroup | export-Csv c:\localadmins.csv -NoTypeInformation

Open in new window

0
 
cawasakiAuthor Commented:
ok good.

in the second script, its possible to take blank line like this:

server1,membera
server1,memberb

server2,membera
server2,memberb
0
 
soostibiCommented:
My solution works even on non-English windows, where the local admin group have different name.
0
 
cawasakiAuthor Commented:
yes soostibi, your solution is the best for now, and your script export the account in the good format:

domain\account
or
computer\account

:)
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

Join & Write a Comment

Featured Post

NEW Internet Security Report Now Available!

WatchGuard’s Threat Lab is a group of dedicated threat researchers committed to helping you stay ahead of the bad guys by providing in-depth analysis of the top security threats to your network.  Check out this quarters report on the threats that shook the industry in Q4 2017.

  • 6
  • 3
  • 2
  • +1
Tackle projects and never again get stuck behind a technical roadblock.
Join Now